Abstract: Ransomware is a rapidly evolving cyber threat that encrypts user data and demands a ransom for its release, causing severe financial and operational disruptions. The following study ...

Storm-1175 actors are running up-tempo campaigns to deliver Medusa ransomware, putting pressure on organizations to patch critical vulnerabilities faster. In a blog post on Monday, Microsoft Threat ...

The group has moved from initial access to ransomware deployment within 24 hours, highlighting how exposed web-facing systems and shrinking patch windows raise enterprise risk. Microsoft has warned ...

Shchukin is accused of extorting more than $2 million as the head of the GandCrab and REvil ransomware operations. The German Federal Criminal Police (BKA) has named a Russian national as the ...

The group is using zero-days, quickly weaponizes fresh bugs, and exfiltrates and encrypts data within days of initial access. The Medusa ransomware group has been operating at a fast pace, seizing ...

The Medusa ransomware operation is increasingly exploiting new vulnerabilities days before they are publicly disclosed, according to new research from Microsoft. Cybersecurity experts at Microsoft ...

Threat actors associated with Qilin and Warlock ransomware operations have been observed using the bring your own vulnerable driver (BYOVD) technique to silence security tools running on compromised ...

Germany's Federal Criminal Police Office (aka BKA or the Bundeskriminalamt) has unmasked the real identities of two of the key figures associated with the now-defunct REvil (aka Sodinokibi) ransomware ...

The financially motivated cybercriminal actor tracked by Microsoft Threat Intelligence as Storm-1175 operates high-velocity ransomware campaigns that weaponize N-days, targeting vulnerable, web-facing ...

MINOT, N.D. (KMOT) – This week, we have reported on the ransomware attack last month on Minot’s Water Treatment Plant. The March 14 incident did not compromise the city’s water, but forced staff to ...

Healthcare remains a top ransomware target due to high-value data, operational urgency and a complex web of interconnected systems and vendors Recovery speed often comes down to preparation, with ...

In February 2026, the University of Mississippi Medical Center (UMMC) fell victim to a ransomware attack. The incident took the Epic electronic health record system offline across 35 clinics and more ...