Ransomware
VanHelsing ransomware RaaS targets multiple platforms
Raportoinut AI AI:n luoma kuva
A new ransomware-as-a-service operation called VanHelsing emerged on March 7, 2025, quickly claiming at least three victims. It supports attacks on Windows, Linux, BSD, ARM, and ESXi systems, with affiliates retaining 80% of ransoms after a $5,000 deposit. The group prohibits targeting entities in the Commonwealth of Independent States.
A ransomware attack hit the Canvas learning platform on Thursday, forcing schools and colleges across the US to postpone or reschedule final exams. The disruption came just as students prepared for year-end testing.
Raportoinut AI
As the April 14 ransom deadline approaches, ShinyHunters has reiterated threats to release breached Rockstar Games data obtained via third-party Anodot, following the studio's confirmation of limited non-material access with no player impact. This updates coverage of the initial breach claim reported earlier this week.
The ransomware group RansomHouse has claimed responsibility for a cyber attack on Fulgar, a major fabric supplier to brands like H&M and Adidas. Confidential files exposing the company's finances, client lists, and global operations have appeared online. The breach highlights ongoing risks in the supply chain for fashion giants.
Raportoinut AI
Cisco Talos researchers have identified Kraken, a Russian-speaking ransomware group that emerged in early 2025 from the HelloKitty cartel, conducting big-game-hunting and double-extortion attacks. The group now targets enterprise environments with cross-platform encryptors for Windows, Linux, and VMware ESXi systems. Attacks observed in August 2025 exploited SMB vulnerabilities for initial access.
Security experts have raised alarms about vulnerabilities in VPN software from Cisco, Citrix, and SonicWall, linking them to increased ransomware threats. Users of these tools face heightened risks of infection, according to a recent analysis. The warning highlights ongoing concerns in enterprise cybersecurity.
Raportoinut AI
Cybersecurity researchers have uncovered a tactic by the Qilin ransomware group that exploits Microsoft's Windows Subsystem for Linux (WSL) to execute Linux-based encryption tools on Windows machines. This method allows attackers to bypass many endpoint detection and response (EDR) systems by operating in a Linux sandbox environment that traditional tools often overlook. The technique highlights the growing sophistication of ransomware operations blending operating systems.
Experts claim ransomware attacks increasingly target firewalls
20. tammikuuta 2026 09.23Ransomware gang NightSpire claims Hyatt data breach
31. joulukuuta 2025 02.53US cybersecurity professionals plead guilty to blackcat ransomware attacks
13. joulukuuta 2025 18.43CyberVolk's VolkLocker hampered by plaintext master key flaw
12. joulukuuta 2025 11.54CyberVolk launches VolkLocker ransomware targeting Linux and Windows
8. marraskuuta 2025 01.01Malicious AI extension with ransomware sneaks onto VS Code marketplace
3. marraskuuta 2025 14.24CISA alerts on Linux kernel flaw exploited by ransomware
2. marraskuuta 2025 21.17CISA warns of ransomware exploiting Linux kernel vulnerability
1. marraskuuta 2025 03.51CISA warns of exploited Linux kernel vulnerability in ransomware attacks
31. lokakuuta 2025 06.47CISA confirms Linux kernel flaw exploited in ransomware attacks