Cisco Talos researchers on 24 July 2025 detailed Chaos, a newer Ransomware-as-a-Service (RaaS) group that specializes in big company hunting and double extortion attacks (meaning it both encrypts victim files and steals data for potential leaking). According to Cisco Talos, the group emerged in early February 2025 and appears to be made up of former BlackSuit ransomware gang members "based on similarities in the ransomware's encryption methodology, ransom note structure, and the toolset used in
ransomware (372)
In a communication with Bleepingcomputer, Dell has recently acknowledged a breach to its Customer Solutions Centers platform, which encompasses a variety of programs for evaluating technology solutions. The Dell Customer Solutions Centers are partitioned from the rest of Dell’s customer-facing networks and internals systems, so the breach affecting this platform should not pose much risk to customer data or sensitive internal data.
Dell representatives state that the data used in this platform
The FortiCNAPP team, part of FortiGuard Labs, recently investigated a cluster of virtual private servers (VPS) used for Monero mining. The identified samples are associated with prior H2miner campaigns that we documented in 2020 and have since been updated with new configurations. H2Miner is a Crypto mining botnet that has been active since late 2019.
Researchers also identified a new variant of the Lcryx ransomware, called Lcrypt0rx. Lcryx is a relatively new VBScript-based ransomware strain fi
The month of July could barely have started any worse for some financial institutions in Brazil. On 30 June 2025, C&M Software, a Brazilian company that provides a "bridge" helping the country's central bank connect to local banks, revealed that it had been hacked. 810,306,000 Brazilian reals (approximately US$140 million) were stolen from the reserve accounts of six financial institutions because of the security breach.
In the wake of the attack, which made news headlines in Brazil, the count
Bridewell, a UK-based cybersecurity services company, has released its latest CTI Annual Report, a comprehensive deep dive into ransomware trends. It highlighted a significant shift in attack strategies, payment dynamics, and threat actor behaviors, revealing that data theft and extortion have overtaken traditional encryption-only ransomware as the most successful approach for attackers. While encryption-based attacks tend to result in larger individual ransom payments, often due to the urgenc
Almost half (44%) of mobile users report being exposed to scams and threats daily, with a majority concerned about losing important files and productivity loss as a result, according to Malwarebytes. The security vendor polled 1,300 adults in the US, UK, Austria, Germany, and Switzerland for its "Tap, Swipe, Scam" report. Although it focused on the personal impact of such threats, they’re having a growing impact on enterprise risk, given the large number of organizations that allow Bring Your
The recent cyber-attacks aimed at Marks & Spencer, the Co-op and Harrods have been in the news, but this is not just an issue for retailers, as hackers strike almost any firm, in any line of business, at anytime and anywhere in the world. The reality for business leaders, and for investors, is that the risk is practically universal. FTSE 100 CEOs and entrepreneurs running small firms are living in fear that they will be next. Cyber-attacks have cost UK companies £44 billion in lost revenue ov
Defending against real-world threats is not just part of the job at Sentinel Labs; it is the reality of operating as a cybersecurity company in today’s landscape. Real-world attacks against our environment serve as constant pressure tests, reinforcing what works, revealing what does not, and driving continuous improvement across our products and operations. When you’re a high-value target like Sentinel, for some of the most capable and persistent adversaries out there, nothing less will do.
Di
A new report from VicOne, a leading automotive cybersecurity firm, warns of escalating threats in the global auto industry. Despite recent progress in law enforcement efforts, the Shifting Gears: VicOne 2025 Automotive Cybersecurity Report highlights growing vulnerabilities in vehicles, electric charging networks, and artificial intelligence systems.
Cyberattacks between 2022 and 2024 caused tens of billions of dollars in damages. Automotive vulnerabilities reached record highs in 2024, with ove
Giving the Raspberries is not very nice, but that’s what the Mora_001 group does. A new ransomware operation with ties to the LockBit ransomware group exploits two vulnerabilities impacting Fortinet products. Last week, multiple researchers spotlighted the exploitation of CVE-2024-55591 and CVE-2025-24472 by a new ransomware group called Mora_001. [1]
The Cybersecurity and Infrastructure Security Agency (CISA) gave all federal civilian agencies one week to patch CVE-2024-55591 in January, one of
Cyber security risks, including ransomware, data breaches, and IT disruptions, remained the top business concern worldwide over the past year. A recent Report published by the International Underwriting Association (IUA) underscores the need for cyber business interruption (BI) risks to receive the same attention as information technology security controls and ransomware threats.
The new IUA guide also aims to help insurers navigate money-handling requirements in the European Union. Across the c
Security researchers have reported on one of the fastest-growing and most formidable Ransomware-as-a-Service (RaaS) groups of 2025. Named “BlackLock” (aka El Dorado or Eldorado), the RaaS outfit has existed since March 2024, according to ReliaQuest, and has increased its number of data leak posts by an impressive 1425% quarter-on-quarter in Q4 of last quarter.
The threat intelligence vendor claimed that BlackLock could become the most active RaaS group in 2025. Although, like many other variants
Broadcom researchers recently reported that threat actors behind an RA World ransomware attack against an Asian software and services firm employed a tool that was explosively associated in the past with China-linked APT groups. “Tools that are usually associated with China-based espionage actors were recently deployed in an attack involving the RA World ransomware against an Asian software and services company,” reads the report published by Broadcom.
During the late 2024 attack, the attacker d
The New York Blood Center (NYBC) said it suffered a ransomware attack that disrupted operations and forced it to reschedule some operations. NYBC is one of the largest independent blood collection and distribution organizations. It collects about 4,000 units of blood products daily and serves more than 75 million people at over 200 hospitals across the Northeast and 500 nationwide. The cyber incident occurred while the blood center was already facing a critical shortage due to a decline in th
Enterprise cybersecurity tools, such as routers, firewalls, and VPNs, exist to protect corporate networks from intruders and malicious hackers, something that is particularly important in today’s age of widespread remote and hybrid working. But while pitched as tools that help organizations stay safe from outside threats, many of these products have time and again been found to contain software bugs that allow malicious hackers to compromise the very networks these products were designed to prot
An electric utility serving multiple counties in Mississippi was attacked by cybercriminals last summer in an incident that exposed information of more than 20,000 residents. The Yazoo Valley Electric Power Association initially warned customers through social media on 26 August 2024 that, due to software problems, they were unable to process payments. The system was restored by 30 August.
In breach notification letters filed with regulators last week, the utility confirmed it discovered “susp
The previous six months have seen heightened activity regarding new and emerging ransomware operations. Across the tail end of 2024 and into 2025, researchers have seen the rise of groups such as FunkSec, Nitrogen,, and Termite. In addition, we have seen the return of Cl0p and a new version of LockBit (aka LockBit 4.0).
Within this period of accelerated activity, the Ransomware-as-a-Service offerings HellCat and Morpheus have gained additional momentum and notoriety. Operators behind HellCat, in
Cyberattacks targeting healthcare organizations are rising, and the financial and operational toll they take is growing. A recent report from Proofpoint found that 92% of healthcare organizations reported experiencing a cyberattack in 2024, up from 88% in 2023, while the average cost of the most expensive attack was $4.7 million. While safeguarding sensitive patient data remains a top concern, malicious actors leverage artificial intelligence (AI) and machine learning technologies to make threat
Businesses in the UK are set to be protected by a new ransomware ban to address the threat of cybercrime, which is estimated to cost the UK economy billions of pounds every year. The proposed legislation follows a series of serious ransomware attacks on the National Health Service (NHS), the British Library and the Royal Mail, that have caused severe disruption and cost millions in recovery costs. The intention is to make public sector and infrastructure organizations less appealing as targe
Cybersecurity researchers have reported that artificial intelligence (AI) assisted with ransomware called FunkSec, which entered the market in late 2024 and claimed more than 85 victims. "The group uses double extortion tactics, combining data theft with encryption to pressure victims into paying ransoms," Check Point Research said in a new report from The Hacker News. "Notably, FunkSec demanded unusually low ransoms, sometimes as little as $10,000, and sold stolen data to third parties at reduc
