ransomNews
@ransomnews
• your go-to source for #ransomware news, insights, and analysis • home of #RedACT monthly threat report
🚨 FREE Phobos & 8base ransomware decryptor Japanese law enforcement released official decryptor for Phobos/8base #ransomware victims following massive takedown operation (that seized 27 servers and arrested 4 Russian nationals). Decryptor confirmed working by BleepingComputer…
🚨 UPDATE: Dell confirms breach, says leaked data Is FAKE #WorldLeaks leaked 1.30TB from Dell's demo environment after failed extortion. Dell says the data is synthetic or public, with no impact on customer systems. No timeline or entry vector disclosed. #ransomNews…
🚨 Dell data breach confirmed #Dell says its demo platform was breached by #WorldLeaks #ransomware group (former Hunters). 1.3TB leaked, mostly test configs & fake data. No customer systems impacted, tho outdated contact info may be real. No ransom details disclosed, yet.…
Now #Ozzy has come home, thanks for all the time spent as the best music companion for coding and working. Ciao Ozzy 🖤 youtube.com/watch?v=DFsC6A…
👉🏻 about the group #SecuroTrop Seems like the group is spreading fake news about claims - actually by #Qilin. The group could be a spot, just like the new ALPHV group emerged on some social platform, re-selling data already found elsewhere. We're not going to monitor the group…
Prima che a qualcuno venga in mente di mettersi a monitorare il gruppo #SecuroTrop, stiamo parlando dell'ennesimo gruppo di truffatori che pubblica dati esfiltrati in occasione di attacchi #Ransomware già rivendicati da altri gruppi. Nel caso di specie, da #Qilin.
⚠️ HIV patient data from Indonesian police hospital for sale A threat actor claims to have leaked 38K+ HIV patient records from RS Polri Kramat Jati onto a dark web forum. Data includes sensitive personal & medical info, raising major privacy & ethical alarms. #ransomNews…
🚨 100+ US health datasets secretly altered without notice Lancet study reveals 49% of US federal health datasets (CDC, HHS, VA) underwent undocumented changes Jan-Mar 2025. 106 files switched "gender" to "sex," others changed "social determinants" to "non-medical factors."…
🚨 nuova rivendicazione #ransomware Italia 🚨 🏴☠️ gruppo #akira 🧬 Studio Associato Callatroni Bianchi | Castel San Giovanni (PC) 🎯 settore: consulenza 🔗 studiocallatronibianchi.com 🗓️ 21 luglio 2025 📄 sample: - ▪️ dati esfiltrati dichiarati: - ▪️ dati esfiltrati pubblicati:…
🚨 Dell data breach confirmed #Dell says its demo platform was breached by #WorldLeaks #ransomware group (former Hunters). 1.3TB leaked, mostly test configs & fake data. No customer systems impacted, tho outdated contact info may be real. No ransom details disclosed, yet.…
🚨 Dior notifies US customers of data breach Luxury brand #Dior confirms Jan 2025 breach exposed names, DOBs, SSNs, IDs - via third-party vendor. Linked to #ShinyHunters, the same attack behind the Louis Vuitton breach. No payment data leaked. #ransomNews #CyberSecurity…
⚠️ MFA under fire: PoisonSeed exploits QR codes #PoisonSeed group bypasses FIDO #MFA by tricking users into scanning real #QRcodes on spoofed sites. Attack relays credentials live, hijacking sessions with stealth. A (heavy) major leap in social engineering. 🔗 read more:…
🚨 3.5k+ sites hijacked for crypto mining A stealthy JS campaign is back: 3.5k+ websites secretly mine #crypto via obfuscated scripts, WebSockets, & Web Workers. Linked to #Magecart infra, blending #skimming & mining in a persistent digital drain. #ransomNews #CyberSecurity…
🚨 Scattered Spider evolves TTPs - now targeting airlines & insurance Microsoft warns Octo Tempest/Scattered Spider expanding beyond retail with new tactics: SMS abuse, adversary-in-the-middle attacks, #DragonForce #ransomware deployment. Shifted strategy from cloud-first to…
🚨 CISA warns of active SharePoint 0-day CVE-2025-53770 allows #RCE via untrusted data deserialization. #CISA urges urgent AMSI + Defender config or disconnecting internet-facing servers. Critical threat to enterprise infra. #ransomNews #CyberSecurity #Infosec
🚨 UNFI Cyberattack to cost $350M+ Grocery giant #UNFI expects $350/400M in lost sales after June's cyberattack. Operations have normalized, but FY losses are huge. $25M spent on mitigation; insurance expected to offset costs - Whole Foods is (was?) among key clients.…
🚨 BREAKING: new CrushFTP Zero-Day (CVE-2025-54309) under active exploitation Attackers are exploiting a fresh 0day in #CrushFTP enterprise file transfer servers to gain admin access via web interface. Exploitation began July 18th, targeting unpatched systems (<…
To read 👇🏻
5 Features Every AI-Powered #SOC Platform Needs in 2025 securityaffairs.com/180070/securit… #securityaffairs #hacking @welcomtobora
🚨 UPDATE Louis Vuitton data breach tied to ShinyHunters? LV confirms the July #databreach hit customers in UK, SK, TR, IT & SE. Believed linked to #ShinyHunters, the same group behind Dior & Tiffany hacks, likely via a 3rd-party vendor. LVMH cluster breach looms laaaaarge.…
⚠️ Luis Vuitton still recovering from cyberattack An external cybersecurity firm is at work, as reported by @HackRead - a very bad year for retail sector! 🔗 read more: hackread.com/louis-vuitton-… ..and thanks for the mention @WAK4S 🖖🏻
🚨 Ryuk ransomware suspect extradited Armenian national Karen Vardanyan faces US trial for 2019–2020 #Ryuk attacks. Accused of hitting hospitals, schools & infrastructures, netting $15M in #BTC. Extradited from Ukraine; 3 co-conspirators still abroad or at large. #ransomNews…
Sintesi riepilogativa delle campagne malevole nella settimana del 12 – 18 luglio 2025 💣 #IoC 875 🦠 #Malware 18 (famiglie) 🐟 #Phishing 14 (brand) ℹ️ Ulteriori approfondimenti 👇 🔗 cert-agid.gov.it/news/sintesi-r…
🚨 SCOTUS Backs Texas Porn ID Law In “Free Speech Coalition v. Paxton”, the Court upheld Texas’s law forcing porn sites to verify users' ages via gov’t ID, turning them into surveillance hubs. Proof of age now means loss of #privacy. A starting point: securityboulevard.com/2025/07/prove-……
