Security news aggregator

Latest coverage for Ransom

Ransom-related coverage examines extortion demands, data theft, and disruption caused when attackers lock or threaten to expose systems.

4 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Ransomware is malicious software that disrupts access to systems or data, typically by encrypting files, to pressure a victim into paying. Modern campaigns may also steal data and threaten to publish it, making the demand a form of extortion even when encryption is unsuccessful. Common access routes include phishing, exposed remote services, stolen credentials, and unpatched vulnerabilities, though no single route is universal.

Important safeguards include regularly tested, offline or otherwise isolated backups; multifactor authentication and least-privilege access; network segmentation; and timely remediation of known, internet-facing vulnerabilities. During an incident, organizations should isolate affected systems, preserve evidence, identify the scope of compromise, and coordinate recovery and legal or regulatory decisions. Payment does not guarantee data recovery or deletion. Threat intelligence may help identify associated infrastructure or available decryptors, while documented recovery plans reduce dependence on an attacker’s demands.

Showing 4 most recent headlines Filtered view

CRM Data Theft Tied to OAuth Tokens Stolen From Third-Party Market Intelligence AppSalesforce disabled connections to its customer relationship management environment from third-party app Klue Battlecards as a response to a "security incident." Attackers breached Klue's platform, generated OAuth tokens for Salesforce and stole data, now being held to ransom.

iRhythm: Patient Information and 'Proprietary' Data Breached, Held for RansomCardiac monitoring firm iRhythm Technologies has told the U.S. Securities and Exchange Commission that hackers recently stole proprietary data and patient health information from "certain" third-party-hosted business applications, and demanded a ransom. The company did not disclose whether it paid.

FulcrumSec leaked data stolen from Novo Nordisk, claiming to have exfiltrated 1.3TB, including clinical records and AI research assets. On June 15, 2026, a data-theft extortion group calling itself FulcrumSec began leaking files from Novo Nordisk, the Danish maker of Ozempic and Wegovy, after the company refused a $25 million ransom demand. The attackers claimed […]

iRhythm disclosed a cyberattack via third-party apps where patient and proprietary data was stolen, followed by a ransom demand. iRhythm Technologies is a U.S.-based digital healthcare company specializing in remote cardiac monitoring and arrhythmia detection. Its best-known product is the Zio, a wearable patch that continuously records a patient’s heart rhythm for up to several […]