Scattered Spider suspect extradited over $8 million ransom scheme
A suspected Scattered Spider member has been extradited to the United States to face charges linked to cyberattacks against U.S.
A suspected Scattered Spider member has been extradited to the United States to face charges linked to cyberattacks against U.S.
Researchers say credentials harvested from hundreds of thousands of FortiGate firewalls are being used to facilitate ransomware attacks by the INC and Lynx o...
Bitdefender researchers warned of curious ransomware campaign which has targeted businesses around the world
The campaign targets small businesses with fearmongering emails.
FortiBleed exposed 430,000 FortiGate firewalls, linked to INC Ransom and Lynx, enabling domain compromise and at least 12 ransomware attacks. SOCRadar’s Thre...
A new Sysdig report traces how an LLM agent abused a Langflow flaw, stole credentials, reached production MySQL, and destroyed Nacos config data in minutes f...
Security firm Sysdig says it has found what it believes is the first ransomware attack run from start to finish by an AI agent. Its Threat Research Team call...
The recently discovered financially-motivated FortiBleed campaign has been attributed to INC and Lynx ransomware operations, indicating that the verified, st...
The first instance of agentic ransomware: JADEPUFFER, an LLM-driven extortion operation that automated an end-to-end database-crippling campaign.
A novel, practical ransomware technique that runs entirely inside the browser by abusing the File System Access API, demonstrating how AI can turn high-level...
A direct operational link between the large-scale FortiBleed credential-harvesting campaign and two active ransomware-as-a-service (RaaS) groups: INC Ransom ...
Corporate networks keep sensitive files off individual workstations and store them on shared servers that staff reach through mapped network drives. That arr...
The controversy surfaced when former Huntress analyst Ben Folland alleged that a current employee disclosed law enforcement inquiries to Devman, a ransomware...
The massive FortiBleed credential theft campaign has been linked to the INC and Lynx ransomware operations, suggesting the stolen Fortinet credentials were i...
Ransomware-proof backup planning helps IT teams protect clean data copies, isolate storage, test recovery, and keep operations running after cyber attacks fast.
Fake Interpol investigation emails are targeting small businesses with Proton Drive links that deliver ransomware, encrypt files, and route victims to Tox chat.
Cybersecurity researchers have flagged a new malware artifact generated using DeepSeek that constructed a novel attack path combining "unrealistic browser-ma...
CISA confirms BlueHammer (CVE-2026-33825) is now used in ransomware attacks to gain SYSTEM privileges through Microsoft Defender. BlueHammer, tracked as CVE-...
The Gentlemen ransomware group has emerged in 2026 as a highly adaptive and technically sophisticated ransomware-as-a-service (RaaS) operation targeting larg...
Research by: Alexey Bukhteyev Key Takeaways Introduction Over the past several years, large language models have reshaped software development, and malware d...