Companies should improve the resilience of their software supply chains against ransomware, according to guidance the International Counter Ransomware Initiative (CRI) published recently after its fifth annual summit in Singapore. The new guidance, developed by the United Kingdom and Singapore as the CRI’s policy leads, aims to raise awareness of the ransomware threat across supply chains, as well as promote good cyber hygiene that will see supply chain vulnerabilities factored into organizatio
ransomware (383)
Microsoft’s Digital Defense Report 2025[1] warns of a marked increase in identity-based attacks, driven in part by the growing use of artificial intelligence to craft convincing social engineering lures. The company says its systems analyze more than 100 trillion security signals every day and that identity attacks rose 32% in the first half of 2025 compared with the previous period.[2]
Microsoft emphasizes that password attacks remain the primary vector: more than 97% of observed identity-base
In 2025, Chaos ransomware resurfaced with a C++ variant. This marks the first time it was not written in .NET. Beyond encryption and ransom demands, it adds destructive extortion tactics and clipboard hijacking for cryptocurrency theft. This evolution underscores Chaos's shift toward more aggressive methods, amplifying both its operational impact and the financial risk it poses to victims.
This Fortinet report provides a comprehensive technical analysis of Chaos-C++, covering its execution fl
A joint study by Cybersecurity at MIT Sloan (CAMS) and Safe Security has examined 2,800 ransomware incidents and found that a staggering 80.83%, or more than 2,272 attacks, were driven by artificial intelligence. This statistic is not theoretical; it's based on comprehensive, real-world data collected during 2023–2024.
The Rethinking the Cybersecurity Arms Race working paper paints a vivid picture of how AI is transforming attack methods. Adversaries are no longer relying on manual orchestration
Car tire manufacturer Bridgestone confirms it is investigating a cyberattack that impacts on the operation of some manufacturing facilities in North America. The company believes that its rapid response contained the attack at its early stages, preventing customer data theft or deep network infiltration. Bridgestone Americas (BSA) is the North American arm of Bridgestone, a Japanese multinational tire manufacturer, the largest in the world by production volume.[1]
BSA operates 50 production fac
A ransomware attack has forced drug research firm Inotiv to shut down critical systems, resulting in operational disruptions. Inotiv is an analytical drug discovery and development service that works with various pharmaceutical companies. It employs over 2,000 research specialists and reports an annual revenue of over $500 million. According to a regulatory filing with the US Securities and Exchange Commission (SEC), Inotiv discovered the cyber attack on 8 August. “On August 8, 2025, Inotiv,
Why hack when hackers are willing to sell guaranteed access to breached networks? Increasingly, cybercrooks agree they would rather outsource than bother with the tedium of actual network penetration, leading to a flourishing initial access market. Remote access to a victim's network now retails for an average price of $2,700, although about 40% of what's being sold goes for much less $500 to $1,000, noted in a report from cybersecurity firm Rapid7. Research is based on listings posted over
Homeland Security Investigations (HSI), in partnership with US and international law enforcement agencies, has dismantled the infrastructure behind BlackSuit ransomware, a major cybercriminal group and successor to Royal ransomware, in a coordinated global operation. The action targeted the backbone of the group's operations, including servers, domains, and digital assets used to deploy ransomware, extort victims, and launder proceeds. According to US Immigration and Customs Enforcement (ICE),
The legal market segment has been a prime target for cybercriminals due to the highly sensitive and confidential data it holds. A recent report from the International Legal Technology Association (ILTA) and Fenix24, "Security at Issue: State of Cybersecurity in Law Firms," reveals a crucial shift in the threat landscape. The report, based on a survey of 60 law firms, indicates that while awareness and investment are rising, fundamental vulnerabilities persist, and human-operated attacks are no
US law enforcement agencies provided new details on an operation that dismantled critical infrastructure used by the BlackSuit ransomware gang after the organization’s leak site was replaced with a takedown banner nearly two weeks ago.
The group, which rebranded from its Royal name after a devastating 2023 attack that shut down the City of Dallas, successfully attacked more than 450 entities in the US. Since emerging in 2022, the gang secured more than $370 million in ransom payments, accordin
Vendor-related risks, from both tech providers and non-tech partners, have always been a concern, but they’re now becoming increasingly apparent in a growing number of cyber insurance claims. While data breaches were once the main concern, we are now seeing more severe first-party losses caused by ransomware attacks and major system outages. These issues are not always the result of a cyberattack, either. Sometimes they come from non-malicious errors, like critical system failures or software
Cisco Talos researchers on 24 July 2025 detailed Chaos, a newer Ransomware-as-a-Service (RaaS) group that specializes in big company hunting and double extortion attacks (meaning it both encrypts victim files and steals data for potential leaking). According to Cisco Talos, the group emerged in early February 2025 and appears to be made up of former BlackSuit ransomware gang members "based on similarities in the ransomware's encryption methodology, ransom note structure, and the toolset used in
In a communication with Bleepingcomputer, Dell has recently acknowledged a breach to its Customer Solutions Centers platform, which encompasses a variety of programs for evaluating technology solutions. The Dell Customer Solutions Centers are partitioned from the rest of Dell’s customer-facing networks and internals systems, so the breach affecting this platform should not pose much risk to customer data or sensitive internal data.
Dell representatives state that the data used in this platform
The FortiCNAPP team, part of FortiGuard Labs, recently investigated a cluster of virtual private servers (VPS) used for Monero mining. The identified samples are associated with prior H2miner campaigns that we documented in 2020 and have since been updated with new configurations. H2Miner is a Crypto mining botnet that has been active since late 2019.
Researchers also identified a new variant of the Lcryx ransomware, called Lcrypt0rx. Lcryx is a relatively new VBScript-based ransomware strain fi
The month of July could barely have started any worse for some financial institutions in Brazil. On 30 June 2025, C&M Software, a Brazilian company that provides a "bridge" helping the country's central bank connect to local banks, revealed that it had been hacked. 810,306,000 Brazilian reals (approximately US$140 million) were stolen from the reserve accounts of six financial institutions because of the security breach.
In the wake of the attack, which made news headlines in Brazil, the count
Bridewell, a UK-based cybersecurity services company, has released its latest CTI Annual Report, a comprehensive deep dive into ransomware trends. It highlighted a significant shift in attack strategies, payment dynamics, and threat actor behaviors, revealing that data theft and extortion have overtaken traditional encryption-only ransomware as the most successful approach for attackers. While encryption-based attacks tend to result in larger individual ransom payments, often due to the urgenc
Almost half (44%) of mobile users report being exposed to scams and threats daily, with a majority concerned about losing important files and productivity loss as a result, according to Malwarebytes. The security vendor polled 1,300 adults in the US, UK, Austria, Germany, and Switzerland for its "Tap, Swipe, Scam" report. Although it focused on the personal impact of such threats, they’re having a growing impact on enterprise risk, given the large number of organizations that allow Bring Your
The recent cyber-attacks aimed at Marks & Spencer, the Co-op and Harrods have been in the news, but this is not just an issue for retailers, as hackers strike almost any firm, in any line of business, at anytime and anywhere in the world. The reality for business leaders, and for investors, is that the risk is practically universal. FTSE 100 CEOs and entrepreneurs running small firms are living in fear that they will be next. Cyber-attacks have cost UK companies £44 billion in lost revenue ov
Defending against real-world threats is not just part of the job at Sentinel Labs; it is the reality of operating as a cybersecurity company in today’s landscape. Real-world attacks against our environment serve as constant pressure tests, reinforcing what works, revealing what does not, and driving continuous improvement across our products and operations. When you’re a high-value target like Sentinel, for some of the most capable and persistent adversaries out there, nothing less will do.
Di
A new report from VicOne, a leading automotive cybersecurity firm, warns of escalating threats in the global auto industry. Despite recent progress in law enforcement efforts, the Shifting Gears: VicOne 2025 Automotive Cybersecurity Report highlights growing vulnerabilities in vehicles, electric charging networks, and artificial intelligence systems.
Cyberattacks between 2022 and 2024 caused tens of billions of dollars in damages. Automotive vulnerabilities reached record highs in 2024, with ove
