WarLock Ransomware group Claims Breach at Colt Telecom and Hitachi
WarLock ransomware claims breach at Colt and Hitachi, with Colt investigating and working to restore systems while experts…
ransomware
US Seizes $2.8 Million From Zeppelin Ransomware Operator
The US has indicted Zeppelin ransomware operator Ianis Antropenko, seizing over $2.8 million in cryptocurrency from his wallet.
The post US Seizes $2.8 Million From Zeppelin Ransomware Operator appeared first on SecurityWeek.
Ransomware Actors Combine Legitimate Tools with Custom Malware to Evade Detection
Operators behind the Crypto24 strain are employing highly coordinated, multi-stage attacks that blend legitimate system tools with bespoke malware to infiltrate networks, maintain persistence, and evade endpoint detection and response (EDR) systems. Ac…
Qilin Ransomware Dominates July with Over 70 Claimed Victims
The Qilin ransomware group has solidified its position as the most active threat actor in July 2025, marking its third top ranking in four months following the downturn of former leader RansomHub. According to cybersecurity intelligence from Cyble, Qil…
Splunk Publishes Defender’s Guide to Spot ESXi Ransomware Early
Splunk has released a comprehensive defender’s guide aimed at helping cybersecurity teams detect and prevent ransomware attacks targeting ESXi infrastructure before they can cause widespread damage. The guide comes as organizations continue to fa…
Croatian research institute confirms ransomware attack via ToolShell vulnerabilities
The Ruđer Bošković Institute (RBI), the largest Croatian science and technology research institute, has confirmed that it was the one of “at least 9,000 institutions worldwide” that were attacked using the Microsoft SharePoint “ToolSh…
Manpower Says Data Breach Stemming From Ransomware Attack Impacts 140,000
The RansomHub ransomware group stole sensitive information from staffing and recruiting firm Manpower in January.
The post Manpower Says Data Breach Stemming From Ransomware Attack Impacts 140,000 appeared first on SecurityWeek.
New Charon Ransomware Uses DLL Sideloading and Anti-EDR Tactics in Targeted Attacks
Trend Micro researchers have uncovered a novel ransomware family dubbed Charon, deployed in a sophisticated campaign targeting the public sector and aviation industry in the Middle East. This operation employs advanced persistent threat (APT)-style tec…
Law Enforcement Seizes BlackSuit Ransomware Servers Targeting U.S. Critical Infrastructure
The U.S. Department of Justice, in collaboration with multiple domestic and international law enforcement agencies, announced the seizure of critical infrastructure associated with the BlackSuit ransomware group, formerly known as Royal. Authorities di…
Interlock Ransomware Group Leaks 43GB of Data in City of St. Paul Cyberattack
St. Paul hit by Interlock ransomware attack, 43GB of sensitive data leaked, city refuses ransom, launches Operation Secure…