In the escalating battle against ransomware, businesses are discovering that their hybrid cloud setups—blending on-premises systems with public and private clouds—can either be a fortress or a vulnerability. Recent high-profile attacks, such as the one that crippled Marks & Spencer’s operations in April 2025, underscore how cybercriminals are exploiting these environments to encrypt data, exfiltrate...Read More
In the shadowy world of cybercrime, few groups have captured as much attention as Scattered Spider, a loosely organized collective of young hackers known for their audacious breaches and ransomware attacks. This group, often comprising teenagers and young adults from the U.S. and abroad, has targeted major corporations, stealing data and extorting millions. Recent developments,...Read More
The new Gunra group has expanded its attack surface beyond Windows PCs by releasing a Linux version of their virus, which was initially discovered in April 2025. This is a major uptick in the ransomware ecosystem. This development underscores the group’s strategic pivot toward cross-platform targeting, inspired by predecessors like Conti ransomware. Trend Micro’s threat...Read More
When it comes to ransomware, it might seem like giving in and paying the ransom is the quickest fix. Luckily for today’s businesses, there is a better alternative to forking over money to cybercriminals who might not even give the data back. Ransomware is among the most common types of cyberattacks that can strike...Read More
141 million breached files reveal data exposed. getty Update, July 30, 2025: This story, originally published on July 28, has been updated with additional information from the Anatomy of a Data Breach report that analyzed 141 million compromised files from 1,257 breach incidents, including a detailed look at the blast radius of a breach, as...Read More
Discount retail giant Dollar Tree denied that its systems were impacted by ransomware after a cybercriminal operation claimed on Wednesday to have attacked the company. A company spokesperson told Recorded Future News that it is aware of the claims but said they believe the group actually targeted 99 Cents Only Stores — another discount shopping...Read More
In a significant blow to cybercrime operations, cybersecurity firm Avast has released a free decryptor tool for victims of the FunkSec ransomware, which abruptly ceased activities earlier this year. The tool allows affected organizations to recover encrypted files without paying ransoms, marking a rare victory in the ongoing battle against ransomware groups. FunkSec, which emerged...Read More
The SafePay ransomware gang is threatening to leak 3.5TB of data belonging to IT giant Ingram Micro, allegedly stolen from the company’s compromised systems earlier this month. Ingram Micro is one of the world’s largest business-to-business service providers and technology distributors, offering a wide range of solutions to resellers and managed service providers worldwide, including...Read More
Cybercriminals affiliated with the Qilin ransomware-as-a-service (RaaS) operation have demonstrated advanced evasion techniques by exploiting a previously undocumented vulnerable driver, TPwSav.sys, to disable Endpoint Detection and Response (EDR) systems through a bring-your-own-vulnerable-driver (BYOVD) attack. First observed in July 2022, Qilin employs double extortion tactics, exfiltrating data for leakage on dedicated sites if ransoms remain unpaid,...Read More
The cybercriminals claiming responsibility for Ingram Micro’s ransomware attack put a deadline on leaking its data nearly a month after the raid. The SafePay ransomware group posted Ingram Micro to its leak blog on July 29, saying it intends to release 3.5 TB of company data on August 1. In typical double extortion ransomware scenarios,...Read More
