Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

A Russian national pleaded guilty to a wire fraud conspiracy charge related to his role in administering the Phobos ransomware operation, which breached hundreds of victims worldwide.

A newly identified remote access trojan (RAT) dubbed Steaelite is streamlining cyberattacks by bringing data theft and ...

Picus Labs has released a report that ranks MITRE ATT&CK techniques. According to the report, ransomware encryption is on the decline. Moving up the ranks is a malware that plays dead until it's ripe ...

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in exploits, defenders might have hoped use of this tactic would decline. They were ...

The operators of DragonForce, a ransomware-as-a-service outfit that first surfaced in 2023, appear to be drawing heavily from the organized crime playbook, creating a cartel and attempting to bring ...

The tried-and-tested “business models” favoured by some of the world’s most adept, and dangerous, ransomware gangs are scaling rapidly as cyber criminals increasingly adopt structured affiliate models ...

Ransomware gangs claimed a deluge of victims during the final quarter of 2025, despite a decline in the number of active ransomware groups, analysis by cybersecurity researchers at ReliaQuest has ...

A key-handling defect in the ransomware can permanently lock files by discarding private encryption keys, leaving affected organizations unable to recover data even if a ransom is paid. A newly ...

Winona County said a ransomware attack recently hit its computer network. The press release didn’t specify exactly when the incident happened, simply that officials identified and responded to a ...

Cybercriminals are happy to target almost any industry where data can be stolen. In many cases, less prepared and less security-focused companies are simply easier targets. A recent ransomware attack ...

Thembekile Olivia Mayayise does not work for, consult, own shares in or receive funding from any company or organization that would benefit from this article, and has disclosed no relevant ...