The ransomware operation known as LeakNet has adopted the ClickFix social engineering tactic delivered through compromised websites as an initial access method. The use of ClickFix, where users are tricked into manually running malicious commands to address non-existent errors, is a departure from relying on traditional methods for obtaining initial access, such as through stolen...Read More
The Best Ransomware Protection for 2026 Compare Specs Deeper Dive: Our Top Tested Picks EDITORS’ NOTE December 17, 2025: With this update, our lineup of recommended ransomware protection tools remains unchanged. The existing picks have been vetted for currency and availability. (Credit: Bitdefender) (Credit: Bitdefender) Pros & Cons Excellent scores in independent lab tests
...Read More
Platform extends immutable, air-gapped protection to databases alongside VMs and object storage, delivering unified defense against $74B in annual ransomware threats NEW YORK, March 17, 2026 (GLOBE NEWSWIRE) — As enterprises abandon on-premise servers and modernize in the cloud, a massive security gap has opened in protecting databases, which are the ‘brains’ of the modern...Read More
The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a malware loader based on the open-source Deno runtime for JavaScript and TypeScript. The attacker is using the legitimate Deno to decode and execute a malicious payload directly into system memory, minimizing forensic evidence on the disk and...Read More
The new release combines immutable, air-gapped protection with support for VMware vSphere 9 and Proxmox VE 9.1, addressing the growing intensity of cyber threats. Sparks, Nevada, March 16, 2026 – As ransomware attacks become more frequent and more costly, NAKIVO Inc. announced the general availability of Backup & Replication v11.2. This release is engineered with...Read More
As Qilin marked its 700th ransomware attack of 2025, the group further cemented its position as the most prolific ransomware operator in recent years. Comparitech notes that only ten months into the year, Qilin has already surpassed last year’s leading strain, RansomHub, which claimed 547 victims across 2024. The gang’s primary targets include manufacturers, financial...Read More
Cybersecurity researchers have disclosed details of an emergent ransomware family dubbed Reynolds that comes embedded with a built-in bring your own vulnerable driver (BYOVD) component for defense evasion purposes within the ransomware payload itself. BYOVD refers to an adversarial technique that abuses legitimate but flawed driver software to escalate privileges and disable Endpoint Detection and...Read More
Security experts have warned that the cyber attack on Stryker signals a step change in politically-motivated attacks, with a particular focus on destruction rather than extortion. Operations at the medical technology firm have been severely impacted in a cyber attack claimed by Iranian-linked threat group, Handala. The group claims to have wiped thousands of systems...Read More
Recent cyberattacks attributed to Iranian threat actors extend beyond typical network disruption. Rather than an isolated incident of sabotage, this type of attack sits within a broader context defined by Iran’s reliance on asymmetric retaliation and historical proxy doctrine. Iran-aligned threat actors increasingly leverage cyberspace as a strategic equalizer. For the Islamic Revolutionary Guard Corps...Read More
