A new ransomware operator called Chaos has launched a wave of intrusions impacting a wide range of sectors, Cisco Talos has reported. Victims have been predominantly based in the US, with some in the UK, New Zealand India, according to the actor’s data leak site. Targeting appears to be opportunistic and does not focus on...Read More

Companies would be better minded to worry about the basics of cybersecurity than hype around malign AI models, argues NetSPI’s Ben Lister. (Image: Shutterstock) The recent wave of high-profile ransomware attacks targeting brands like M&S has reignited fears that AI is fuelling a surge in cybercrime. While AI is undeniably reshaping the threat landscape –...Read More

Microsoft has issued urgent warnings about active exploitation of critical SharePoint vulnerabilities CVE-2025-53770 and CVE-2025-53771 by multiple threat actors, including the China-based group Storm-2603, which has been deploying Warlock ransomware in compromised environments.  The vulnerabilities affect on-premises SharePoint Server 2016, 2019, and Subscription Edition, with exploitation attempts observed as early as July 7, 2025. Key...Read More

International law enforcement agencies delivered a significant blow to cybercriminals this week with the successful takedown of critical infrastructure belonging to the BlackSuit ransomware gang. The coordinated operation, dubbed “Operation Checkmate,” has effectively dismantled the group’s primary communication and extortion platforms, marking a major victory in the ongoing battle against ransomware threats. Global Law Enforcement...Read More

Government authorities and cybersecurity teams around the world are responding to a wave of cyberattacks targeting critical vulnerabilities in Microsoft SharePoint.  The attack wave began in early July before rapidly escalating late last week, affecting important systems at government agencies, critical infrastructure providers and other SharePoint customers.  The intrusions are exploiting ToolShell, an attack sequence...Read More

One of the groups that, in the past few weeks, has been exploiting vulnerabilities in on-prem SharePoint installation has been observed deploying Warlock ransomware, Microsoft shared on Wednesday. First attack spotted on July 7th On Saturday, Microsoft announced that attackers have been spotted exploiting a zero-day variant (CVE-2025-53770) of a SharePoint vulnerability (CVE-2025-49706) that the...Read More

A major win against cybercrime happened this week, as authorities from around the world teamed up to take down key websites run by the BlackSuit ransomware gang. If you visit the group’s data leak site or their negotiation portal now, you’ll only see a large notice stating that the site has been seized by law...Read More

The Federal Bureau of Investigation (FBI) in collaboration with U.S. Cybersecurity and Infrastructure Security Agency (CISA), Department of Health and Human Services (HHS), and Multi-State Information-Sharing and Analysis Center (MS-ISAC) have released a joint Cybersecurity Advisory on Interlock ransomware, which was first seen in 2024 and often targets Windows and Linux virtual machines. The advisory...Read More

The BlackSuit ransomware operation has been disrupted by coordinated international law enforcement. A splash screen appeared on their leak site this week: THIS DOMAIN HAS BEEN SEIZED This site has been seized by U.S. Homeland Security Investigations as part of a coordinated international law enforcement investigation. OPERATION CHECKMATE Numerous agencies were involved in Operation Checkmate,...Read More

A healthcare tech company is warning millions of Americans that their personal data has been stolen by hackers. Data breach notices from Vermont and California’s state governments say Episource – which provides software and other solutions to healthcare plans and providers – suffered a hack affecting 5.4 million people. Episource told regulators and its clients...Read More