New Spirals ransomware encrypts victim network in under 24 hours
A new ransomware actor called Spirals completed a corporate intrusion, from initial access to data theft and encryption, in less than 24 hours. [...]
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
A new ransomware actor called Spirals completed a corporate intrusion, from initial access to data theft and encryption, in less than 24 hours. [...]
Multi-extortion ransomware relies on stolen data to pressure victims with public leaks. Penta Security explains how its D.AMO platform keeps exfiltrated files encrypted and useless to attackers. [...]
Cybercrime Group First Listed Ohio Health System as a Data Theft Victim Last JuneOhio-based Kettering Health is notifying current and former patients and "affiliates" that their personal, health and financial information was potentially compromised in a May 2025 ransomware attack and data theft incident claimed by cybercriminal gang Interlock.
Revenue From Supply-Chain Attacks by Clop Group Sharply Fell, Report InvestigatorsOnce lucrative steal-and-leak campaigns pioneered by Russian ransomware group Clop look set to go the way of the dinosaurs. While an estimated 25% of victims paid a ransom in the inaugural campaign five years ago, the number of victims that paid fell to zero by 2023, report ransomware responders.
Cybercrime Gang Rhysida Still Lists the Practice on Its Leak Site Among Its VictimsA Kansas medical group will pay $1.2 million to settle proposed class action litigation involving an attack that compromised the sensitive data of nearly 256,000 individuals. The Rhysida ransomware operation claimed responsibility and said it stole 3 terabytes.
Analysis of Seized LockBit Data Suggests Victims Who Pay Enjoy More Media CoverageBad news for any organization that's ever paid a ransom in a bid to avoid their breach coming to light, or for a promise from attackers to delete stolen data, with a study of seized LockBit data finding that victims who paid a ransom were more likely to see the attack get detailed in the media.
Inotiv Tells SEC 'It's Still Evaluating Full Impact and Notifying Breach Victims'Drug research firm Inotiv in a filing with federal regulators said it is still evaluating the financial and operational impact of an August cyberattack that's linked to ransomware gang Qilin. The company is also notifying nearly 10,000 people whose data was allegedly stolen in the incident.
Clop's Oracle EBS exploit spree shows no sign of slowing, claims nearly 30 more casualties in media, finance, and tech. Digital engineering outfit GlobalLogic says personal data from more than 10,000 current and former employees was exposed in the wave of Oracle E-Business Suite (EBS) attacks attributed to the Clop ransomware gang. The Hitachi-owned biz joins a growing roster of high-profile victims that also now includes The Washington Post and Allianz UK.…
Criminals Claim Leak of Customer Data From Six Victims, Including Qantas AirlinesA ransomware group that's been extorting Salesforce customers leaked some stolen data, following the FBI disrupting its shakedown sites. ShinyHunters, part of the rebranded Scattered Lapsus$ Hunters group, after leaking data from six victims, declared its Salesforce customer shakedown over.
Asahi confirmed it has fallen victim to a ransomware attack, and revealed it has started manual order processing amid ongoing operational disruption
Scattered Lapsus$ Hunters Claims 1 Billion Stolen Records, Pressures Victims to PayContinuing its ongoing extortion of Salesforce customers, the Scattered Lapsus$ Hunters ransomware operation has launched a data leak site, claiming to have stolen 1 billion records from hundreds of organizations that integrated Salesforce with the Salesloft Drift AI chatbot.
Now-Dormant Gang Claimed North Carolina, Florida Groups on Data Leak Site This YearTwo medical practices - in North Carolina and Florida - are notifying a total of more than 700,000 patients whose information was potentially stolen in separate hacks earlier this year. The now-dormant ransomware gang BianLian had claimed both organizations as victims on its dark website.
AI-powered ransomware, extortion chatbots, vibe hacking … just wait until agents replace affiliates It's no secret that AI tools make it easier for cybercriminals to steal sensitive data and then extort victim organizations. But two recent developments illustrate exactly how much LLMs lower the bar for ransomware and other financially motivated cybercrime — and provide a glimpse to defenders about what's on the horizon.…
CRM Breach May Be Tied to Ongoing Scattered Spider and ShinyHunters CampaignCloud software giant Workday said its customer relationship management software has been breached and customer data stolen. The alert comes as attackers continue to pose as employees to trick help desks into giving them direct access to a victim's Salesforce CRM instance.
Some custom malware, some legit software tools At least a dozen ransomware gangs have incorporated kernel-level EDR killers into their malware arsenal, allowing them to bypass almost every major endpoint security tool on the market, escalate privileges, and ultimately steal and encrypt data before extorting victims into paying a ransom.…
Researchers See 'Acceleration' in Existing Threats, Ongoing Criminal SuccessCybercrime so far this year can be summarized as featuring "more of everything," with researchers tracking increases in the number of ransomware and data breach victims, credentials stolen by infostealers, and new vulnerability disclosures with exploits coming to light.
Though the victims list on its site has since been taken down, the group plans on leaking the rest of the files stolen from its victims.
Exposes Details of Victims, 'Aggressive' Negotiations, Cryptocurrency AddressesOne year to the day after an international law enforcement operation unmasked and indicted the leader of the notorious LockBit ransomware group, a hacker has sent the group another love letter.
What Do You Mean, Hospital-Targeting Sociopath Ransomware Wielders Continue to Lie?A ransomware group reusing the Babuk ransomware brand claims to have stolen data from the likes of Amazon, Delta and US Bank. Just one problem: Security experts found a startling overlap between its claimed victims and previous attacks scored by the likes of Clop, LockBit and RansomHub.
The ransomware-as-a-service (RaaS) cybercrime group intends to leak the stolen information in just two days, it claims; but oddly, it doesn't seek a ransom payment from its victim.