Security news aggregator

Latest coverage for Qilin

Qilin is a ransomware operation whose coverage examines reported incidents, technical analysis, disruption efforts, and defensive guidance for organizations.

11 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Qilin is a ransomware family and criminal operation, also reported under the name Agenda. The tag covers reported intrusions attributed to Qilin, technical analysis of its encryptors and supporting infrastructure, disruption efforts, and practical defensive guidance. Reports can differ in confidence, so attribution should be checked against malware behavior, infrastructure evidence, and reliable incident reporting rather than a ransom note alone.

For defenders, Qilin-related coverage is most useful for identifying file-encryption activity, validating detection and containment procedures, and tracking changes between samples or campaigns. Priorities include promptly remediating internet-facing vulnerabilities, restricting and monitoring remote administration, protecting privileged credentials, and maintaining offline or otherwise isolated backups that are regularly tested. During a suspected incident, isolate affected systems, preserve logs and forensic evidence, and avoid destroying indicators that can support scoping, recovery, and notification decisions.

Volume over time

Weekly headline count for the current query.

Showing 11 most recent headlines Filtered view
Bank Info Security 6 months, 1 week ago

Covenant Health Notifying 480K Patients of 2025 Data Theft

Ransomware Gang Qilin Had Claimed It Stole 852 GB of Health System's DataNearly half a million patients of a Catholic healthcare network that serves New England and parts of Pennsylvania began the new year by receiving notifications that hackers may have stolen their health information in a May 2025 hacking incident.

Also, Dutch Defend the Nexperia Takeover, Hikvision Challenges FCC, Qilin StrikesThis week, likely North Korean hackers exploited React2Shell. The Dutch government defended its seizure of Nexperia. Prompt injection may be here to stay. Hikvision pushed back against a new U.S. crackdown. Qilin claimed it hacked Scientology, Microsoft Patch Tuesday and MuddyWater activity.

Inotiv Tells SEC 'It's Still Evaluating Full Impact and Notifying Breach Victims'Drug research firm Inotiv in a filing with federal regulators said it is still evaluating the financial and operational impact of an August cyberattack that's linked to ransomware gang Qilin. The company is also notifying nearly 10,000 people whose data was allegedly stolen in the incident.

Bank Info Security 8 months, 3 weeks ago

Breach Roundup: the Qilin Hack That Wasn't

Also, Envoy Air Confirms Data Compromise Following Clop Extortion CampaignThis week, Qilin didn't hack a Spanish tax agency, Nexperia standoff, Envoy Air confirmed a data compromise, Experian Netherlands fined 2.7M euros, ToolShell used to breach global networks, flaws in TP-Link Omada and Festa VPN routers and a New York firm settled a cybersecurity investigation.

Reigning Ransomware Group Thrives in Part Through Affiliated Cybercrime ServicesSecurity experts say the greatest number of ransomware attacks in recent months has continued to trace to the long-running crime group Qilin, and that the group's reign is enabled in no small part through an apparently close affiliation with a network of bulletproof hosting providers.

Bank Info Security 9 months, 1 week ago

Breach Roundup: Insurers Spend Big on Cybersecurity

Also, a Renault Breach, WhatsApp Malware and Qilin Claims Asahi AttackThis week, insurer cybersecurity spending, a Renault breach, a WhatsApp malware campaign in Brazil. Germany skeptical of Chat Control. Two UK teens arrested for ransomware attack. Qilin claimed the attack on Japan's Asahi. Hackers weaponized Nezha. An Invoice data breach exposed personal records.

Bank Info Security 10 months, 3 weeks ago

Drug R&D Firm's IT, Data Encrypted in Alleged Qilin Attack

Inotiv Inc. Tells SEC Some Business Operations Disrupted, No Recovery Date in SightInotiv, a drug research and development firm, told federal regulators that it's been dealing with a cyberattack since Aug. 8 that has encrypted some IT systems and data, and is disrupting certain business operations. Ransomware gang Qilin has listed the company as a victim on its dark website.

Ransomware Gang Qilin Claims to Have 42GB of Practice's Stolen DataRansomware group Qilin posted at least 42 gigabytes of data stolen from a Texas pediatric orthopedic practice for sale on its darkweb leak site in February. In recent days, Central Texas Pediatric Orthopedics began notifying more than 140,000 people that their data was compromised by hackers.

Bank Info Security 1 year, 8 months ago

Updated Qilin Ransomware Escalates Encryption and Evasion

Rust-Based Ransomware Employs Aggressive Anti-Detection TacticsOperators of a Russian-speaking ransomware group launched a new encryptor with enhanced measures for defeating cyber defenders including wiping logs, disrupting backup systems and stopping decryption without insiders knowledge. The same group disrupted London hospitals in a July attack.

Bank Info Security 2 years ago

Qilin Ransomware Group Leaks NHS Data

The Group Published 104 Files It Says Come From NHS Hospitals in LondonA ransomware group late Thursday published information stolen during an attack that's led to postponed cancer treatment and organ transplant surgeries at two London National Health Service hospitals. The Qilin ransomware group hit Synnovis, a U.K. provider of medical lab services.

Patient Care, Including Transplants, Still Disrupted at London Hospitals, ClinicsA ransomware attack on a pathology services firm earlier this week continues to disrupt patient care, including transplants, blood testing and other services, at multiple NHS hospitals and primary care facilities in London. Russian-speaking cybercrime group Qilin is believed to be behind the attack.