Files on a central cloud server used by the ransomware group highlight a systematic, aggressive attack on network backups as a key TTP.

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach reports, expert analysis, and actionable insights for infosec professionals and ...

Ransomware is a cybersecurity issue that refuses to disappear. If anything, attacks are becoming more disruptive, difficult to fix and financially costly. The average ransom demand in 2025 was $1.3 ...

Ransomware may no longer dominate daily headlines, but it has hardly retreated. While public attention shifted to the rapid rise of artificial intelligence, ransomware groups accelerated their ...

In the realm of cybercrime, change is arguably the only constant. While cyber-extortion as a broader category of crime has proved its staying power, ransomware – its arguably most damaging ‘flavor’ – ...

Picus Labs has released a report that ranks MITRE ATT&CK techniques. According to the report, ransomware encryption is on the decline. Moving up the ranks is a malware that plays dead until it's ripe ...

The operators of DragonForce, a ransomware-as-a-service outfit that first surfaced in 2023, appear to be drawing heavily from the organized crime playbook, creating a cartel and attempting to bring ...

A key-handling defect in the ransomware can permanently lock files by discarding private encryption keys, leaving affected organizations unable to recover data even if a ransom is paid. A newly ...

A coding error, possibly introduced thanks to over-reliance on artificial intelligence (AI) vibe coding tools, has rendered an emergent strain of ransomware an acutely dangerous threat, according to ...

Cybercriminals are happy to target almost any industry where data can be stolen. In many cases, less prepared and less security-focused companies are simply easier targets. A recent ransomware attack ...

On the so-called dark web, providers of ransomware services and support pitch their products openly - Copyright AFP Stefano Rellandini On the so-called dark web ...