Collecting Cyber-News from over 60 sources

Tag: ransomware

Automotive data biz Autovista blames ransomware for service disruption

Apr 17, 2026 12:48 AM

Tags: data, email, ransomware, service

Some customer orgs tell staff to block inbound email from the provider First seen on theregister.com Jump to article: www.theregister.com/2026/04/15/automotive_data_biz_autovista_ransomware/
Cookeville Regional Medical Center hospital data breach impacts 337,917 people

Apr 17, 2026 12:48 AM

Tags: attack, breach, data, data-breach, group, hacker, healthcare, ransomware

A ransomware attack on Cookeville Regional Medical Center hospital (Tennessee) exposed data of 337,000 people after hackers stole 500GB of sensitive information from its systems. A ransomware attack on Cookeville Regional Medical Center (CRMC) in Tennessee led to a major data breach affecting about 337,000 people. The attack, carried out by the Rhysida group, involved…
Ransomware Groups Are Actively Disabling Your EDR Before You Even Know It

Apr 15, 2026 12:52 AM

Tags: attack, cyber, edr, encryption, endpoint, group, ransomware, tool

Most ransomware discussions focus on encryption, downtime, and recovery. But the real story is what happens before any of that becomes visible. Recent reporting from Cyber Security News highlights how attackers are increasingly using “EDR killers” to quietly disable endpoint protection tools early in the attack chain. By the time ransomware is executed, the systems…
Emulating the Persuasive NightSpire Ransomware

Apr 14, 2026 10:53 PM

Tags: attack, data, extortion, group, ransomware

AttackIQ has released a new attack graph that emulates the behaviors of NightSpire Ransomware, a financially motivated ransomware and data extortion group that emerged in early 2025 and quickly evolved into a full double-extortion operation. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/emulating-the-persuasive-nightspire-ransomware/
New ‘JanaWare’ ransomware targeting Turkish citizens as cybercriminal ecosystem fragments

Apr 14, 2026 10:53 PM

Tags: cybercrime, malware, ransomware

The researchers said the ransomware operation has been ongoing since 2020 and is associated with a strain of malware that enforces execution constraints based on system locale and external IP geolocation. First seen on therecord.media Jump to article: therecord.media/new-janaware-ransomware-targeting-turkey
No honor among thieves as 0APT threatens rival ransomware gang Krybit

Apr 14, 2026 3:52 PM

Tags: ransomware

Honey, the skids are fighting again First seen on theregister.com Jump to article: www.theregister.com/2026/04/14/0apt_krybit_spat/
Ransomware-Linked ViperTunnel Malware Hits UK and US Businesses

Apr 14, 2026 12:52 PM

Tags: backdoor, malware, ransomware, windows

ViperTunnel is a Python-based backdoor linked to DragonForce ransomware that targets businesses using Windows servers across the US and the UK. First seen on hackread.com Jump to article: hackread.com/ransomware-vipertunnel-malware-uk-us-businesses/
Zombie Microsoft bugs rise from the dead, pave way for crims and ransomware scum

Apr 14, 2026 12:52 AM

Tags: microsoft, ransomware

One was patched almost 14 years ago First seen on theregister.com Jump to article: www.theregister.com/2026/04/13/ransomware_gang_other_crims_attacking/
Ransomware Lives On, Blending Hacktivism and Crime, Fueled by AI

Apr 13, 2026 9:52 AM

Tags: crime, ransomware

Ransomware will never die, will it? In fact, it’s more powerful than ever thanks to GenAI and creative operators that evolve techniques to generate profit. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/ransomware-lives-on-blending-hacktivism-and-crime-fueled-by-ai/
Ransomware Lives On, Blending Hacktivism and Crime, Fueled by AI

Apr 13, 2026 9:52 AM

Tags: crime, ransomware

Ransomware will never die, will it? In fact, it’s more powerful than ever thanks to GenAI and creative operators that evolve techniques to generate profit. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/ransomware-lives-on-blending-hacktivism-and-crime-fueled-by-ai/
EDR Killers Broaden Ransomware Tactics, ESET Warns

Apr 13, 2026 8:52 AM

Tags: cyber, edr, ransomware, tactics, tool, vulnerability

Ransomware gangs are rapidly expanding their use of EDR killers, moving beyond vulnerable drivers to a broader mix of scripts, anti”‘rootkits, and driverless techniques. The company’s latest telemetry-backed study tracks almost 90 distinct EDR killers actively used in the wild. It warns that these tools have become a predictable, standard stage in modern ransomware operations. In…
7 Privilege Management Mistakes That Put Business Data at Risk

Apr 13, 2026 6:52 AM

Tags: access, api, attack, authentication, breach, business, control, credentials, cyber, cybersecurity, dark-web, data, data-breach, detection, email, exploit, extortion, finance, github, governance, government, hacker, ibm, identity, infrastructure, insurance, ISO-27001, jobs, least-privilege, login, mfa, microsoft, monitoring, network, okta, password, privacy, radius, ransomware, regulation, risk, russia, scam, service, software, supply-chain, theft, threat, tool, unauthorized, usa, vpn, vulnerability, zero-trust

Every growing business has at least one lingering privilege management issue. It’s not because your team is lazy. It’s because organizations grow, restructure and hire far faster than manual access processes can keep up. When roles evolve or contractors come and go, permissions accumulate behind the scenes”, creating invisible attack paths. In this post, we…
7 Privilege Management Mistakes That Put Business Data at Risk

Apr 13, 2026 6:52 AM

Tags: access, api, attack, authentication, breach, business, control, credentials, cyber, cybersecurity, dark-web, data, data-breach, detection, email, exploit, extortion, finance, github, governance, government, hacker, ibm, identity, infrastructure, insurance, ISO-27001, jobs, least-privilege, login, mfa, microsoft, monitoring, network, okta, password, privacy, radius, ransomware, regulation, risk, russia, scam, service, software, supply-chain, theft, threat, tool, unauthorized, usa, vpn, vulnerability, zero-trust

Every growing business has at least one lingering privilege management issue. It’s not because your team is lazy. It’s because organizations grow, restructure and hire far faster than manual access processes can keep up. When roles evolve or contractors come and go, permissions accumulate behind the scenes”, creating invisible attack paths. In this post, we…
The Dark Web Explained with John Hammond

Apr 13, 2026 6:52 AM

Tags: cybercrime, cybersecurity, dark-web, leak, marketplace, privacy, ransomware, technology

The dark web is often misunderstood, but it plays an important role in both privacy technology and cybercrime activity. In this episode, Tom Eston speaks with cybersecurity researcher and educator John Hammond about what the dark web actually is and how it has evolved in recent years. The discussion covers underground marketplaces, ransomware leak sites,……
RaaS Gang Anubis Claims Signature Healthcare Data Theft

Apr 11, 2026 12:53 AM

Tags: attack, data, group, healthcare, ransomware, theft

Attackers Allege They Stole 2TBs of Patient Data, But Didn’t Encrypt IT System. Ransomware group Anubis claimed it stole 2 terabytes of patient data in an attack this week on Signature Healthcare. The Massachusetts health system is still diverting ambulance patients from its hospital and using paper charts while it continues to recover. First seen…
Ransomware attack on ChipSoft knocks EHR services offline across hospitals in the Netherlands and Belgium

Apr 10, 2026 5:52 PM

Tags: access, attack, healthcare, ransomware, service

Dutch healthcare IT firm ChipSoft suffered a ransomware attack, forcing services and its HiX platform offline, impacting hospitals and patients. ChipSoft, a major Dutch provider of EHR systems, was hit by a ransomware attack that forced it to take its website and digital services offline, disrupting access for hospitals, healthcare providers, and patients. EHR (Electronic…
Just Three Ransomware Gangs Accounted for 40% of Attacks Last Month

Apr 10, 2026 2:52 PM

Tags: attack, ransomware

Qilin, Akira and Dragonforce were responsible for 40% of 672 ransomware incidents reported in March, says Check Point First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/three-ransomware-gangs-40-percent/
Dutch hospitals face disruptions after ransomware attack on software provider ChipSoft

Apr 10, 2026 1:53 PM

Tags: attack, cybersecurity, healthcare, ransomware, service, software

A ransomware attack on Dutch healthcare software vendor ChipSoft has forced the company to disable parts of its digital services used by hospitals and patients across the Netherlands, the national cybersecurity center for the healthcare sector said. First seen on therecord.media Jump to article: therecord.media/chipsoft-ransomware-attack-disrupts-dutch-hospitals
Ransomware im Wandel dennoch weiterhin eine der gravierendsten Cyberbedrohungen weltweit

Apr 10, 2026 12:52 AM

Tags: ransomware

First seen on datensicherheit.de Jump to article: www.datensicherheit.de/ransomware-wandel-gravierendste-cyberbedrohung-weltweit
Breach Roundup: German Police Expose REvil, GandCrab Boss

Apr 10, 2026 12:52 AM

Tags: ai, attack, breach, data, docker, exploit, flaw, github, hacker, ivanti, ransomware, scam, theft

Also, Medusa Ransomware, Grafana Flaw, German Political Party Breach. This week, German police unmasked a REvil leader, a critical Docker flaw, Medusa ransomware surged, DPRK hackers abused GitHub, Grafana AI bugs enabled data theft, scams hit $20B in the United States, Ivanti exploited and attacks hit Northern Ireland schools and a German political party. First…
Healthcare IT solutions provider ChipSoft hit by ransomware attack

Apr 9, 2026 10:52 PM

Tags: attack, healthcare, ransomware, service, software

Dutch healthcare software vendor ChipSoft has been impacted by a ransomware attack that forced the company to take offline its website and digital services for patients and healthcare providers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/healthcare-it-solutions-provider-chipsoft-hit-by-ransomware-attack/
The Most Important Cybersecurity Trends in 2026 So Far

Apr 9, 2026 5:52 PM

Tags: ai, cyber, cybersecurity, defense, ransomware, threat

In the first quarter of the year, cybersecurity trends have been much of the same, with some new twists. Cyber threats are always evolving, but often have much of the same foundation. The leading 2026 cybersecurity trends so far involve AI, the failure of perimeter defenses, ransomware, and nation-state attacks. Let’s talk about what’s happening…
Ransomware-Angriffe: nicht neu, aber schneller

Apr 9, 2026 1:59 PM

Tags: cyberattack, ransomware

Ransomware ist wahrlich kein neues Phänomen. Allerdings schreitet auch in diesem Bereich die Entwicklung dynamisch fort, sodass bei vielen Unternehmen ein dringender Handlungsbedarf besteht. Die Analyse der derzeitigen Gefahrenlage und der vorhandenen Schutzmaßnahmen liefert wichtige Erkenntnisse, die Unternehmen für die wirksame Risikoreduzierung und die Stärkung der Abwehrfähigkeit nutzen können. Ransomware-Angriffe laufen meistens in mehreren… First…
Patch windows collapse as timeexploit accelerates

Apr 9, 2026 11:52 AM

Tags: access, ai, application-security, attack, automation, botnet, ciso, cyber, cybercrime, cybersecurity, data-breach, exploit, incident response, insurance, Internet, mitigation, radius, ransomware, software, technology, threat, update, vulnerability, windows, zero-day

N-day exploitation: Rapid7 Labs validated its findings about a more febrile threat environment by producing both n-day and zero-day exploits using AI-assisted research, substantially reducing development time.In practice, n-day bugs, or the development of exploits against patched software, are a bigger problem than headline-grabbing zero-day vulnerabilities, adds Leeann Nicolo, incident response lead at Coalition, a technology…
Cyber ist weltweit das Top-Risiko, während KI-Risiken auf Platz 2 springen

Apr 9, 2026 9:52 AM

Tags: ai, cyber, cyberattack, germany, ransomware, risk

Cyber, insbesondere Ransomware-Angriffe, zum fünften Mal in Folge auf Platz 1 der Unternehmensrisiken (42 Prozent der Antworten weltweit). 32 Prozent der Befragten bewerten Künstliche Intelligenz (KI) als branchenübergreifendes, hohes Risiko und sorgen für einen Sprung von Platz 10 auf 2. In Deutschland liegen Cyberattacken und Betriebsunterbrechungen weiterhin auf den Plätzen 1 und 2 … First…
Storm-1175 Deploys Medusa Ransomware Within 24 Hours of Flaw Disclosure

Apr 8, 2026 4:52 PM

Tags: attack, exploit, flaw, group, healthcare, microsoft, ransomware

Microsoft researchers have uncovered a fast-moving group, Storm-1175, launching high-speed Medusa ransomware attacks against healthcare and education sectors in the UK, US, and Australia by exploiting security flaws in as little as 24 hours. First seen on hackread.com Jump to article: hackread.com/storm-1175-hackers-24-hour-medusa-ransomware-flaw/
Ein Login genügt: Warum moderne Ransomware keine Hightech-Tricks mehr braucht

Apr 8, 2026 4:52 PM

Tags: cyberattack, login, ransomware

Die Realität zeigt: Ransomware beginnt heute selten mit komplexer Technik. Sie beginnt mit einem Login. Und genau dort entscheidet sich, ob ein Angriff zur Katastrophe wird First seen on infopoint-security.de Jump to article: www.infopoint-security.de/ein-login-genuegt-warum-moderne-ransomware-keine-hightech-tricks-mehr-braucht/a44534/
Forest Blizzard leverages router compromises to launch AiTM attacks, target Outlook sessions

Apr 8, 2026 1:52 PM

Tags: access, attack, backdoor, blizzard, breach, ceo, ciso, cloud, control, corporate, credentials, data, dns, finance, Hardware, login, malicious, malware, mobile, network, office, password, phishing, ransomware, risk, router, theft, threat, vpn, vulnerability

Invisible path to enterprise systems: This attack poses a serious risk to enterprises because, instead of beginning at the corporate perimeter, it starts from employee environments that are often less secure. Threat actors target vulnerable home or small office routers, which often have weak default passwords or unpatched software.The shift to remote work has dramatically…
Dutch healthcare software vendor goes dark after ransomware attack

Apr 8, 2026 1:52 PM

Tags: attack, email, healthcare, ransomware, software

ChipSoft’s website remains down but emails are functioning First seen on theregister.com Jump to article: www.theregister.com/2026/04/08/chipsoft_ransomware/
Storm-1175 Deploys Medusa Ransomware at ‘High Velocity’

Apr 7, 2026 11:54 PM

Tags: cybercrime, exploit, group, microsoft, ransomware, vulnerability, zero-day

Microsoft says the financially motivated cybercrime group has exploited N-day and zero-day vulnerabilities in campaigns predicated on speed. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/storm-1175-medusa-ransomware-high-velocity