Ransomware
VanHelsing ransomware RaaS targets multiple platforms
Von KI berichtet Bild generiert von KI
A new ransomware-as-a-service operation called VanHelsing emerged on March 7, 2025, quickly claiming at least three victims. It supports attacks on Windows, Linux, BSD, ARM, and ESXi systems, with affiliates retaining 80% of ransoms after a $5,000 deposit. The group prohibits targeting entities in the Commonwealth of Independent States.
A ransomware attack hit the Canvas learning platform on Thursday, forcing schools and colleges across the US to postpone or reschedule final exams. The disruption came just as students prepared for year-end testing.
Von KI berichtet
As the April 14 ransom deadline approaches, ShinyHunters has reiterated threats to release breached Rockstar Games data obtained via third-party Anodot, following the studio's confirmation of limited non-material access with no player impact. This updates coverage of the initial breach claim reported earlier this week.
The ransomware group RansomHouse has claimed responsibility for a cyber attack on Fulgar, a major fabric supplier to brands like H&M and Adidas. Confidential files exposing the company's finances, client lists, and global operations have appeared online. The breach highlights ongoing risks in the supply chain for fashion giants.
Von KI berichtet
Cisco Talos researchers have identified Kraken, a Russian-speaking ransomware group that emerged in early 2025 from the HelloKitty cartel, conducting big-game-hunting and double-extortion attacks. The group now targets enterprise environments with cross-platform encryptors for Windows, Linux, and VMware ESXi systems. Attacks observed in August 2025 exploited SMB vulnerabilities for initial access.
Security experts have raised alarms about vulnerabilities in VPN software from Cisco, Citrix, and SonicWall, linking them to increased ransomware threats. Users of these tools face heightened risks of infection, according to a recent analysis. The warning highlights ongoing concerns in enterprise cybersecurity.
Von KI berichtet
Cybersecurity researchers have uncovered a tactic by the Qilin ransomware group that exploits Microsoft's Windows Subsystem for Linux (WSL) to execute Linux-based encryption tools on Windows machines. This method allows attackers to bypass many endpoint detection and response (EDR) systems by operating in a Linux sandbox environment that traditional tools often overlook. The technique highlights the growing sophistication of ransomware operations blending operating systems.
Experts claim ransomware attacks increasingly target firewalls
Dienstag, 20. Januar 2026, 09:23 UhrRansomware gang NightSpire claims Hyatt data breach
Mittwoch, 31. Dezember 2025, 02:53 UhrUS cybersecurity professionals plead guilty to blackcat ransomware attacks
Samstag, 13. Dezember 2025, 18:43 UhrCyberVolk's VolkLocker hampered by plaintext master key flaw
Freitag, 12. Dezember 2025, 11:54 UhrCyberVolk launches VolkLocker ransomware targeting Linux and Windows
Samstag, 08. November 2025, 01:01 UhrMalicious AI extension with ransomware sneaks onto VS Code marketplace
Montag, 03. November 2025, 14:24 UhrCISA alerts on Linux kernel flaw exploited by ransomware
Sonntag, 02. November 2025, 21:17 UhrCISA warns of ransomware exploiting Linux kernel vulnerability
Samstag, 01. November 2025, 03:51 UhrCISA warns of exploited Linux kernel vulnerability in ransomware attacks
Freitag, 31. Oktober 2025, 06:47 UhrCISA confirms Linux kernel flaw exploited in ransomware attacks