Extortion-Only Attacks Increase, With Data Theft Dominating Ransomware Claims
Extortion-only attacks are increasing as data theft drives most ransomware claims, with many organizations unable to stop stolen data from being exposed
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Extortion-only attacks are increasing as data theft drives most ransomware claims, with many organizations unable to stop stolen data from being exposed
A 5-year study on the Ransomware Economy found that 30,515 exposed databases were hit by ransom attacks, causing massive damage despite victims never paying. Database extortion doesn’t look like the ransomware stories that usually grab headlines. There’s no slick branding, no leak-site countdown, no gang posting memes on Telegram. In most cases, there’s just a […]
Exploitation was underway before patches landed, at least one victim reports ransomware demand
Exploitation was underway before patches landed, at least one victim reports ransomware demand CISA has added a critical cPanel bug to its known-exploited list, confirming that attackers are already poking holes in one of the internet's most widely used hosting stacks.…
When 0APT and KryBit attacked each other, they exposed infrastructure and operational data, giving defenders rare insight into ransomware operations.
Also, Eurail Breach, ChipSoft Hospital Disruptions, W3LL Phishing TakedownThis week, a "Raccoon"-linked actor hit help desks, Eurail exposed 308K users, Fortinet patched critical flaws, Pushpaganda scams, major data leaks hit healthcare and China, ransomware and phishing ops surged, and multiple breaches impacted firms and hospitals.
Publisher claims misconfigured Salesforce-hosted page leaked data Textbook giant McGraw Hill has landed on a ransomware crew's leak site after an alleged Salesforce-linked misconfiguration spilled 13.5 million records into the wild.…
A China-based threat actor known for deploying Medusa ransomware has been linked to the weaponization of a combination of zero-day and N-day vulnerabilities to orchestrate "high-velocity" attacks and break into susceptible internet-facing systems
Interlock's post-exploit toolkit exposed Ransomware criminals exploited CVE-2026-20131, a maximum-severity bug in Cisco Secure Firewall Management Center software, as a zero-day vulnerability more than a month before Cisco patched the hole, according to Amazon security boss CJ Moses.…
State CIO Tim Galluzi on Identity Modernization, AI and Resident ServicesThe State of Nevada is accelerating its cybersecurity and digital modernization efforts after a major ransomware attack exposed the importance of resilience, workforce readiness and strong governance, said State CIO Tim Galluzi.
An attack on the company’s AWS platform may have exposed customers' names and home addresses Exclusive ELECQ, maker of smart electric vehicle (EV) chargers, is warning customers that their personal details may have been stolen in a ransomware attack that encrypted and copied user data from its cloud systems.…
ManuSec Canada Speakers From Subaru and Toronto Transit Discuss Cyber ResilienceCanadian manufacturers face rising cyber risk as IT and OT systems converge. Leaders from Subaru Canada and the Toronto Transit Commission outline how ransomware, supply chain exposure and legacy OT vulnerabilities demand stronger resilience, segmentation and incident response readiness.
Lawsuit Claims SonicWall Cloud Backup Flaw Led to Ransomware Attack Against MarquisMarquis Software Solutions has sued SonicWall alleging a cloud backup data breach exposed firewall configuration files, including credentials and multifactor authentication scratch codes. The firm says the breach enabled an August 2025 ransomware attack and triggered dozens of class action lawsuits.
PLUS: Fake ransomware group exposed; EC blesses Google's big Wiz deal; Alleged sewage hacker cuffed; And more Infosec in Brief The former General Manager of defense contractor L3Harris’s cyber subsidiary Trenchant sold eight zero-day exploit kits to Russia, according to a court filing last week.…
Modern ransomware has shifted from encryption to psychological extortion that exploits fear, liability, and exposure. Flare shows how today's ransomware groups weaponize stolen data and pressure tactics to force payment. [...]
Feras Albashiti faces 10 years after $20,000 in sales to undercover agent exposed ransomware ties A Jordanian national faces sentencing in the US after pleading guilty to acting as an initial access broker (IAB) for various cyberattacks.…
Maine filing confirms July attack affected 42,521 employees and job applicants Ingram Micro disclosed that a July 2025 ransomware attack compromised the personal data of tens of thousands of employees.…
The Kyowon Group (Kyowon), a South Korean conglomerate, disclosed that a cyberattack has disrupted its operations and customer information may have been exposed in the incident. [...]
Patches Issued for MongoBleed as Ransomware Groups Target Flaw to Steal DataTens of thousands of internet-exposed MongoDB databases are at risk as attackers actively target a critical vulnerability in the software to steal sensitive data, with ransomware groups having joined the fray, researchers warn. MongoDB has issued patches and mitigation advice.
Also: SudamericaData Leak, RaccoonO365 Arrest and Nefilim Conspirator Pleads GuiltyThis week: Spotify metadata scraped, Nissan disclosed third-party breach, millions of Argentines exposed to data leak, African police arrested hundreds in a cybercrime sweep, Nigeria nabbed a phishing operator, the U.S. DOJ charged ATM jackpotting ring and Nefilim ransomware affiliate pleaded guilty.