Summary On March 12, 2026, the ransomware group Akira claimed responsibility for a significant cyberattack against Extreme Trailers, LLC (extremetrailersllc.com), a leading manufacturer in the flatbed trailer market based in Dover, Ohio, USA. The attackers have threatened to release 15GB of sensitive corporate data unless negotiations are initiated. Incident Report Field Details Target Extreme Trailers,...Read More
Published On : 2026-03-13 Ransomware of the week CYFIRMA Research and Advisory Team would like to highlight ransomware trends and insights gathered while monitoring various forums. This includes multiple – industries, geography, and technology – that could be relevant to your organization. Type: Ransomware (MedusaLocker family variant). Target Geography: No specific geographic focus identified; incidents...Read More
The latest wave also mimics widely used developer tools to maximise installation chances. “The extensions overwhelmingly impersonate widely installed developer utilities: linters and formatters like ESLint and Prettier, code runners, popular language tooling for Angular, Flutter, Python, and Vue, and common quality-of-life extensions like vscode-icons, WakaTime, and Better Comments,” the researchers said. “Notably, the campaign...Read More
Cybersecurity researchers at Huntress recently observed threat actors deploying INC ransomware following a sophisticated data exfiltration process. On February 25, 2026, attackers compromised a customer’s infrastructure, stole sensitive data, and then encrypted the network. The threat actors used native Windows tools such as PowerShell and PsExec to stage the attack, elevate privileges, and bypass early-detection...Read More
AI-assisted Slopoly malware powers Hive0163’s ransomware campaigns Pierluigi Paganini March 13, 2026 The Hive0163 group used AI-assisted malware called Slopoly to maintain persistent access in ransomware attacks. IBM X-Force researchers report that the financially motivated group Hive0163 is using AI-assisted malware named Slopoly to maintain persistent access during ransomware attacks, showing how threat actors can...Read More
Robotics-assisted surgical tech firm Intuitive said that unauthorized intruders gained access to some of its internal IT business applications after stealing an employee’s credentials during a phishing attack. Intuitive’s statement on the cybersecurity incident doesn’t indicate when the attack occurred or when the company discovered it. The Register has reached out to Intuitive about these...Read More
Ravie LakshmananMar 13, 2026Ransomware / Cybercrime INTERPOL on Friday announced the takedown of 45,000 malicious IP addresses and servers used in connection with phishing, malware, and ransomware campaigns, as part of the agency’s ongoing efforts to dismantle criminal networks, disrupt emerging threats, and safeguard victims from scams. The effort is part of an international law...Read More
We all know the benefits of backupsOpens a new window , right? If a computer or server goes down or is otherwise compromised, backups come to the rescue. It’s a common, standard, non-controversial, no-brainer best practice. If you don’t want to lose your data, back it up. For 20 years, I’ve talked up the benefits...Read More
On March 6, the White House issued an executive order to combat cybercrime, fraud, and predatory schemes targeting American citizens, directing federal agencies to intensify efforts against transnational criminal organizations (TCOs). The order identified that activities such as ransomware, phishing, financial fraud, and extortion are often orchestrated by TCOs with foreign state support, thereby undermining...Read More
The Justice Department is accusing an incident responder of conducting cyberattacks and helping ransomware gangs negotiate higher payouts from the same victims he was working for. Angelo Martino surrendered to the U.S. Marshals on Tuesday and bonded out the same day, agreeing to perform no cyber industry work as part of his release. In court...Read More
