The Warlock ransomware operation first emerged in June 2025, following an advertisement on a Russian cybercrime forum titled “if you want a Lamborghini, please call me,” and quickly evolved into a notable ransomware-as-a-service (RaaS) operation. The group operates via a closed, affiliate-style model, though public visibility into its internal structure is limited. Warlock activity has...Read More
Hackers breached the Philadelphia Indemnity Insurance Company in June and stole customer data, the company said in a filing with the California Attorney General’s office. An unauthorized party accessed customer data during an intrusion discovered between June 9 and June 10, according to the disclosure. The company previously called the incident a network outage, however...Read More
A Chinese-based threat actor has been observed using the flaws in Microsoft SharePoint to deploy ransomware on compromised systems. In an incident update on July 23, Microsoft revealed that a group tracked as Storm-2603 is distributing Warlock ransomware on exploited SharePoint on-prem servers. As a result, the tech giant has advised potentially affected organizations to...Read More
eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. This article was originally published on TechRepublic. Dell Technologies has confirmed a cyberattack targeting one of its internal platforms used for product demonstrations. The breach, which occurred earlier this month, was carried...Read More
Back in January 2025 the UK government took an important step towards dismantling the ransomware economy by proposing a ban on ransom payments across the public sector. Under this legislation, which is now moving forward following a public consultation, institutions like the NHS, schools and local councils will no longer be permitted to pay...Read More
Talos said Chaos is likely either a rebranding of the BlackSuit ransomware or is operated by some of the former BlackSuit members. Talos based its assessment on the similarities in the encryption mechanisms in the ransomware, the theme and structure of the ransom notes, the remote monitoring and management tools used to access targeted networks,...Read More
Disruption of major operators and seasonal effects contributed to the temporary downturn. Ransomware incidents fell sharply in Q2 2025, with public disclosures dropping 43% from Q1 (from 22.9 to 17.5 cases per day). However, attacks remain elevated compared to the same quarter last year, showing a 43% year‑on‑year increase. In total, 1,591 new victims appeared on...Read More
GREEN RIVER — A month after a ransomware attack crippled the City of Green River’s computer systems, the city has remained quiet aside from an early statement, though it would appear progress is being made with the issue. SweetwaterNOW broke news of the ransomeware issue June 25, which had left the city unable to use...Read More
On April 3, 2025, the National Association for Stock Car Auto Racing (NASCAR) identified and began addressing a cybersecurity incident. The organization acted quickly by securing its systems and engaging a third-party cybersecurity firm to conduct a thorough investigation and law enforcement was also notified. The investigation determined that between March 31 and April 3,...Read More
