ransomware

An incident response manager at Sygnia and a ransomware negotiator at DigitalMint admitted to moonlighting as ALPHV/BlackCat affiliates, targeting five US companies and causing over $9.5 million in losses.

Amazon threat intelligence reveals that the Interlock ransomware group exploited a critical Cisco Secure Firewall Management Center zero-day vulnerability for over five weeks before Cisco disclosed and patched the flaw in early March 2026.

A critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support and Privileged Remote Access products, rated CVSS 9.9, is being actively exploited in ransomware attacks across six countries, with thousands of on-premises instances still unpatched.

Telus Digital confirmed a breach after ShinyHunters claimed to have stolen up to one petabyte of data using cloud credentials obtained in a prior third-party compromise.

A ransomware attack on government services giant Conduent exposed SSNs, medical records, and health insurance data for at least 25 million Americans across multiple states.

IBM's annual threat index finds vulnerability exploitation now causes 40% of breaches, with 109 ransomware groups active and over 300,000 AI platform credentials stolen.

Amazon Threat Intelligence tracked a low-skill actor who used DeepSeek and Claude to compromise 600+ FortiGate devices across 55 countries, signaling AI is lowering the barrier to large-scale cyberattacks.