Infosec exec sold eight zero-day exploit kits to Russia, says DoJ

PLUS: Fake ransomware group exposed; EC blesses Google's big Wiz deal; Alleged sewage hacker cuffed; And more Infosec in ...
Forbes

Play Ransomware Zero-Day Attacks — What You Need To Know

A joint investigation by the Microsoft Threat Intelligence Center and Microsoft Security Response Center found that a zero-day vulnerability in the Windows Common Log File System had been exploited by ...
SecurityWeek

Ransomware Groups May Pivot Back to Encryption as Data Theft Tactics Falter

Ransomware groups are back at encrypting victim data for extortion, in addition to exfiltrating it, increasing chances of ...
Bleeping Computer

Cybercriminals exploit AI hype to spread ransomware, malware

Threat actors linked to lesser-known ransomware and malware projects now use AI tools as lures to infect unsuspecting victims with malicious payloads. This development follows a trend that has been ...
Homeland Security Today

Exploit Kits: The Silent Web Threat Affecting Billions

When we talk to people whose computers have been infected, they often ask how it happened. In a growing number of cases, they have been doing nothing more than reading a news website or browsing for ...

Ransomware Groups Claimed 2,000 Attacks in Just Three Months

Ransomware attacks surged 52% in 2025, with supply chain breaches nearly doubling as groups like Qilin drive record monthly ...
Hosted on MSN

Akira Ransomware Targets SonicWall VPNs with Zero-Day Exploit

In a rapidly evolving cybersecurity landscape, the proliferation of ransomware continues to pose significant challenges to organizations worldwide. Recently, a new strain known as Akira Ransomware has ...
Bleeping Computer

Microsoft: SharePoint flaws exploited in Warlock ransomware attacks

A China-based hacking group is deploying Warlock ransomware on Microsoft SharePoint servers vulnerable to widespread attacks targeting the recently patched ToolShell zero-day exploit chain. Non-profit ...
SDxCentral

Rackspace: ransomware incident was caused by ‘zero-day’ exploit, Hosted Exchange service will not be coming back

Rackspace has said its major security incident with its Hosted Exchange service was caused by a ‘zero-day’ exploit, and while the company continues to recover customer data it will not be bringing ...
Dark Reading

Medusa Ransomware Actors Exploit Critical Fortra GoAnywhere Flaw

Threat actors armed with Medusa ransomware are actively exploiting a maximum-severity security vulnerability in Fortra's GoAnywhere managed file transfer (MFT) product, sparking more questions about ...
CSO Online

Windows shortcut weaponized in Phorpiex-linked ransomware campaign

Researchers revealed a Phorpiex-distributed phishing campaign using malicious LNK files to deploy Global Group ransomware ...
SDxCentral

Ransomware Gangs Exploit VMware Log4Shell Vulnerability

“Our investigation shows that successful intrusions in these campaigns led to the deployment of the Night Sky ransomware,” Microsoft noted. Identified earlier this month by Twitter group ...