Brokk purportedly hacked by Play ransomware, data leaked
Brokk, a leading Swedish global remote-controlled demolition machinery manufacturer, had a 4 GB dataset allegedly stolen from its systems exposed by the Russ...
Play
Ransomware
Ransomware exploiting Exchange vulnerabilities and Fortinet flaws, targeting municipalities, legal firms, and manufacturing.
Also known as: play ransomware, playcrypt, play malware
AI Intelligence Brief
Related YARA Rules View all on YARA Rules page →
90-Day Activity
All Articles (23)
Last 90 Days
All Time
New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images
Cybersecurity researchers have discovered a new version of the SparkCat malware on the Apple App Store and Google Play Store, more than a year after the troj...
NoVoice Android malware steals WhatsApp data via Google Play apps
The NoVoice operation, identified by McAfee, concealed malicious components within the com.facebook.
NoVoice on Google Play Exploits 22 Flaws to Hit Millions of Android Users
NoVoice is a new Android rootkit campaign that hid in more than 50 apps on Google Play, exploiting 22 vulnerabilities to hijack millions of older and unpatch...
'NoVoice' Android malware on Google Play infected 2.3 million devices
A new Android malware named NoVoice was found on Google Play, hidden in more than 50 apps that were downloaded at least 2.3 million times.
European Commission downplays ShinyHunters cyberattack impact
In a statement issued Friday, the Commission said it had detected an incident affecting the Europa.eu web portal, the European Union’s central online platfor...
Exposed Server Leaks TheGentlemen Ransomware Toolkit, Credentials, and Ngrok Tokens
A fully operational TheGentlemen ransomware toolkit on an exposed server, revealing victim credentials, ngrok tokens, and a complete pre-encryption playbook....
Anti-piracy coalition takes down AnimePlay app with 5 million users
The Alliance for Creativity and Entertainment (ACE) announced the shutdown of AnimePlay, a major anime streaming platform with over 5 million users. [.
Security for the Quantum Era: Implementing Post-Quantum Cryptography in Android
Posted by Eric Lynch, Product Manager, Android and Dom Elliot, Group Product Manager, Google Play Modern digital security is at a turning point. We are on th...
Security Automation with Elastic Workflows: From Alert to Response
A practical guide to building intelligent, automated security playbooks with Elastic Workflows.
Playnance Introduces Participation-First Model for Social Gaming with New Protocol Launch
Playnance launches social gaming protocol powered by GCOIN, enabling user participation in ecosystem value, transparency, and shared digital growth.
Iran’s Cyber Playbook in the Escalating Regional Conflict
Following our recent published advisories, this publication is intended to outline a summary of the cyber activities associated with the tension. Based on th...
BeatBanker: A dual‑mode Android Trojan
Kaspersky researchers identified a new Android Trojan dubbed BeatBanker targeting Brazil, posing as government apps and Google Play Store, and capable of bot...
Interplay between Iranian Targeting of IP Cameras and Physical Warfare in the Middle East
Key Findings Introduction As highlighted in the Cyber Security Report 2026, cyber operations have increasingly become an additional tool in interstate confli...
2025: The Untold Stories of Check Point Research
Introduction Check Point Research (CPR) continuously tracks threats, following the clues that lead to major players and incidents in the threat landscape. Wh...
Keeping Google Play & Android app ecosystems safe in 2025
Posted by Vijaya Kaza, VP and GM, App & Ecosystem Trust Upgrading Google Play’s AI-powered, multi-layered user protections we prevented over 1.75 million pol...
Divide and conquer: how the new Keenadu backdoor exposed links between major Android botnets
Kaspersky experts have uncovered Keenadu, a sophisticated new backdoor targeting tablet firmware as well as system-level and Google Play apps. They also reve...
Please Don’t Feed the Scattered Lapsus ShinyHunters
A prolific data ransom gang that calls itself Scattered Lapsus ShinyHunters (SLSH) has a distinctive playbook when it seeks to extort payment from victim fir...
Android expands pilot for in-call scam protection for financial apps
Posted by Aden Haussmann, Associate Product Manager and Sumeet Sharma, Play Partnerships Trust & Safety Lead Android uses the best of Google AI and our advan...
MuddyWater: Snakes by the riverbank
MuddyWater targets critical infrastructure in Israel and Egypt, relying on custom malware, improved tactics, and a predictable playbook