ransomware Archives • Page 8 of 11 • Daily CyberSecurity

Ransomware or Espionage? Fog Ransomware Attack in Asia Raises Suspicion with Rare Toolset Fog Ransomware, Espionage

Ransomware or Espionage? Fog Ransomware Attack in Asia Raises Suspicion with Rare Toolset

Do Son June 14, 2025

In May 2025, a financial institution in Asia was targeted in a highly anomalous ransomware attack that...

Urgent CISA Alert: Ransomware Actors Exploiting SimpleHelp RMM Flaw (CVE-2024-57727) SimpleHelp RMM, Ransomware

Urgent CISA Alert: Ransomware Actors Exploiting SimpleHelp RMM Flaw (CVE-2024-57727)

Do Son June 13, 2025

The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with its federal partners, has issued a high-priority...

BlackSuit Affiliates Continue Social Engineering Attacks with Upgraded Java RAT and Cloud Abuse The credential harvesting window used by the Java RAT

The credential harvesting window used by the Java RAT

BlackSuit Affiliates Continue Social Engineering Attacks with Upgraded Java RAT and Cloud Abuse

Do Son June 12, 2025

Rapid7’s latest threat intelligence report shines a spotlight on the evolving tactics of threat actors formerly affiliated...

Haozi Returns: The Phishing-as-a-Service Platform Making Cybercrime Easy Haozi Phishing, PhaaS

Haozi Returns: The Phishing-as-a-Service Platform Making Cybercrime Easy

Do Son June 3, 2025

A new report from Netcraft has exposed the alarming return of Haozi, a Chinese-language Phishing-as-a-Service (PhaaS) platform...

Lyrix Ransomware: New Threat Emerges with Advanced Evasion Tactics Lyrix Ransomware, New Ransomware

Lyrix Ransomware: New Threat Emerges with Advanced Evasion Tactics

Do Son June 3, 2025

A new ransomware strain dubbed Lyrix has been discovered by CYFIRMA’s research team while monitoring underground cybercriminal...

Global Crackdown: DoJ Seizes Crypting Services in Major Cybercrime Bust Cybercrime, Domain Seizure

Global Crackdown: DoJ Seizes Crypting Services in Major Cybercrime Bust

Do Son June 2, 2025

The U.S. Department of Justice has announced the seizure of four domains and an associated server operated...

Warning: Fake AI Tools Spread CyberLock Ransomware and Numero Destructive Malware

Do Son May 30, 2025

As artificial intelligence continues to revolutionize industries, cybercriminals are exploiting the growing demand for AI-driven tools by...

Ransomware Attack: MSP’s RMM Tool Abused to Spread DragonForce DragonForce ransomware MSP RMM attack

Ransomware Attack: MSP’s RMM Tool Abused to Spread DragonForce

Do Son May 29, 2025

In a recent targeted cyberattack, a threat actor compromised the remote monitoring and management (RMM) infrastructure of...

Robbinhood Ransomware Operator Pleads Guilty to Targeting U.S. Cities Robbinhood ransomware Sina Gholinejad

Robbinhood Ransomware Operator Pleads Guilty to Targeting U.S. Cities

Do Son May 28, 2025

The U.S. Department of Justice announced a major breakthrough in an international cybercrime investigation as Sina Gholinejad,...

Qakbot Mastermind Indicted: Russian Architect of $50M Malware Empire Charged Qakbot mastermind, Rustam Rafailevich Gallyamov

Qakbot Mastermind Indicted: Russian Architect of $50M Malware Empire Charged

Do Son May 26, 2025

The U.S. Department of Justice (DOJ) has unsealed charges against Russian national Rustam Rafailevich Gallyamov, the alleged...

DanaBot Takedown: 16 Indicted for $50M Malware Operation DanaBot takedown, cybercrime charges

DanaBot Takedown: 16 Indicted for $50M Malware Operation

Do Son May 23, 2025

The U.S. Department of Justice has unsealed charges against 16 individuals allegedly behind the DanaBot malware operation,...

Operation Endgame: Global Takedown Disrupts Major Ransomware Malware Infrastructure Operation Endgame, ransomware takedown

Operation Endgame: Global Takedown Disrupts Major Ransomware Malware Infrastructure

Do Son May 23, 2025

Europol and Eurojust have dismantled the digital backbone of several major malware strains used in ransomware operations....

SAP NetWeaver RCE: Zero-Day Allows File Uploads, Qilin Ransomware Connection SAP RCE, CVE-2025-31324

SAP NetWeaver RCE: Zero-Day Allows File Uploads, Qilin Ransomware Connection

Do Son May 20, 2025

In a recent revelation, OP Innovate has uncovered early evidence of real-world exploitation of CVE-2025-31324 (CVSS 10),...

Trojanized KeePass Used to Deploy Cobalt Strike and Steal Credentials KeePass trojan Malvertising attack

Trojanized KeePass Used to Deploy Cobalt Strike and Steal Credentials

Do Son May 19, 2025

Recently, WithSecure’s Threat Intelligence team uncovered a sophisticated malware campaign where the open-source password manager KeePass was...

DOGE Big Balls Ransomware: New Tools and Tactics Uncovered DOGE Big Balls Ransomware Ransomware infection chain

DOGE Big Balls Ransomware: New Tools and Tactics Uncovered

Do Son May 9, 2025

Netskope Threat Labs has recently uncovered a multi-stage infection chain involving custom PowerShell scripts, open-source tools, exploitation...

Agenda Ransomware Evolves with NETXLOADER and SmokeLoader in Global Campaigns Agenda ransomware, NETXLOADER

Agenda Ransomware Evolves with NETXLOADER and SmokeLoader in Global Campaigns

Do Son May 8, 2025

Agenda ransomware, also known as Qilin, has returned. In a recent exposé by Trend Micro, researchers have...

Check Point VPN vulnerability exploited in the wild Check Point VPN exploit CVE-2026-50751 zero-day Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

Zero-Day CLFS Vulnerability (CVE-2025-29824) Exploited in Ransomware Attacks

Do Son May 7, 2025

Symantec’s Threat Hunter Team has uncovered a sophisticated attack involving a zero-day privilege escalation vulnerability in Microsoft’s...

Scattered Spider (UNC3944) Resurfaces with Ties to DragonForce and RansomHub in Retail Attacks UNC3944, Scattered Spider

Scattered Spider (UNC3944) Resurfaces with Ties to DragonForce and RansomHub in Retail Attacks

Do Son May 7, 2025

A new report from Mandiant, a Google Cloud company, sheds light on the renewed activity of UNC3944,...

Gunra Ransomware: New Threat Analysis Reveals Evasion Tactics Gunra Ransomware, ransomware analysis

Gunra Ransomware: New Threat Analysis Reveals Evasion Tactics

Do Son May 7, 2025

CYFIRMA has released an in-depth analysis of a newly emerging cyber threat: Gunra Ransomware. This report details...

DragonForce Ransomware Cartel Hits UK Retailers with Custom Payloads and Global Extortion Campaign DragonForce, Ransomware

DragonForce Ransomware Cartel Hits UK Retailers with Custom Payloads and Global Extortion Campaign

Do Son May 6, 2025

A disturbing evolution in the ransomware ecosystem has been exposed by cybersecurity firm SentinelOne, which has published...

Critical Alert 2 Active Exploits Detected Today