Although little is known, in truth, about a cybercriminal actor employing what has become known as the Cloak ransomware threat, the group has risen rapidly to gain status as a significant player in ...

LeakNet uses ClickFix via compromised sites to gain access, enabling stealth attacks and scalable ransomware operations.

The Play ransomware gang has exploited a high-severity Windows Common Log File System flaw in zero-day attacks to gain SYSTEM privileges and deploy malware on compromised systems. The vulnerability, ...

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

AI-generated Slopoly malware used by Hive0163 in 2026 attacks maintained access for over a week, highlighting how AI ...

Cybercriminals have found a new vector for ransomware attacks by abusing the Windows Quick Assist feature. These financially motivated attackers, known as Storm-1811, use social engineering tactics to ...

A ransomware affiliate known as 'hastalamuerte' has revealed operational details about a group called The Gentlemen , shedding light on its tactics, techniques and internal disputes.

Microsoft thinks it has a way to prevent ransomware from extorting money from Windows 10 users, and it's called Controlled Folder Access. Share on Facebook (opens in a new window) Share on X (opens in ...