Government Agencies Falling Victim to Ransomware Daily, Warns Study
Government organizations are targeted by attackers who know agencies cannot afford disruption to public services
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Government organizations are targeted by attackers who know agencies cannot afford disruption to public services
On July 2, 2026, CISA added CVE-2026-45659, a SharePoint Server RCE, to its Known Exploited Vulnerabilities catalog with a two-day patch deadline. Storm-2603 is using it to stage Warlock ransomware, living off the land the whole way. Here is why it matters, plus a free 12-rule Sigma pack to hunt it.
Researchers warn that collaboration could lead to “unprecedented” ransomware attacks, as FBI also issues warning
CISA confirms BlueHammer (CVE-2026-33825) is now used in ransomware attacks to gain SYSTEM privileges through Microsoft Defender. BlueHammer, tracked as CVE-2026-33825, has moved from proof-of-concept noise to real ransomware attacks in the wild, the US CISA confirms. BlueHammer allows attackers to escalate privileges locally in Microsoft Defender. The vulnerability, along with two other zero-days dubbed […]
Analysis of ransomware incidents by researchers at Black Kite found that attacks have risen by over 50% in the last year, with supply chain attacks increasing
An NCC Group report warns state-backed hackers are attempting to hide activity by posing as ransomware groups and deploying commercially available malware
A new report from INTERPOL has revealed a "dramatic increase" in cybercrime in Asia and the South Pacific, fueled by rapid digitalization, internet penetration, new technologies, organized criminal networks, and a disparity in cybersecurity maturity
How the Anubis ransomware group stole and leaked an Italian Adriatic port authority's data
Researchers are warning that the VECT 2.0 ransomware has a problem in the way it handles encryption nonces that leads to permanently destroying larger files rather than encrypt them. [...]
Threat hunters are warning that the cybercriminal operation known as VECT 2.0 acts more like a wiper than a ransomware due to a critical flaw in its encryption implementation across Windows, Linux, and ESXi variants that renders recovery impossible even for the threat actors
Dragos' Dawn Cappelli on Evolving OT Threats and Safety Risks in ManufacturingAdversaries have moved from incidentally hitting operational technology environments to deliberately mapping industrial control loops to enable future disruption. Dawn Cappelli, director of OT-CERT at Dragos, warns that manufacturers must reckon with safety risks that go well beyond ransomware.
Notorious ransomware group Interlock has been exploiting a Cisco zero-day bug since January, AWS says
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged government agencies to apply patches for two security flaws impacting Synacor Zimbra Collaboration Suite (ZCS) and Microsoft Office SharePoint, stating they have been actively exploited in the wild
Amazon Threat Intelligence is warning of an active Interlock ransomware campaign that's exploiting a recently disclosed critical security flaw in Cisco Secure Firewall Management Center (FMC) Software
An attack on the company’s AWS platform may have exposed customers' names and home addresses Exclusive ELECQ, maker of smart electric vehicle (EV) chargers, is warning customers that their personal details may have been stolen in a ransomware attack that encrypted and copied user data from its cloud systems.…
John Hultquist suggests “aggressive” Iranian cyber attackers will target the US and its Gulf allies with plausibly deniable ransomware attacks, hacktivist campaigns and more
Hackers are actively exploiting the CVE-2026-1731 vulnerability in the BeyondTrust Remote Support product, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns. [...]
Dragos annual report warns of a surge in ransomware attacks causing increased operational disruption in industrial environments
Also: Spanish Hacker Granted Russian Asylum, Microsoft Patches Zero-DaysThis week, a CISA warning, Nest footage in Nancy Guthrie case, Signal phishing. Spanish hacker, Russian asylum. Spanish ministry services offline. BYOVD ransomware. The Conduent breach hit Volvo. Microsoft patched zero-days. ZeroDayRAT targeted devices. The SmarterMail breach. Another Fortinet flaw.
Accenture Cybersecurity warns over difficult to detect, “sophisticated toolset” being deployed as part of extortion campaigns