Exclusive: Philadelphia Insurance Companies facing ‘major’ ransomware attack, sources say, as company hit by outage  The Insurer Source link .........................Read More

The LockBit ransomware-as-a-service (RaaS) operation has netted around $2.3 million USD within 5 months, the data leak stemming from the May 2025 hack of a LockBit affiliate panel has revealed. From that sum, the operators took their 20% cut (approximately USD 456,000), and they additionally “earned” some $10,000-$11,000 USD from affiliates that registered through the...Read More

On 20 May 2025, the cyber threat landscape was unsettled once again when a developer linked to the VanHelsing ransomware-as-a-service (RaaS) group leaked critical components on a well-known hacking forum. Going by the name “th30c0der”, this former associate of the group tried to sell the entire source code for the VanHelsing ransomware on...Read More

Paraguay says it will not pay off cybercriminals who obtained personal data potentially affecting every citizen. The group is threatening to make the data public if the government doesn’t pay $7.4 million by June 13. “The government never negotiates with these types of actors,” Gustavo Villate, Minister of Technology and Information, told OCCRP A group...Read More

Your support helps us to tell the story From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it’s investigating the financials of Elon Musk’s pro-Trump PAC or producing our latest documentary, ‘The A Word’, which shines a light on the American women fighting...Read More

Fog ransomware hackers are using an uncommon toolset, which includes open-source pentesting utilities and a legitimate employee monitoring software called Syteca. The Fog ransomware operation was first observed last year in May leveraging compromised VPN credentials to access victims’ networks. Post-compromise, they used “pass-the-hash” attacks to gain admin privileges, disabled Windows Defender, and encrypted all files, including virtual...Read More

( June 12, 2025, 08:29 GMT | Official Statement) — MLex Summary: Yes24, a major online bookstore in South Korea, is under investigation by the country’s privacy watchdog following a ransomware attack that potentially exposed customer data and left the platform paralyzed for at least four consecutive days. According to the Personal Information Protection Commission, it launched...Read More

The Black Basta ransomware group, once a dominant force in the cyber extortion landscape, disbanded in February 2025 following an unexpected leak of its internal chat logs. The leak, attributed to a disgruntled member known online as “ExploitWhispers,” surfaced shortly after the group breached an unspoken norm: targeting Russian financial institutions.  ReliaQuest’s latest research details...Read More

WannaCry ransomware is a cyberattack that spread by exploiting vulnerabilities in earlier and unpatched versions of the Windows operating system (OS). At its peak in May 2017, WannaCry became a global threat. Cybercriminals used the ransomware to hold organizations’ data hostage and extort money in the form of cryptocurrency. WannaCry spread using EternalBlue, an exploit...Read More

Key Points The ransomware operator “Black Basta” has experienced a sharp decline following the public leak of its internal chat logs, but its legacy lives on. Despite the group’s dissolution, former members continue to use its tried-and-tested tactics, with mass email spam followed by Teams phishing remaining a persistent and effective attack method. Recently, attackers...Read More