#ransomware-as-a-service
#ransomware-as-a-service

Information security

CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads

fromnews.bitcoin.com

Cryptocurrency

Treasury Launches Cybersecurity Initiative Expanding Threat Intelligence Access for Digital Asset Firms

Information security

'Several dozen' orgs targeted by a new extortion crew

First they went after medtech, then Kash Patel. Iranian hackers' next target is likely 'low-hanging fruit' in water, energy, and tourism, experts say | Fortune

Iran-linked hackers are targeting high-profile figures and critical infrastructure in the U.S. and Israel to sow disruption.

In Other News: Cyberattack Stings Stryker, Windows Zero-Day, China Supercomputer Hack

Cybersecurity developments include discussions on AI risks, new malware targeting crypto wallets, and collaboration among Japanese corporations to enhance security.

Privacy technologies

fromYahoo Tech

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Russian spies exploited consumer routers to steal Microsoft 365 credentials from thousands of users, turning home devices into espionage tools.

CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads

CPUID was compromised to distribute malicious executables and deploy STX RAT for less than 24 hours.

Cryptocurrency

fromnews.bitcoin.com

Treasury Launches Cybersecurity Initiative Expanding Threat Intelligence Access for Digital Asset Firms

U.S. Treasury expands cybersecurity coordination with digital asset firms to enhance protections and integrate with traditional finance.

'Several dozen' orgs targeted by a new extortion crew

A new extortion crew, UNC6783, targets high-value corporations using phishing and social engineering tactics to steal sensitive data.

First they went after medtech, then Kash Patel. Iranian hackers' next target is likely 'low-hanging fruit' in water, energy, and tourism, experts say | Fortune

Iran-linked hackers are targeting high-profile figures and critical infrastructure in the U.S. and Israel to sow disruption.

In Other News: Cyberattack Stings Stryker, Windows Zero-Day, China Supercomputer Hack

Cybersecurity developments include discussions on AI risks, new malware targeting crypto wallets, and collaboration among Japanese corporations to enhance security.

more#cybersecurity

fromwww.businessinsider.com

9 hours ago

Suspect in Molotov attack on Sam Altman's home linked to AI Discord server

A 20-year-old suspect was arrested for a Molotov cocktail attack on Sam Altman's home, linked to a Discord server critical of AI development.

#ai

fromFast Company

Artificial intelligence

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

Claude Mythos AI model may enhance cybersecurity defenses but also poses risks for hackers due to its ability to identify vulnerabilities and create exploits.

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

Anthropic's Mythos AI model is too dangerous to release widely due to its ability to exploit software vulnerabilities.

Artificial intelligence

fromFast Company

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

Claude Mythos AI model may enhance cybersecurity defenses but also poses risks for hackers due to its ability to identify vulnerabilities and create exploits.

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

Anthropic's Mythos AI model is too dangerous to release widely due to its ability to exploit software vulnerabilities.

AI Expansion, Security Crises, and Workforce Upheaval Define This Week in Tech - TechRepublic

The tech industry faces rapid innovation alongside significant instability, highlighted by AI advancements and economic proposals amid ongoing layoffs.

Healthcare

Massachusetts Hospital Diverts Ambulances as Cyberattack Causes Disruption

Signature Healthcare in Brockton diverted ambulances due to a cyberattack, impacting services but not surgeries or procedures.

fromGadgets 360

45 minutes ago

Rockstar Games Suffers Data Breach Again as Hackers Threaten With Leak

Rockstar Games confirmed a data breach by hackers threatening to leak information unless a ransom is paid.

Privacy technologies

fromwww.theguardian.com

Your photos will be deleted': Apple users warned over nasty' iCloud storage scam

Scam emails impersonating Apple threaten users about full iCloud storage to steal personal and bank details.

fromTechCrunch

Hack-for-hire group caught targeting Android devices and iCloud backups | TechCrunch

A hack-for-hire group is targeting journalists and officials in the Middle East and North Africa using phishing and spyware tactics.

Cryptocurrency

$3.6 Million Stolen in Bitcoin Depot Hack

Bitcoin Depot reported a theft of approximately $3.6 million in bitcoin due to a cyber intrusion into its IT systems.

Ransomware knocks Dutch healthcare software vendor offline

A ransomware attack has taken down Dutch healthcare software vendor ChipSoft, affecting its services to hospitals across the country.

Ransomware Response: How Businesses Regain Control Under Pressure

Ransomware attacks create urgent pressure, forcing quick decisions and impacting operations, legal obligations, and overall enterprise strategy.

Medusa Ransomware Fast to Exploit Vulnerabilities, Breached Systems

Medusa ransomware group rapidly exploits vulnerabilities, impacting critical sectors and employing double extortion tactics since June 2021.

Information security

German Police Unmask REvil Ransomware Leader

US Prisons Russian Access Broker for Aiding Ransomware Attacks

Aleksei Volkov was sentenced to 81 months in prison for his role in ransomware attacks causing over $9 million in losses.

Information security

Ransomware Groups May Pivot Back to Encryption as Data Theft Tactics Falter

Healthcare

Ransomware knocks Dutch healthcare software vendor offline

A ransomware attack has taken down Dutch healthcare software vendor ChipSoft, affecting its services to hospitals across the country.

Ransomware Response: How Businesses Regain Control Under Pressure

Ransomware attacks create urgent pressure, forcing quick decisions and impacting operations, legal obligations, and overall enterprise strategy.

Medusa Ransomware Fast to Exploit Vulnerabilities, Breached Systems

Medusa ransomware group rapidly exploits vulnerabilities, impacting critical sectors and employing double extortion tactics since June 2021.

Information security

German Police Unmask REvil Ransomware Leader

US Prisons Russian Access Broker for Aiding Ransomware Attacks

Aleksei Volkov was sentenced to 81 months in prison for his role in ransomware attacks causing over $9 million in losses.

Information security

Ransomware Groups May Pivot Back to Encryption as Data Theft Tactics Falter

more#ransomware

#supply-chain-attacks

Two different attackers poisoned popular open source tools

Two major supply chain attacks in March compromised open source tools, stealing data from numerous organizations.

Information security

Supply chain breaches fuel cybercrime cycle, report says

Two different attackers poisoned popular open source tools

Two major supply chain attacks in March compromised open source tools, stealing data from numerous organizations.

more#supply-chain-attacks

Information security

Supply chain breaches fuel cybercrime cycle, report says

The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security

Visibility through security measures can deter undesirable behavior and enhance safety in challenging situations.

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

A new variant of the Phorpiex botnet combines traditional and peer-to-peer communication, facilitating sophisticated malware operations and high-volume spam.

Android trojan linked to Cambodia following anomalous DNS spike

A banking Trojan operating from Cambodia registers 35 new domains monthly, targeting users in 21 countries and exploiting fake apps for fraud.

from24/7 Wall St.

The "SaaS-Pocalypse" Continues: Cloudflare, ServiceNow, CrowdStrike Under Fire as Anthropic Rewrites the Rules

The release of Anthropic's AI security product has significantly impacted investor confidence in enterprise software companies, leading to sharp stock declines.

MITRE Releases Fight Fraud Framework

"These incidents involve the intentional use of deceptive or illegal practices to fraudulently obtain money, assets, or information from individuals or institutions, and include actions carried out over cyber channels."

Information security

Critical Marimo Flaw Exploited Hours After Public Disclosure

A critical vulnerability in Marimo was exploited within hours of its public disclosure, allowing unauthenticated remote code execution.

Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure

A critical vulnerability in Marimo allows unauthenticated remote code execution, exploited within hours of disclosure, affecting all versions prior to 0.20.4.

Critical Marimo Flaw Exploited Hours After Public Disclosure

A critical vulnerability in Marimo was exploited within hours of its public disclosure, allowing unauthenticated remote code execution.

Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure

A critical vulnerability in Marimo allows unauthenticated remote code execution, exploited within hours of disclosure, affecting all versions prior to 0.20.4.

more#marimo

The New Battleground of Cybersecurity

I've always had what I would consider a hacker mindset, a curiosity to take things apart, understand them, and use that knowledge to solve problems. That mindset took me on a circuitous route into the cybersecurity industry; after being kicked out of high school for hacking computer systems, I worked a range of jobs, managing office supply companies by day and cracking Wi-Fi networks by night until I started a Digital Forensics degree which led me to the world of security research.

Science

The Hidden Cost of Recurring Credential Incidents

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.

The New Rules of Engagement: Matching Agentic Attack Speed

AI-enabled cyberattacks are currently occurring, with significant impacts on organizations and a widening gap between attackers and defenders.

#cybercrime

Information security

FBI: Cybercrime Losses Neared $21 Billion in 2025

Information security

FBI says cybercrime losses hit record $20.87B in 2025

fromThe Cipher Brief

Information security

New Presidential Executive Order Targets Transnational Cybercrime

Transnational cybercrime is escalating, with significant financial losses and a need for enhanced national security measures.

Venom Stealer Raises Stakes With Continuous Credential Harvesting

Stolen credentials via infostealers like Venom Stealer are central to modern cybercrime.

FBI: Cybercrime Losses Neared $21 Billion in 2025

Cyber-enabled crime losses increased by 26% in 2025, nearing $21 billion, with investment fraud being the most significant contributor.

FBI says cybercrime losses hit record $20.87B in 2025

Cybercrime losses reached a record $20.87 billion in 2025, with AI significantly enhancing the profitability of scams.

fromThe Cipher Brief

New Presidential Executive Order Targets Transnational Cybercrime

Transnational cybercrime is escalating, with significant financial losses and a need for enhanced national security measures.

Venom Stealer Raises Stakes With Continuous Credential Harvesting

Stolen credentials via infostealers like Venom Stealer are central to modern cybercrime.

New Chaos Variant Targets Misconfigured Cloud Deployments, Adds SOCKS Proxy

Chaos malware targets misconfigured cloud deployments, expanding its reach beyond routers and edge devices.

fromTechRepublic

Why Operationalizing AI Security Is the Next Great Enterprise Hurdle

Security operations lag behind rapid tech advancements, leading to inefficiencies and risks in managing numerous security tools.

Hundreds compromised daily in Microsoft device code phishes

A Microsoft device-code phishing campaign is compromising hundreds of organizations daily, utilizing AI and automation to steal financial data.

Information security

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

A phishing campaign targets French-speaking corporations with fake resumes, deploying malware for credential theft and cryptocurrency mining.

Hundreds compromised daily in Microsoft device code phishes

A Microsoft device-code phishing campaign is compromising hundreds of organizations daily, utilizing AI and automation to steal financial data.

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

A phishing campaign targets French-speaking corporations with fake resumes, deploying malware for credential theft and cryptocurrency mining.

Critical Flowise Vulnerability in Attacker Crosshairs

A critical vulnerability in Flowise allows remote code execution, posing severe security risks to systems and sensitive data.

N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust

Contagious Interview campaign targets Go, Rust, and PHP ecosystems with malicious packages that function as malware loaders.

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

A campaign targets ComfyUI instances for cryptocurrency mining and botnet enlistment through remote code execution exploits.

6 days ago

Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps

Multi-OS attacks complicate SOC operations, leading to delays, fragmented evidence, and increased escalation volume, ultimately allowing attackers more time to operate.

fromTechCrunch

Russian government hackers broke into thousands of home routers to steal passwords | TechCrunch

Russian hackers hijacked thousands of routers globally to redirect internet traffic and steal passwords and access tokens.

Mobile Attack Surface Expands as Enterprises Lose Control

Mobile device security is inadequate, with many organizations using critically outdated operating systems and exposing sensitive data to potential attacks.

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

Operation REF1695 uses fake installers to deploy RATs and cryptocurrency miners, monetizing infections through CPA fraud since November 2023.

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

Stolen credentials significantly enhance ransomware attacks, enabling illegitimate access and operational disruption within networks.

3 weeks ago

Identity has become malleable for cyber attackers

Modern cyberattacks combine psychological manipulation, deepfakes, voice phishing, and stolen data to breach even well-defended organizations without exploiting software vulnerabilities.

3 weeks ago

Security Firm Executive Targeted in Sophisticated Phishing Attack

A C-level executive at Outpost24 was targeted by a sophisticated phishing attack using the Kratos phishing-as-a-service kit that exploited legitimate services like Cisco and Nylas to bypass security defenses.

#ransomware-attacks

fromBusiness Matters

Information security

More companies paying ransoms as AI-powered cyberattacks intensify

2025 was a new record year for ransomware

Ransomware attacks increased 50% to 7,900 incidents in 2025, with Qilin replacing LockBit as the leading group and industrial sector suffering the most damage.

fromBusiness Matters

Information security

More companies paying ransoms as AI-powered cyberattacks intensify

2025 was a new record year for ransomware

Ransomware attacks increased 50% to 7,900 incidents in 2025, with Qilin replacing LockBit as the leading group and industrial sector suffering the most damage.

more#ransomware-attacks

Ransomware payments cratered in 2025 - attacks did not

Despite the relative stability in total payments, ransomware attacks surged across multiple vectors in 2025, with eCrime.ch data showing a 50 percent YoY increase in claimed ransomware victims, marking the most active year on record.

Information security

Ransomware Without Encryption: Why Pure Exfiltration Attacks Are Surging

Attackers shifted from encryption to pure exfiltration, enabling stealthy data theft, prolonged dwell time, and double/triple extortion that bypasses traditional defenses.

Threat intelligence supply chain is full of weak links

China's ban on foreign security software threatens the global threat intelligence ecosystem by risking data fragmentation and weakening international cybersecurity collaboration.

Researchers hack malware gang via its own weak spot

An XSS flaw in StealC’s web panel allowed takeover of operator sessions, revealing millions of stolen cookies, passwords, and YouTube-based malware distribution.

BeyondTrust Vulnerability Exploited in Ransomware Attacks

Critical BeyondTrust vulnerability CVE-2026-1731 is being exploited in ransomware attacks, prompting a CISA KEV update and observed malicious activity across multiple sectors and countries.

fromDataBreaches.Net

Russian ransomware forum seized by U.S. law enforcement - DataBreaches.Net

U.S. authorities seized RAMP's clearnet and .onion sites, redirecting ramp4u[.io] to FBI seizure nameservers and disrupting a major Russian-language ransomware marketplace.

fromComputerworld

Global Group ransomware gang running new campaign using Windows shortcut files

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows' shortcut (.lnk) files in exploits, defenders might have hoped use of this tactic would decline. They were wrong. According to researchers at Forcepoint, a new high-volume phishing campaign spreading the Global Group ransomware has been detected that hopes to sucker employees into clicking on an attachment in an email with the subject line 'Your document.'

Information security

Why cyberattacks don't require advanced hacking

Poor cyber hygiene, weak identity security, overdue IT maintenance, and incomplete logging make organizations vulnerable to financially motivated attacks such as ransomware and email fraud.