This page collects WhisperX intelligence signals tagged #ransomware. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
Intelligence from our network indicates that several prominent Russian state-linked ransomware groups, including those with known ties to GRU intelligence, are leveraging a network of seemingly legitimate cryptocurrency exchanges and payment processors operating out of Hong Kong. These entities act as intermediaries, f...
Our analysis of recent ransomware attacks linked to Russian state-adjacent groups reveals a highly organized infrastructure for cashing out illicit gains. Instead of direct transfers, these actors are leveraging a network of 'liquidity providers' in Eastern Europe and, surprisingly, emerging digital asset hubs in Duba...
A routine alert for a Remote Desktop Protocol (RDP) brute-force attack led security researchers down an unexpected path, uncovering a sophisticated and geographically distributed infrastructure network suspected of supporting ransomware operations. The investigation, detailed by Huntress Labs, began with a single compr...
The assassination of a senior Iranian leader has ignited a major escalation in the Middle East, causing significant global market volatility. This development has triggered acute concern within the US financial services industry regarding the heightened risk of retaliatory cyberattacks originating from Iran or its prox...
Conduent, a major national payment processing company, has confirmed a ransomware attack that resulted in a data breach. The company provides critical payment processing services for numerous state governments and health insurance companies, handling sensitive financial and potentially health-related data. The breach i...
A prolific data ransom gang calling itself Scattered Lapsus ShinyHunters (SLSH) employs a distinctive and aggressive extortion playbook. Unlike traditional, regimented ransomware groups, SLSH is an unruly, fluid English-language gang that focuses on harassing, threatening, and even swatting executives and their familie...
In Episode 15 of Dark Reading Confidential, the story details how Interpol enlisted the expertise of threat hunter Will Thomas and his team to dismantle a sprawling African cybercrime syndicate. The operation resulted in the arrest of 574 suspects, the recovery of over $3 million in illicit funds, and the successful de...
A Kentucky pediatric provider has disclosed a major ransomware attack, with a threat actor claiming to have stolen nearly a terabyte of sensitive patient data. Physicians to Children & Adolescents reported that the breach, attributed to the Cactus ransomware group, potentially exposed the personally identifiable and pr...
Hasbro, the American toymaking giant behind brands like Transformers and My Little Pony, has been hacked, and the company warns it may take 'several weeks' to fully recover. The breach is severe enough that the company is still actively implementing measures to secure its business operations, a strong indication that t...
A Utah-based senior care provider, Rocky Mountain Care, is grappling with a confirmed data breach after the Qilin ransomware group claimed responsibility and posted the company to its dark web leak site. The incident, which involved unauthorized access to parts of the network containing patient information, occurred ov...
A ransomware attack has compromised the sensitive personal data of more than 12,000 individuals connected to the Children’s Council of San Francisco. The breach, which began as a network disruption on August 3, 2025, was later confirmed to involve unauthorized access and the acquisition of protected health information ...
The threat landscape has intensified, with ransomware-as-a-service (RaaS) operations and sophisticated supply chain attacks driving a surge in critical incidents. Over the past 24 hours, six reports were rated critical, dominated by DragonForce claiming five new victims across pharmaceuticals, manufacturing, and retail...
The anonymous hacker known as "UNKN," the elusive leader behind the notorious Russian ransomware groups GandCrab and REvil, has been publicly identified. German authorities have named 31-year-old Russian national Daniil Maksimovich Shchukin as the individual who ran both cybercrime syndicates. The German Federal Crimin...
The first week of 2026 opened with a global surge in cyber conflict and regulatory pressure. In the US, two cybersecurity professionals pleaded guilty for their roles in the 2023 BlackCat/ALPHV ransomware campaign, which targeted over 1,000 organizations, caused $9.5 million in losses, and extracted a $1.2 million Bitc...
The ShinyHunters cybercrime gang has targeted Las Vegas hospitality and casino giant Wynn Resorts, demanding a $1.5 million ransom to prevent the leak of a massive trove of sensitive employee data. The group claims to have stolen over 800,000 records containing employees' Social Security numbers, salaries, and other pr...
Rockstar Games faces a direct ransom threat after a cybercriminal group breached its systems, contradicting the company's public downplaying of the incident. The group ShinyHunters claims it accessed Rockstar's data through a compromised third-party analytics service, Anodot, which was connected to the company's Snowfl...
A significant data breach at business analytics firm Anodot has left more than a dozen of its corporate customers facing extortion demands. The attack, which targeted Anodot's systems, successfully exfiltrated sensitive data, placing major companies like Rockstar Games in the crosshairs of cybercriminals. This incident...
Cryptocurrency exchange Kraken is under direct extortion pressure, with an attacker demanding payment in exchange for stolen customer data. The exchange has publicly refused to negotiate or pay the ransom, framing the incident as a criminal extortion attempt rather than a standard security breach. This stance puts Krak...
Крупнейший игровой разработчик Rockstar Games оказался в центре кибератаки, связанной с утечкой корпоративной информации. Хакерская группировка ShinyHunters, известная своими громкими атаками, предъявила студии ультиматум с конкретным сроком: выплатить выкуп до 14 апреля 2026 года, в противном случае похищенные данные ...
A major ransomware group has listed textbook publishing giant McGraw Hill on its data leak site, claiming possession of 13.5 million records. The exposure stems from an alleged misconfiguration in a Salesforce-hosted environment, turning a standard corporate portal into an open-source intelligence goldmine for cybercri...