AI-driven scams are preying on Gen Z’s digital lives​

Gone are the days when extortion was only the plot line of crime dramas—today, these threatening tactics target anyone with a smartphone. As AI makes fake voices and videos sound and look real, high-pressure plays like sextortion, deepfakes, and virtual kidnapping feel more believable than ever...

CVE-2025-61882: Imperva Customers Protected Against Critical Oracle EBS Zero-Day RCE

TL;DR: In early October 2025, Oracle released an emergency security alert addressing CVE-2025-61882, a high-severity unauthenticated remote code execution RCE vulnerability in the Concurrent Processing / BI Publisher Integration component of Oracle E-Business Suite EBS versions 12.2.3 through...

Discord Says Hackers Stole 70,000 ID Photos, Dismisses Extortion Claims

70,000 Discord users had government ID photos and private data exposed via a third-party vendor breach. See Discord's full response and critical security steps to protect your identity...

ShinyHunters Wage Broad Corporate Extortion Spree

A cybercriminal group that used voice phishing attacks to siphon more than a billion records from Salesforce customers earlier this year has launched a website that threatens to publish data stolen from dozens of Fortune 500 firms if they refuse to pay a ransom. The group also claimed...

Crimson Collective: A New Threat Group Observed Operating in the Cloud

Introduction Over the past few weeks, Rapid7 has observed increased activity of a new threat group attacking AWS cloud environments with the goal of data exfiltration and subsequent extortion of the victim. This threat group refers to itself as ‘Crimson Collective’ and has recently announced that...

Defending against database ransomware attacks

How attackers exploit exposed databases for extortion—and the defenses that work...

Cl0p-Linked Gang Attempts to Extort Oracle E-Business Customers

A ‘high-volume’ extortion campaign possibly linked to FIN11 and Cl0p is targeting Oracle E-Business executives. Mandiant and GTIG are investigating unproven data theft claims...

Google Mandiant Probes New Oracle Extortion Wave Possibly Linked to Cl0p Ransomware

Google Mandiant and Google Threat Intelligence Group GTIG have disclosed that they are tracking a new cluster of activity possibly linked to a financially motivated threat actor known as Cl0p. The malicious activity involves sending extortion emails to executives at various organizations and...

Operation Cronos and the Takedown of LockBit: A Cybersecurity Milestone

Running short on time but still want to stay in the know? Well, we’ve got you covered! We’ve condensed all the key takeaways into a handy audio summary. Introduction LockBit aka ABCD Ransomware, one of the most destructive ransomware groups in history, was dismantled in early 2024 through a...

Hackers threaten parents: Get nursery to pay ransom or we leak your child’s data

Just when you think extortionists can’t sink any lower, along comes a lowlife that manages to surprise you. The BBC reported that a group calling itself "Radiant" claims to have stolen sensitive data related to around 8,000 children from nursery chain Kido, which operates in the UK, US, China, an...

6 Browser-Based Attacks Security Teams Need to Prepare For Right Now

Attacks that target users in their web browsers have seen an unprecedented rise in recent years. In this article, we'll explore what a "browser-based attack" is, and why they're proving to be so effective. What is a browser-based attack? First, it's important to establish what a browser-based...

Generative AI as a Cybercrime Assistant

Anthropic reports on a Claude user: We recently disrupted a sophisticated cybercriminal that used Claude Code to commit large-scale theft and extortion of personal data. The actor targeted at least 17 distinct organizations, including in healthcare, the emergency services, and government and...

Claude AI chatbot abused to launch “cybercrime spree”

Anthropic—the company behind the widely renowned coding chatbot, Claude—says it uncovered a large-scale extortion operation in which cybercriminals abused Claude to automate and orchestrate sophisticated attacks. The company issued a Threat Intelligence report in which it describes several...

Oregon Man Charged in ‘Rapper Bot’ DDoS Service

A 22-year-old Oregon man has been arrested on suspicion of operating "Rapper Bot ," a massive botnet used to power a service for launching distributed denial-of-service DDoS attacks against targets -- including a March 2025 DDoS that knocked Twitter/X offline. The Justice Department asserts the...

Cybercrime Groups ShinyHunters, Scattered Spider Join Forces in Extortion Attacks on Businesses

An ongoing data extortion campaign targeting Salesforce customers may soon turn its attention to financial services and technology service providers, as ShinyHunters and Scattered Spider appear to be working hand in hand, new findings show. "This latest wave of ShinyHunters-attributed attacks...

Hypervisor-Based Double Extortion Ransomware Detection Method Using Kitsune Network Features

Double extortion ransomware attacks have become mainstream since many organizations adopt more robust and resilient data backup strategies against conventional crypto-ransomware. This paper presents detailed attack stages, tactics, procedures, and tools used in the double extortion ransomware...

TrickBot Behind More Than $724 Million in Crypto Theft and Extortion

Akamai's latest Ransomware Report 2025 reveals "quadruple extortion," new AI-driven tactics by groups like Black Basta, FunkSec, and TrickBot, and growing threats to non-profits. Learn about evolving cyber threats...

Chaos RaaS Emerges After BlackSuit Takedown, Demanding $300K from U.S. Victims

A newly emerged ransomware-as-a-service RaaS gang called Chaos is likely made up of former members of the BlackSuit crew, as the latter's dark web infrastructure has been the subject of a law enforcement seizure. Chaos, which sprang forth in February 2025, is the latest entrant in the ransomware...

GLOBAL GROUP Ransomware Claims Breach of Media Giant Albavisión

GLOBAL GROUP Ransomware targets media giant Albavisión, claims 400 GB data theft as it continues hitting global sectors with advanced extortion tactics...

FBI and CISA Warn of Interlock Ransomware Targeting Critical Infrastructure

FBI warns of Interlock ransomware using unique tactics to hit businesses and critical infrastructure with double extortion...