ransomware
32% of top-exploited vulnerabilities are over a decade old
Exploitation timelines continued to compress in enterprise environments, with newly disclosed flaws reaching active use almost immediately and older weaknesses remaining …
Cisco FMC flaw was exploited by Interlock weeks before patch (CVE-2026-20131)
A critical vulnerability (CVE-2026-20131) in Cisco Secure Firewall Management Center (FMC) that Cisco disclosed and patched in early March 2026 has been exploited as a …
EDR killers are now standard equipment in ransomware attacks
Ransomware attackers routinely deploy tools designed to disable endpoint detection and response software before launching encryptors. These tools, known as EDR killers, have …
CISA flags exploited FileZen command injection bug, patch now! (CVE-2026-25108)
CISA has added CVE-2026-25108, an OS command injection vulnerability in Soliton Systems’ FileZen secure file transfer solution, to its Known Exploited Vulnerabilities …
Japanese chip-testing toolmaker Advantest suffers ransomware attack
Japanese tech testing company Advantest has suffered a ransomware attack, the company confirmed last Thursday, after detecting unusual activity within its IT environment on …
Phobos ransomware affiliate arrested in Poland
Officers from Poland’s Central Bureau for Combating Cybercrime (CBZC) detained a 47-year-old man suspected of creating, acquiring, and sharing computer programs used to …
LockBit 5.0 ransomware expands its reach across Windows, Linux, and ESXi
The Acronis Threat Research Unit (TRU) has identified a new and significantly enhanced version of the LockBit ransomware, LockBit 5.0, currently being deployed in active …
Ransomware group breached SmarterTools via flaw in its SmarterMail deployment
SmarterTools, the company behind the popular Microsoft Exchange alternative SmarterMail, has been breached by a ransomware-wielding group that leveraged a recently fixed …
Ransomware attackers are exploiting critical SmarterMail vulnerability (CVE-2026-24423)
For the third time in two weeks, CISA added a vulnerability (CVE-2026-24423) affecting SmarterTools’ SmarterMail email and collaboration server to its Known Exploited …
CISA confirms exploitation of VMware ESXi flaw by ransomware attackers
CVE-2025-22225, a VMware ESXi arbitrary write vulnerability, is being used in ransomware campaigns, CISA confirmed on Wednesday by updating the vulnerability’s entry in …
Law enforcement tracks ransomware group blamed for massive financial losses
Law enforcement agencies in Ukraine and Germany have identified two members of a Russian-affiliated ransomware group and carried out searches in western Ukraine. Search …
Ransomware activity never dies, it multiplies
Ransomware attacks kept climbing through 2025, even as major criminal groups collapsed and reformed. A new study conducted by the Symantec and Carbon Black Threat Hunter Team …
Featured news
Resources
Don't miss
- PureLogs infostealer is stealing credentials worldwide
- Earbud sensors can authenticate users by their heartbeat, study finds
- AI is drowning software maintainers in junk security reports
- Attackers are exploiting critical NGINX vulnerability (CVE-2026-42945)
- Attackers accessed, downloaded code from Grafana Labs’ GitHub