Trigona ransomware attacks use custom exfiltration tool to steal data
Recently observed Trigona ransomware attacks are using a custom, command-line tool to steal data from compromised environments faster and more efficiently. [...]
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Recently observed Trigona ransomware attacks are using a custom, command-line tool to steal data from compromised environments faster and more efficiently. [...]
The ransomware operation known as LeakNet has adopted the ClickFix social engineering tactic delivered through compromised websites as an initial access method
A new malware strain dubbed Slopoly, likely created using generative AI tools, allowed a threat actor to remain on a compromised server for more than a week and steal data in an Interlock ransomware attack. [...]
Cybercrime Group First Listed Ohio Health System as a Data Theft Victim Last JuneOhio-based Kettering Health is notifying current and former patients and "affiliates" that their personal, health and financial information was potentially compromised in a May 2025 ransomware attack and data theft incident claimed by cybercriminal gang Interlock.
Researchers say breaches link identity abuse, SaaS compromise, and ransomware into a cascading cycle Cybercriminals are turning supply chain attacks into an industrial-scale operation, linking breaches, credential theft, and ransomware into a "self-reinforcing" ecosystem, researchers say.…
Full Scope of Clop Ransomware Group's Oracle E-Business Suite Hits Still EmergingThe University of Phoenix is notifying 3.5 million individuals that their personal information was compromised in a data breach. The theft traces to the Clop ransomware group's supply-chain campaign against users of Oracle E-Business Suite, in which it wield two zero-day vulnerabilities.
Cybercrime Gang Rhysida Still Lists the Practice on Its Leak Site Among Its VictimsA Kansas medical group will pay $1.2 million to settle proposed class action litigation involving an attack that compromised the sensitive data of nearly 256,000 individuals. The Rhysida ransomware operation claimed responsibility and said it stole 3 terabytes.
The SafePay ransomware gang is threatening to leak 3.5TB of data belonging to IT giant Ingram Micro, allegedly stolen from the company's compromised systems earlier this month. [...]
Several ransomware actors are using a malware called Skitnet as part of their post-exploitation efforts to steal sensitive data and establish remote control over compromised hosts
Ransomware Gang Qilin Claims to Have 42GB of Practice's Stolen DataRansomware group Qilin posted at least 42 gigabytes of data stolen from a Texas pediatric orthopedic practice for sale on its darkweb leak site in February. In recent days, Central Texas Pediatric Orthopedics began notifying more than 140,000 people that their data was compromised by hackers.
After claiming responsibility for the ransomware attack in 2024, the "Embargo" ransomware group posted 1.15 terabytes of stolen data to its public Tor site.
Ransomware Group Embargo Claims to Have Published 1.15TB of Hospital's Stolen DataA rural Georgia hospital and its nursing home are among several other regional healthcare entities notifying tens of thousands of patients that their information was compromised in recent hacks. Ransomware gang Embargo claims to have published 1.15 terabytes of stolen data in one of those incidents.
Amateurish Ransomware Group Doubles as HackstivistsCybersecurity researchers discovered an artificial intelligence-driven ransomware group that emerged at the end of last year and compromised more than 85 victims worldwide. The group uses double extortion, combining data theft with encryption.
Missouri-Based Hospital Chain Initially Reported That Attack Affected Only 500Seven months after a ransomware disrupted its IT systems for weeks, Catholic hospital chain Ascension Health is now notifying nearly 5.6 million current and former patients and employees that the incident - which also involved data theft - potentially compromised their information.
The threat actor known as Storm-0501 has targeted government, manufacturing, transportation, and law enforcement sectors in the U.S. to stage ransomware attacks
American semiconductor supplier Microchip Technology Incorporated has confirmed that employee information was stolen from systems compromised in an August cyberattack, which was later claimed by the Play ransomware gang. [...]
The threat actors behind a recently observed Qilin ransomware attack have stolen credentials stored in Google Chrome browsers on a small set of compromised endpoints
Leaves a trail of ransomware infections, data theft, business email compromise in its wake Insight The developers of EvilProxy – a phishing kit dubbed the "LockBit of phishing" – have produced guides on using legitimate Cloudflare services to disguise malicious traffic. This adds to the ever-growing arsenal of tools offering criminals who lack actual technical expertise to get into the digital thievery biz.…
The Incident Involves Ransomware Encryption and Follows Familiar, Concerning TrendsA large, Seattle-based surgical group is notifying nearly 437,400 individuals that their information was potentially compromised in a ransomware and data theft incident earlier this year. The breach is part of a larger, disturbing trend in the healthcare sector in 2023.
The Toronto Public Library (TPL) confirmed that the personal information of employees, customers, volunteers, and donors was stolen from a compromised file server during an October ransomware attack. [...]