Ransomware

Ransomware negotiator who betrayed clients sentenced to 70 months in prison

Ransomware negotiator who betrayed clients sentenced to 70 months in prison 2026-07-13 at 15:22 By Sinisa Markovic A former ransomware negotiator at incident response firm DigitalMint has been sentenced to 70 months in prison after admitting he shared confidential client information with the BlackCat ransomware group and later helped carry out ransomware attacks. Prosecutors say […]

Ransomware negotiator who betrayed clients sentenced to 70 months in prison Read More »

Third US Security Expert Sentenced to Prison for Helping Ransomware Gang

Third US Security Expert Sentenced to Prison for Helping Ransomware Gang 2026-07-10 at 15:58 By Eduard Kovacs Angelo Martino, a former ransomware negotiator, was sentenced to 70 months for helping the BlackCat/Alphv group. The post Third US Security Expert Sentenced to Prison for Helping Ransomware Gang appeared first on SecurityWeek. This article is an excerpt

Third US Security Expert Sentenced to Prison for Helping Ransomware Gang Read More »

Thousands of malicious AI skills found capable of stealing data, running malware

Thousands of malicious AI skills found capable of stealing data, running malware 2026-07-08 at 12:00 By Anamarija Pogorelec AI agents can browse the web, use external tools, execute commands, and perform tasks on behalf of users. Many rely on skills that define how they interact with services and data. Malicious skills can abuse those capabilities

Thousands of malicious AI skills found capable of stealing data, running malware Read More »

County Government Reportedly Paid $1 Million to Cyber Extortion Group

County Government Reportedly Paid $1 Million to Cyber Extortion Group 2026-07-07 at 20:31 By Ionut Arghire The alleged victim, believed to be a small Ohio county, reportedly paid the extortion group to prevent the public release of sensitive stolen data. The post County Government Reportedly Paid $1 Million to Cyber Extortion Group appeared first on

County Government Reportedly Paid $1 Million to Cyber Extortion Group Read More »

Agentic AI Used to Conduct Ransomware Attack via Langflow

Agentic AI Used to Conduct Ransomware Attack via Langflow 2026-07-03 at 14:00 By Ionut Arghire Attack demonstrates how LLM agents can combine known exploitation techniques with real-time reasoning to automate complex, multi-stage intrusions. The post Agentic AI Used to Conduct Ransomware Attack via Langflow appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Agentic AI Used to Conduct Ransomware Attack via Langflow Read More »

Alleged Scattered Spider Hacker Extradited to US

Alleged Scattered Spider Hacker Extradited to US 2026-07-03 at 12:30 By Ionut Arghire Prosecutors say 19-year-old Peter Stokes was a member of Scattered Spider, the hacking group linked to more than 100 network intrusions and over $100 million in ransom payments. The post Alleged Scattered Spider Hacker Extradited to US appeared first on SecurityWeek. This

Alleged Scattered Spider Hacker Extradited to US Read More »

Scattered Spider suspect extradited over $8 million ransom scheme

Scattered Spider suspect extradited over $8 million ransom scheme 2026-07-02 at 16:43 By Anamarija Pogorelec A suspected Scattered Spider member has been extradited to the United States to face charges linked to cyberattacks against U.S. companies, including the breach of a luxury jewelry retailer that led to an $8 million cryptocurrency ransom demand after attackers

Scattered Spider suspect extradited over $8 million ransom scheme Read More »

Catching ransomware on the wire before it locks the file server

Catching ransomware on the wire before it locks the file server 2026-07-02 at 08:00 By Sinisa Markovic Corporate networks keep sensitive files off individual workstations and store them on shared servers that staff reach through mapped network drives. That arrangement hands ransomware operators a target worth chasing. A single compromised laptop can begin encrypting files

Catching ransomware on the wire before it locks the file server Read More »

BlueHammer Vulnerability Exploited in Ransomware Attacks

BlueHammer Vulnerability Exploited in Ransomware Attacks 2026-06-30 at 16:56 By Eduard Kovacs The Microsoft Defender vulnerability CVE-2026-33825 was exploited in the wild as a zero-day before patches were released. The post BlueHammer Vulnerability Exploited in Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

BlueHammer Vulnerability Exploited in Ransomware Attacks Read More »

More Klue Breach Victims Identified as Hackers Get Hacked

More Klue Breach Victims Identified as Hackers Get Hacked 2026-06-26 at 18:01 By Ionut Arghire Roughly two dozen companies have notified their customers of the Klue-Salesforce incident impact. The post More Klue Breach Victims Identified as Hackers Get Hacked appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

More Klue Breach Victims Identified as Hackers Get Hacked Read More »

Ransomware gangs find Europe’s weakest link in third-party suppliers

Ransomware gangs find Europe’s weakest link in third-party suppliers 2026-06-26 at 12:49 By Anamarija Pogorelec Ransomware attacks against European organizations increased during the first months of 2026, with third-party suppliers becoming a major entry point for attackers. Black Kite examined 2,066 ransomware incidents across 31 countries between January 2025 and April 2026 in its 2026

Ransomware gangs find Europe’s weakest link in third-party suppliers Read More »

Stealthy new backdoor surfaces in attacks on multiple sectors

Stealthy new backdoor surfaces in attacks on multiple sectors 2026-06-25 at 17:07 By Sinisa Markovic A relatively new backdoor called Mistic has been deployed in multiple attacks since April 2026 targeting organizations in the insurance, education, IT, and professional services sectors, according to Symantec. The malware appears to be associated with Woodgnat, also known as

Stealthy new backdoor surfaces in attacks on multiple sectors Read More »

GentleKiller targets more than 400 security processes across 48 products

GentleKiller targets more than 400 security processes across 48 products 2026-06-18 at 12:00 By Anamarija Pogorelec Most ransomware operations leave the work of disabling endpoint security software to their affiliates. The ransomware-as-a-service gang Gentlemen runs a different model. Its operators develop and maintain a set of tools for shutting down endpoint detection and response (EDR)

GentleKiller targets more than 400 security processes across 48 products Read More »

Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack

Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack 2026-06-17 at 13:38 By Ionut Arghire The attackers deployed a new Go-based backdoor that uses Microsoft Teams servers for command-and-control. The post Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack Read More »

Cybercriminals mask malicious communications through Microsoft Teams relays

Cybercriminals mask malicious communications through Microsoft Teams relays 2026-06-16 at 17:22 By Sinisa Markovic The DragonForce ransomware group used a custom malware called Backdoor.Turn to hide command-and-control traffic inside Microsoft Teams relay infrastructure during an intrusion at a U.S. services company, according to Symantec. DragonForce is a ransomware-as-a-service operation that has been active since 2023.

Cybercriminals mask malicious communications through Microsoft Teams relays Read More »

Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sugar Producer

Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sugar Producer 2026-06-15 at 18:15 By Eduard Kovacs Mackay Sugar was targeted in a cyberattack carried out by a threat group known as The Gentlemen. The post Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sugar Producer appeared first on SecurityWeek. This article is an excerpt from

Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sugar Producer Read More »

Ukrainian Man Pleads Guilty in US to Conti Ransomware Charges

Ukrainian Man Pleads Guilty in US to Conti Ransomware Charges 2026-06-15 at 14:33 By Ionut Arghire Oleksii Oleksiyovych Lytvynenko admitted to working on the development of a loader for the Conti gang. The post Ukrainian Man Pleads Guilty in US to Conti Ransomware Charges appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Ukrainian Man Pleads Guilty in US to Conti Ransomware Charges Read More »

Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacks

Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacks 2026-06-09 at 13:39 By Ionut Arghire The authentication bypass vulnerability allows attackers to establish VPN connections without a valid password. The post Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacks Read More »

Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751)

Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751) 2026-06-08 at 16:16 By Zeljka Zorz A Qilin ransomware affiliate is believed to be exploiting CVE-2026-50751, an authentication bypass vulnerability in Check Point VPN Remote Access and Mobile Access, the company announced on Monday. About CVE-2026-50751 Check Point Remote Access VPN enables and secures connections between

Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751) Read More »

Scroll to Top