International law enforcement has dealt a significant blow to cybercrime this week, successfully seizing the vital online infrastructure of the notorious BlackSuit ransomware gang. In a coordinated international operation dubbed “Operation Checkmate,” authorities specifically targeted and took control of the group’s .onion data leak sites and negotiation platforms, which had compromised hundreds of organisations globally...Read More

Over 400 victims hit in hacking campaign exploiting unpatched Microsoft SharePoint servers. A state-aligned cyber-espionage campaign exploiting Microsoft server software vulnerabilities has escalated to ransomware deployment, according to a Microsoft blog post published late Wednesday. The group, dubbed ‘Storm-2603’ by Microsoft, is now using the SharePoint vulnerability to spread ransomware that can lock down systems...Read More

BlackSuit’s dark web data leak site and private negotiation panels have been taken offline in what appears to be a large-scale law enforcement operation. On July 24, the ransomware group’s leading site, usually accessible via The Onion Router (TOR), displayed a banner stating, “This site has been seized by U.S. Homeland Security Investigations as part...Read More

In April 2025, Hackread.com exclusively reported that the Medusa ransomware group had claimed responsibility for breaching the National Association for Stock Car Auto Racing (NASCAR) and was demanding a $4 million ransom. NASCAR has now confirmed that its systems were indeed compromised, validating Hackread.com’s earlier reporting. Medusa Ransomware’s dark web leak site (Credit: Hackread.com) According...Read More

The government has announced that public sector organisations and Critical National Infrastructure (CNI) will be banned from making ransomware payments. This includes the NHS, local councils and schools. Organisations will be expected to make an initial incident report within 72 hours. Private organisations, meanwhile, will have to notify the government if they plan on making...Read More

Ransomware payments could soon be a thing of the past in the UK – at least that’s the hope of new controls and mandatory reporting requirements to prevent ransomware from inflicting damage on UK businesses. Under government proposals, public bodies and operators of critical national infrastructure would be banned from paying up when they’re hit...Read More

Companies would be better minded to worry about the basics of cybersecurity than hype around malign AI models, argues NetSPI’s Ben Lister. (Image: Shutterstock) The recent wave of high-profile ransomware attacks targeting brands like M&S has reignited fears that AI is fuelling a surge in cybercrime. While AI is undeniably reshaping the threat landscape –...Read More

The recently uncovered Gunra ransomware is the family to weaponize leaked Conti source code, unleashing rapid-fire double-extortion attacks against Windows endpoints worldwide. First seen on dark-web leak sites in April 2025, Gunra moves with blistering speed, pressuring victims to negotiate within five days and threatening public data dumps to multiply the pain. Unlike spray-and-pray spam...Read More

A new wave of ransomware attacks has surfaced in July 2025, leveraging weaponized HTML (.HTA) files to silently deploy the Epsilon Red strain of ransomware. The campaign, which has spread globally, masquerades as innocuous verification pages branded as “ClickFix,” luring users who frequent popular platforms such as Discord, Twitch, Kick, and OnlyFans. By exploiting users’...Read More

The BlackSuit ransomware gang’s darknet extortion sites were seized on Thursday in an operation involving police from more than nine countries. A splashpage replacing the gang’s list of victims on its main TOR domain as well as its private negotiation pages states these sites have “been seized by U.S. Homeland Security Investigations” as part of...Read More