Ransomware
VanHelsing ransomware RaaS targets multiple platforms
Von KI berichtet Bild generiert von KI
A new ransomware-as-a-service operation called VanHelsing emerged on March 7, 2025, quickly claiming at least three victims. It supports attacks on Windows, Linux, BSD, ARM, and ESXi systems, with affiliates retaining 80% of ransoms after a $5,000 deposit. The group prohibits targeting entities in the Commonwealth of Independent States.
Security experts are warning that ransomware attacks are now more frequently targeting firewalls. They advise organizations to secure these critical network defenses promptly. The alert comes amid rising cyber threats.
Von KI berichtet
A ransomware group known as NightSpire has claimed responsibility for hacking into Hyatt's systems and stealing data. The group states it has obtained nearly 50GB of files from the hotel chain, which it plans to sell. This incident highlights ongoing cybersecurity threats to the hospitality sector.
A malicious extension generated by AI, featuring ransomware capabilities, has been discovered on Microsoft's official VS Code marketplace. The extension remained available briefly before detection. Developers are urged to exercise caution with marketplace downloads.
Von KI berichtet
The U.S. Cybersecurity and Infrastructure Security Agency has issued an urgent alert about a critical Linux kernel vulnerability, CVE-2024-1086, now being used by ransomware operators. This flaw allows local privilege escalation and was patched in January 2024. The warning highlights ongoing risks to enterprise systems despite available fixes.
The Gunra ransomware group, active since April 2025, targets both Windows and Linux systems worldwide through platform-specific malware variants. While the Windows version employs secure encryption, the Linux variant suffers from critical weaknesses that allow brute-force decryption. Organizations in regions like South Korea have reported infections, highlighting the group's expanding operations.
Von KI berichtet
Threat actor zeta88 is promoting a new ransomware-as-a-service operation called The Gentlemen's RaaS on hacking forums, targeting Windows, Linux, and ESXi systems. The platform offers affiliates 90 percent of ransom payments and features cross-platform encryption tools developed in Go and C. This development highlights the ongoing commercialization of sophisticated ransomware targeting enterprise environments.
US cybersecurity professionals plead guilty to blackcat ransomware attacks
Samstag, 13. Dezember 2025, 18:43 UhrCyberVolk's VolkLocker hampered by plaintext master key flaw
Freitag, 12. Dezember 2025, 11:54 UhrCyberVolk launches VolkLocker ransomware targeting Linux and Windows
Freitag, 12. Dezember 2025, 08:50 UhrRussian cybercriminals release new ransomware
Montag, 08. Dezember 2025, 20:29 UhrCl0p ransomware impacts patient and staff data at Barts Health NHS
Sonntag, 02. November 2025, 21:17 UhrCISA warns of ransomware exploiting Linux kernel vulnerability
Samstag, 01. November 2025, 03:51 UhrCISA warns of exploited Linux kernel vulnerability in ransomware attacks
Freitag, 31. Oktober 2025, 06:47 UhrCISA confirms Linux kernel flaw exploited in ransomware attacks
Donnerstag, 30. Oktober 2025, 23:30 UhrExperts warn of ransomware risks in popular VPN tools
Mittwoch, 29. Oktober 2025, 16:22 UhrQilin ransomware uses WSL to run Linux encryptors on Windows