Security News

Security shop pwns ransomware gang, passes insider info to authorities
2025-03-27 16:32

Researchers say 'proactive' approach is needed to combat global cybercrime Here's one you don't see every day: A cybersecurity vendor is admitting to breaking into a notorious ransomware crew's...

UK fines software provider £3.07 million for 2022 ransomware breach
2025-03-27 00:01

The UK Information Commissioner's Office (ICO) has fined Advanced Computer Software Group Ltd £3.07 million over a 2022 ransomware attack that exposed the sensitive personal data of 79,404 people,...

RedCurl cyberspies create ransomware to encrypt Hyper-V servers
2025-03-26 14:06

A threat actor named 'RedCurl,' known for stealthy corporate espionage operations since 2018, is now using a ransomware encryptor designed to target Hyper-V virtual machines. [...]

RedCurl Shifts from Espionage to Ransomware with First-Ever QWCrypt Deployment
2025-03-26 13:43

The Russian-speaking hacking group called RedCurl has been linked to a ransomware campaign for the first time, marking a departure in the threat actor's tradecraft. The activity, observed by...

VanHelsing ransomware emerges to put a stake through your Windows heart
2025-03-25 07:32

There's only one rule – don't attack Russia, duh Check Point has spotted a fresh ransomware-as-a-service crew in town: VanHelsing, touting a cross-platform locker targeting Microsoft Windows,...

New VanHelsing ransomware targets Windows, ARM, ESXi systems
2025-03-24 19:43

A new multi-platform ransomware-as-a-service (RaaS) operation named VanHelsing has emerged, targeting Windows, Linux, BSD, ARM, and ESXi systems. [...]

VSCode Marketplace Removes Two Extensions Deploying Early-Stage Ransomware
2025-03-24 11:10

Cybersecurity researchers have uncovered two malicious extensions in the Visual Studio Code (VSCode) Marketplace that are designed to deploy ransomware that's under development to its users. The...

Medusa Ransomware Uses Malicious Driver to Disable Anti-Malware with Stolen Certificates
2025-03-21 12:58

The threat actors behind the Medusa ransomware-as-a-service (RaaS) operation have been observed using a malicious driver dubbed ABYSSWORKER as part of a bring your own vulnerable driver (BYOVD)...

AI will make ransomware even more dangerous
2025-03-21 06:00

Ransomware is the top predicted threat for 2025, which is especially concerning given 38% of security professionals say ransomware will become even more dangerous when powered by AI, according to...

VSCode extensions found downloading early-stage ransomware
2025-03-20 19:54

Two malicious VSCode Marketplace extensions were found deploying in-development ransomware from a remote server, exposing critical gaps in Microsoft's review process. [...]