Back in January 2025 the UK government took an important step towards dismantling the ransomware economy by proposing a ban on ransom payments across the public sector. Under this legislation, which is now moving forward following a public consultation, institutions like the NHS, schools and local councils will no longer be permitted to pay...Read More
Talos said Chaos is likely either a rebranding of the BlackSuit ransomware or is operated by some of the former BlackSuit members. Talos based its assessment on the similarities in the encryption mechanisms in the ransomware, the theme and structure of the ransom notes, the remote monitoring and management tools used to access targeted networks,...Read More
Disruption of major operators and seasonal effects contributed to the temporary downturn. Ransomware incidents fell sharply in Q2 2025, with public disclosures dropping 43% from Q1 (from 22.9 to 17.5 cases per day). However, attacks remain elevated compared to the same quarter last year, showing a 43% year‑on‑year increase. In total, 1,591 new victims appeared on...Read More
GREEN RIVER — A month after a ransomware attack crippled the City of Green River’s computer systems, the city has remained quiet aside from an early statement, though it would appear progress is being made with the issue. SweetwaterNOW broke news of the ransomeware issue June 25, which had left the city unable to use...Read More
On April 3, 2025, the National Association for Stock Car Auto Racing (NASCAR) identified and began addressing a cybersecurity incident. The organization acted quickly by securing its systems and engaging a third-party cybersecurity firm to conduct a thorough investigation and law enforcement was also notified. The investigation determined that between March 31 and April 3,...Read More
International law enforcement has dealt a significant blow to cybercrime this week, successfully seizing the vital online infrastructure of the notorious BlackSuit ransomware gang. In a coordinated international operation dubbed “Operation Checkmate,” authorities specifically targeted and took control of the group’s .onion data leak sites and negotiation platforms, which had compromised hundreds of organisations globally...Read More
Over 400 victims hit in hacking campaign exploiting unpatched Microsoft SharePoint servers. A state-aligned cyber-espionage campaign exploiting Microsoft server software vulnerabilities has escalated to ransomware deployment, according to a Microsoft blog post published late Wednesday. The group, dubbed ‘Storm-2603’ by Microsoft, is now using the SharePoint vulnerability to spread ransomware that can lock down systems...Read More
BlackSuit’s dark web data leak site and private negotiation panels have been taken offline in what appears to be a large-scale law enforcement operation. On July 24, the ransomware group’s leading site, usually accessible via The Onion Router (TOR), displayed a banner stating, “This site has been seized by U.S. Homeland Security Investigations as part...Read More
In April 2025, Hackread.com exclusively reported that the Medusa ransomware group had claimed responsibility for breaching the National Association for Stock Car Auto Racing (NASCAR) and was demanding a $4 million ransom. NASCAR has now confirmed that its systems were indeed compromised, validating Hackread.com’s earlier reporting. Medusa Ransomware’s dark web leak site (Credit: Hackread.com) According...Read More
