Ransomware
VanHelsing ransomware RaaS targets multiple platforms
Rapportert av AI Bilde generert av AI
A new ransomware-as-a-service operation called VanHelsing emerged on March 7, 2025, quickly claiming at least three victims. It supports attacks on Windows, Linux, BSD, ARM, and ESXi systems, with affiliates retaining 80% of ransoms after a $5,000 deposit. The group prohibits targeting entities in the Commonwealth of Independent States.
A ransomware attack hit the Canvas learning platform on Thursday, forcing schools and colleges across the US to postpone or reschedule final exams. The disruption came just as students prepared for year-end testing.
Rapportert av AI
As the April 14 ransom deadline approaches, ShinyHunters has reiterated threats to release breached Rockstar Games data obtained via third-party Anodot, following the studio's confirmation of limited non-material access with no player impact. This updates coverage of the initial breach claim reported earlier this week.
The ransomware group RansomHouse has claimed responsibility for a cyber attack on Fulgar, a major fabric supplier to brands like H&M and Adidas. Confidential files exposing the company's finances, client lists, and global operations have appeared online. The breach highlights ongoing risks in the supply chain for fashion giants.
Rapportert av AI
Cisco Talos researchers have identified Kraken, a Russian-speaking ransomware group that emerged in early 2025 from the HelloKitty cartel, conducting big-game-hunting and double-extortion attacks. The group now targets enterprise environments with cross-platform encryptors for Windows, Linux, and VMware ESXi systems. Attacks observed in August 2025 exploited SMB vulnerabilities for initial access.
Security experts have raised alarms about vulnerabilities in VPN software from Cisco, Citrix, and SonicWall, linking them to increased ransomware threats. Users of these tools face heightened risks of infection, according to a recent analysis. The warning highlights ongoing concerns in enterprise cybersecurity.
Rapportert av AI
Cybersecurity researchers have uncovered a tactic by the Qilin ransomware group that exploits Microsoft's Windows Subsystem for Linux (WSL) to execute Linux-based encryption tools on Windows machines. This method allows attackers to bypass many endpoint detection and response (EDR) systems by operating in a Linux sandbox environment that traditional tools often overlook. The technique highlights the growing sophistication of ransomware operations blending operating systems.
Experts claim ransomware attacks increasingly target firewalls
tirsdag, 20. januar 2026, 09:23Ransomware gang NightSpire claims Hyatt data breach
onsdag, 31. desember 2025, 02:53US cybersecurity professionals plead guilty to blackcat ransomware attacks
lørdag, 13. desember 2025, 18:43CyberVolk's VolkLocker hampered by plaintext master key flaw
fredag, 12. desember 2025, 11:54CyberVolk launches VolkLocker ransomware targeting Linux and Windows
lørdag, 8. november 2025, 01:01Malicious AI extension with ransomware sneaks onto VS Code marketplace
mandag, 3. november 2025, 14:24CISA alerts on Linux kernel flaw exploited by ransomware
søndag, 2. november 2025, 21:17CISA warns of ransomware exploiting Linux kernel vulnerability
lørdag, 1. november 2025, 03:51CISA warns of exploited Linux kernel vulnerability in ransomware attacks
fredag, 31. oktober 2025, 06:47CISA confirms Linux kernel flaw exploited in ransomware attacks