This page collects WhisperX intelligence signals tagged #qilin. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A Utah-based senior care provider, Rocky Mountain Care, is grappling with a confirmed data breach after the Qilin ransomware group claimed responsibility and posted the company to its dark web leak site. The incident, which involved unauthorized access to parts of the network containing patient information, occurred ov...
Advanced Laundry Systems has been identified as a claimed victim of the QILIN ransomware operation, according to dark web monitoring sources and OSINT channels. The company's appearance on ransomware tracking platforms signals a potential data breach and possible operational disruption, though the full scope of the inc...
The QILIN ransomware operation has publicly claimed Exco Technologies as its latest victim, posting the organization to its dark web leak site. The listing signals active extortion pressure against the Canadian manufacturing firm, with the threat of data exposure now hanging over the company. QILIN, a ransomware-as-a-s...
The QILIN ransomware operation has added a shipping services entity to its dark web leak site, signaling another potential data breach in the logistics and maritime transport sector. The listing appeared on the group's Tor-based portal, a common tactic used by ransomware actors to pressure victims into paying extortion...
The QILIN ransomware operation has publicly claimed CCD Interiors as its latest victim, posting the interior design firm to its dark web leak site. The listing signals that the company has entered the crosshairs of an increasingly active ransomware group known for targeting small and mid-sized enterprises across multip...
The QILIN ransomware operation has publicly claimed Fogel Capital Management as its latest victim, adding the financial services firm to its dark web leak site. The listing appeared on ransomware monitoring channels, signaling that the investment management company has entered the crosshairs of an increasingly aggressi...
The QILIN ransomware operation has listed DL Cohen Construction as a claimed victim, signaling another targeted intrusion in the construction sector. The announcement appeared on dark web channels associated with the group, with indicators pointing to a data breach component alongside encryption activity. Security rese...
The QILIN ransomware operation has listed Ruiz Barbarin Arquitectos Slp—a Spanish architectural firm—among its claimed victims, according to a victim tracking report from RedPacket Security. The listing suggests the threat actors may have gained access to the firm's systems and potentially exfiltrated data, though the ...
The QILIN ransomware operation has publicly listed CAD-IT UK as its latest claimed victim, adding the UK-based engineering software solutions provider to its dark web leak site. The listing surfaced on threat intelligence channels, marking another escalation in the group's targeting of European technology and professio...
Two ransomware-as-a-service operations, DragonForce and Qilin, have published fresh victim entries on their respective dark web leak sites, according to real-time threat intelligence monitoring. DragonForce listed CF Evans Construction as a newly compromised target, while Qilin simultaneously posted Lindabury on its le...
The Qilin ransomware operation has added Imex International to its dark web leak site, according to posts observed on the platform, suggesting the threat actors have completed a data exfiltration phase following a network intrusion. The listing indicates the group now possesses sensitive data from the victim and appear...
The ransomware actor known as "Qilin" has posted an unverified claim targeting Fogel Capital Management, according to threat intelligence circulating on dark web monitoring channels. The nature and extent of the alleged incident remain undisclosed, and the claim has not been independently confirmed. Security researcher...
The ransomware-as-a-service group Qilin has posted a claim on a dark-web forum asserting that it obtained undisclosed data from Fogel Capital Management, a financial services firm. The claim, dated May 2026 according to the associated intelligence link, appeared on the social media platform Mastodon and remains unverif...
A new post from the Qilin ransomware group has surfaced referencing the shipping services sector, according to a post on Mastodon. The announcement, which links to a RansomLook group page for Qilin, suggests the threat actors may be preparing to target or have already targeted organizations within the shipping and logi...
The ransomware-as-a-service group Qilin has reportedly posted about Exco Technologies, a Canadian industrial extrusion machinery manufacturer, on a dark-web leak site linked to the threat actor. The post, detected via threat intelligence monitoring feeds, signals a potential ransomware incident or data exfiltration tar...
The ransomware operation Qilin has posted what appears to be a listing targeting Keller Williams Real Estate's Exton franchise location, according to a post detected on dark-web monitoring channels. The announcement places the real estate office among the group's recent victims, though the nature and scope of the claim...
The Qilin ransomware operation has listed Mediapost Spain on its dark web leak site, according to a post shared on Mastodon referencing the RansomLook monitoring platform. The listing signals that the Spanish arm of the European postal and logistics company has fallen victim to the ransomware group's double-extortion t...
A newly documented ransomware and extortion operation known as "The Gentlemen" has rapidly scaled into a high-volume threat actor since emerging publicly in the second half of 2025, according to intelligence indicators. Cybersecurity researchers are closely tracking the group's growth trajectory, which appears to refle...
The QILIN ransomware operation has added LTJ Industrial Services to its public victim roster, signaling potential data exposure from the industrial sector. RedPacket Security, a threat intelligence tracker, documented the addition, indicating the group may possess sensitive corporate data and is demanding payment to pr...
The Qilin ransomware operation has listed Brand X Hydrovac Services among its victims, adding another company from the industrial services sector to its growing list of compromised organizations. The disclosure emerged through the group's dark web leak site, where Qilin claims to hold data exfiltrated from the target. ...