Tag: ransomware
-
Ransomware attack continues to disrupt healthcare in London nearly two years later
More than 18 months after a ransomware attack disrupted care at hospitals in South East London, documents show at least one NHS trust is still working without fully restored systems and managing large backlogs of delayed test results. First seen on therecord.media Jump to article: therecord.media/ransomware-nhs-cyberattack-disruption
-
Payouts King ransomware uses QEMU VMs to bypass endpoint security
The Payouts King ransomware is using the QEMU emulator as a reverse SSH backdoor to run hidden virtual machines on compromised systems and bypass endpoint security. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/payouts-king-ransomware-uses-qemu-vms-to-bypass-endpoint-security/
-
Payouts King Emerges: New Ransomware Operation Tied to Ex-BlackBasta Members
Payouts King is emerging as a technically sophisticated ransomware operation believed to be run by former BlackBasta affiliates, reusing their social”‘engineering playbook while introducing hardened obfuscation and encryption routines. The group focuses on high”‘value data theft and selective encryption, leveraging strong cryptography and extensive evasion to stay ahead of antivirus and EDR tools. BlackBasta, itself…
-
Automotive data biz Autovista blames ransomware for service disruption
Some customer orgs tell staff to block inbound email from the provider First seen on theregister.com Jump to article: www.theregister.com/2026/04/15/automotive_data_biz_autovista_ransomware/
-
Cookeville Regional Medical Center hospital data breach impacts 337,917 people
A ransomware attack on Cookeville Regional Medical Center hospital (Tennessee) exposed data of 337,000 people after hackers stole 500GB of sensitive information from its systems. A ransomware attack on Cookeville Regional Medical Center (CRMC) in Tennessee led to a major data breach affecting about 337,000 people. The attack, carried out by the Rhysida group, involved…
-
Breach Roundup: Mr. Raccoon Wants Your Password
Tags: breach, china, data, data-breach, flaw, fortinet, healthcare, leak, password, phishing, ransomware, scamAlso, Eurail Breach, ChipSoft Hospital Disruptions, W3LL Phishing Takedown. This week, a Raccoon-linked actor hit help desks, Eurail exposed 308K users, Fortinet patched critical flaws, Pushpaganda scams, major data leaks hit healthcare and China, ransomware and phishing ops surged, and multiple breaches impacted firms and hospitals. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/breach-roundup-mr-raccoon-wants-your-password-a-31450
-
Cisco FMC Zero-Day Among 31 High-Impact Vulnerabilities Exploited in March
31 high-impact vulnerabilities were actively exploited in March 2026, with a Cisco firewall zero-day abused by the Interlock ransomware group emerging as one of the most dangerous threats to enterprise networks. Affected vendors span core enterprise and developer ecosystems, including Cisco, Microsoft, Google, ConnectWise, Langflow, Citrix, Aquasecurity, Nginx UI, Qualcomm, F5, Craft CMS, Laravel, Apple,…
-
6-Year Ransomware Campaign Targets Turkish Homes & SMBs
While enterprises breaches make more headlines, smaller incidents tend to be under-reported, if at all, allowing campaigns to last longer with less disruption. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/6-year-ransomware-campaign-turkish-homes-smbs
-
Ransomware-Bedrohungen und KI-Transformation verschieben Fokus von Recovery hin zu Resilienz
Der neue ‘Veeam Data Trust and Resilience Report” von Veeam Software stellt fest, dass 90 Prozent der Sicherheitsverantwortlichen davon überzeugt sind, Daten schnell wiederherstellen zu können. Allerdings schaffen es letztlich nur 28 Prozent, die Daten nach einem Ransomware-Angriff auch tatsächlich vollständig wiederherzustellen. Veeam hat den ‘Data Trust and Resilience Report 2026″ veröffentlicht, der eine wachsende…
-
Textbook titan McGraw Hill on ransomware crew’s reading list after 13.5M records exposed
Publisher claims misconfigured Salesforce-hosted page leaked data First seen on theregister.com Jump to article: www.theregister.com/2026/04/16/mcgraw_hill_salesforce/
-
Ransomware Groups Are Actively Disabling Your EDR Before You Even Know It
Most ransomware discussions focus on encryption, downtime, and recovery. But the real story is what happens before any of that becomes visible. Recent reporting from Cyber Security News highlights how attackers are increasingly using “EDR killers” to quietly disable endpoint protection tools early in the attack chain. By the time ransomware is executed, the systems…
-
Emulating the Persuasive NightSpire Ransomware
AttackIQ has released a new attack graph that emulates the behaviors of NightSpire Ransomware, a financially motivated ransomware and data extortion group that emerged in early 2025 and quickly evolved into a full double-extortion operation. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/emulating-the-persuasive-nightspire-ransomware/
-
New ‘JanaWare’ ransomware targeting Turkish citizens as cybercriminal ecosystem fragments
The researchers said the ransomware operation has been ongoing since 2020 and is associated with a strain of malware that enforces execution constraints based on system locale and external IP geolocation. First seen on therecord.media Jump to article: therecord.media/new-janaware-ransomware-targeting-turkey
-
No honor among thieves as 0APT threatens rival ransomware gang Krybit
Tags: ransomwareHoney, the skids are fighting again First seen on theregister.com Jump to article: www.theregister.com/2026/04/14/0apt_krybit_spat/
-
Ransomware-Linked ViperTunnel Malware Hits UK and US Businesses
ViperTunnel is a Python-based backdoor linked to DragonForce ransomware that targets businesses using Windows servers across the US and the UK. First seen on hackread.com Jump to article: hackread.com/ransomware-vipertunnel-malware-uk-us-businesses/
-
Zombie Microsoft bugs rise from the dead, pave way for crims and ransomware scum
One was patched almost 14 years ago First seen on theregister.com Jump to article: www.theregister.com/2026/04/13/ransomware_gang_other_crims_attacking/
-
Ransomware Lives On, Blending Hacktivism and Crime, Fueled by AI
Ransomware will never die, will it? In fact, it’s more powerful than ever thanks to GenAI and creative operators that evolve techniques to generate profit. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/ransomware-lives-on-blending-hacktivism-and-crime-fueled-by-ai/
-
Ransomware Lives On, Blending Hacktivism and Crime, Fueled by AI
Ransomware will never die, will it? In fact, it’s more powerful than ever thanks to GenAI and creative operators that evolve techniques to generate profit. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/ransomware-lives-on-blending-hacktivism-and-crime-fueled-by-ai/
-
EDR Killers Broaden Ransomware Tactics, ESET Warns
Ransomware gangs are rapidly expanding their use of EDR killers, moving beyond vulnerable drivers to a broader mix of scripts, anti”‘rootkits, and driverless techniques. The company’s latest telemetry-backed study tracks almost 90 distinct EDR killers actively used in the wild. It warns that these tools have become a predictable, standard stage in modern ransomware operations. In…
-
The Dark Web Explained with John Hammond
The dark web is often misunderstood, but it plays an important role in both privacy technology and cybercrime activity. In this episode, Tom Eston speaks with cybersecurity researcher and educator John Hammond about what the dark web actually is and how it has evolved in recent years. The discussion covers underground marketplaces, ransomware leak sites,……
-
RaaS Gang Anubis Claims Signature Healthcare Data Theft
Attackers Allege They Stole 2TBs of Patient Data, But Didn’t Encrypt IT System. Ransomware group Anubis claimed it stole 2 terabytes of patient data in an attack this week on Signature Healthcare. The Massachusetts health system is still diverting ambulance patients from its hospital and using paper charts while it continues to recover. First seen…
-
Ransomware attack on ChipSoft knocks EHR services offline across hospitals in the Netherlands and Belgium
Dutch healthcare IT firm ChipSoft suffered a ransomware attack, forcing services and its HiX platform offline, impacting hospitals and patients. ChipSoft, a major Dutch provider of EHR systems, was hit by a ransomware attack that forced it to take its website and digital services offline, disrupting access for hospitals, healthcare providers, and patients. EHR (Electronic…
-
Just Three Ransomware Gangs Accounted for 40% of Attacks Last Month
Qilin, Akira and Dragonforce were responsible for 40% of 672 ransomware incidents reported in March, says Check Point First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/three-ransomware-gangs-40-percent/
-
Dutch hospitals face disruptions after ransomware attack on software provider ChipSoft
A ransomware attack on Dutch healthcare software vendor ChipSoft has forced the company to disable parts of its digital services used by hospitals and patients across the Netherlands, the national cybersecurity center for the healthcare sector said. First seen on therecord.media Jump to article: therecord.media/chipsoft-ransomware-attack-disrupts-dutch-hospitals
-
Ransomware im Wandel dennoch weiterhin eine der gravierendsten Cyberbedrohungen weltweit
Tags: ransomwareFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/ransomware-wandel-gravierendste-cyberbedrohung-weltweit
-
Breach Roundup: German Police Expose REvil, GandCrab Boss
Also, Medusa Ransomware, Grafana Flaw, German Political Party Breach. This week, German police unmasked a REvil leader, a critical Docker flaw, Medusa ransomware surged, DPRK hackers abused GitHub, Grafana AI bugs enabled data theft, scams hit $20B in the United States, Ivanti exploited and attacks hit Northern Ireland schools and a German political party. First…
-
Healthcare IT solutions provider ChipSoft hit by ransomware attack
Dutch healthcare software vendor ChipSoft has been impacted by a ransomware attack that forced the company to take offline its website and digital services for patients and healthcare providers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/healthcare-it-solutions-provider-chipsoft-hit-by-ransomware-attack/
-
The Most Important Cybersecurity Trends in 2026 So Far
In the first quarter of the year, cybersecurity trends have been much of the same, with some new twists. Cyber threats are always evolving, but often have much of the same foundation. The leading 2026 cybersecurity trends so far involve AI, the failure of perimeter defenses, ransomware, and nation-state attacks. Let’s talk about what’s happening…