Lucene search
+L

6523 matches found

Rapid7 Blog
Rapid7 Blog
added 2026/03/18 1:0 p.m.12 views

The Attack Cycle is Accelerating: Announcing the Rapid7 2026 Global Threat Landscape Report

The predictive window has collapsed. In 2025, high-impact vulnerabilities weren’t quietly accumulating risk. They were operationalized, and often within days. Today, Rapid7 Labs released the 2026 Global Threat Landscape Report, an in-depth analysis of how attacker behavior is evolving across...

6.1AI score
Exploits0
Trellix
Trellix
added 2026/03/18 12:0 a.m.10 views

Dark Web Roast February 2026 Edition

Dark Web Roast - February 2026 Edition By Trellix Advanced Research Center · March 18, 2026 Executive Summary February 2026 delivered another stellar month in the ongoing theatre of the absurd that is the cybercriminal underground, where ransomware gangs bulk-scheduled their extortion like a...

9.8CVSS6.4AI score0.04307EPSS
Exploits1
The Hacker News
The Hacker News
added 2026/03/17 2:34 p.m.4 views

LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader

The ransomware operation known as LeakNet has adopted the ClickFix social engineering tactic delivered through compromised websites as an initial access method. The use of ClickFix, where users are tricked into manually running malicious commands to address non-existent errors, is a departure fro...

6.2AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2026/03/16 12:0 a.m.5 views

Web Shells, Tunnels, and Ransomware: Dissecting a Warlock Attack

Warlock continues to enhance its attack chain with new tactics to improve persistence, lateral movement, and defense evasion using an expanded toolset: TightVNC Yuze, and a persistent BYOVD technique leveraging the NSec driver...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/03/15 12:0 a.m.23 views

PT-2026-25544

Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A weakness exists in the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi. Manipulation of the mode argument can lead to operating system command injection. This attack can be...

7.5CVSS7AI score0.0114EPSS
Exploits0References10
Packet Storm News
Packet Storm News
added 2026/03/13 12:0 a.m.10 views

Ransomware and Artificial Intelligence: A Comprehensive Systematic Review of Reviews

This study provides a comprehensive synthesis of Artificial Intelligence AI, especially Machine Learning ML and Deep Learning DL, in ransomware defense. Using a "review of reviews" methodology based on PRISMA, this paper gathers insights on how AI is transforming ransomware detection, prevention,...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/12 5:2 p.m.7 views

Hive0163 Uses AI-Assisted Slopoly Malware for Persistent Access in Ransomware Attacks

Cybersecurity researchers have disclosed details of a suspected artificial intelligence AI-generated malware codenamed Slopoly put to use by a financially motivated threat actor named Hive0163. "Although still relatively unspectacular, AI-generated malware such as Slopoly shows how easily threat...

6.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.8 views

PT-2026-25137

Massive ransomware attack hits US healthcare sector, exploiting MedSys CVE-2026-0456 and compromising 1.5M patient records as DarkSky demands $10M ransom, disrupting hospital operations. Ransomware https://t.co/jcKWMlplzA...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/10 5:57 p.m.8 views

Malicious code in synapseml-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4ddf16f7a9941918ea74e21a3742e8f03d7b5c6f5720d7d031d2c69f8d6495c3 Installing the package starts encrypting the user's file and demanding ransom for the decryption. --- Category: MALICIOUS - The campaign has clearly malicious...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/03/10 5:57 p.m.7 views

MAL-2026-1325 Malicious code in synapseml-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4ddf16f7a9941918ea74e21a3742e8f03d7b5c6f5720d7d031d2c69f8d6495c3 Installing the package starts encrypting the user's file and demanding ransom for the decryption. --- Category: MALICIOUS - The campaign has clearly malicious...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/10 8:29 a.m.8 views

Malicious code in alinet-w (npm)

Package is malware due to ransomware-like behavior: file encryption, key exfiltration, terminal locking, ransom note, and persistence attempts. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c18fd7e3ffa16f370fa25fcc489c381958d8200bf01cd8bf3627c91301eb397 The...

5.7AI score
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/03/08 12:0 a.m.5 views

Post-Quantum Federated Learning: Secure and Scalable Threat Intelligence for Collaborative Cyber Defense

Collaborative threat intelligence via federated learning FL faces critical risks from quantum computing, which can compromise classical encryption methods. This study proposes a quantum-secure FL framework using post-quantum cryptography PQC to protect cross-organizational data sharing. We expose...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/03 5:15 p.m.9 views

Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations

Threat hunters have called attention to a new campaign as part of which bad actors masqueraded as fake IT support to deliver the Havoc command-and-control C2 framework as a precursor to data exfiltration or ransomware attack. The intrusions, identified by Huntress last month across five partner...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2026/02/26 12:6 p.m.20 views

Expert Recommends: Prepare for PQC Right Now

Introduction: Steal It Today, Break It in a Decade Digital evolution is unstoppable, and though the pace may vary, things tend to fall into place sooner rather than later. That, of course, applies to adversaries as well. The rise of ransomware and cyber extortion generated funding for a complex a...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2026/02/25 3:6 p.m.7 views

SLH Offers $500–$1,000 Per Call to Recruit Women for IT Help Desk Vishing Attacks

The notorious cybercrime collective known as Scattered LAPSUS$ Hunters SLH has been observed offering financial incentives to recruit women to pull off social engineering attacks. The idea is to hire them for voice phishing campaigns targeting IT help desks, Dataminr said in a new threat brief. T...

6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/02/25 1:56 p.m.14 views

The Post-RAMP Era: Allegations, Fragmentation, and the Rebuilding of the Ransomware Underground

Executive summary The January 2026 seizure of RAMP disrupted a major ransomware coordination hub, but it did not dismantle the ecosystem behind it. Instead, it destabilized trust and accelerated fragmentation across the underground. Rather than consolidating around a single successor, ransomware...

5.6AI score
Exploits0
HackRead
HackRead
added 2026/02/24 11:40 p.m.8 views

North Korean Lazarus Group Adopts Medusa Ransomware in Global Attacks

Lazarus Group is now using Medusa ransomware in attacks on healthcare and social services, signaling a move toward profit-focused cybercrime...

5.5AI score
Exploits0
The Hacker News
The Hacker News
added 2026/02/24 11:52 a.m.11 views

Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks

The North Korea-linked Lazarus Group aka Diamond Sleet and Pompilus has been observed using Medusa ransomware in an attack targeting an unnamed entity in the Middle East, according to a new report by the Symantec and Carbon Black Threat Hunter Team. Broadcom's threat intelligence division said it...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/02/20 11:55 a.m.10 views

ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT Malware

Cybersecurity researchers have disclosed details of a new ClickFix campaign that abuses compromised legitimate sites to deliver a previously undocumented remote access trojan RAT called MIMICRAT aka AstarionRAT. "The campaign demonstrates a high level of operational sophistication: compromised...

6.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/20 12:0 a.m.5 views

Orbital Escalation: Modeling Satellite Ransomware Attacks Using Game Theory

Ransomware has yet to reach orbit, but the conditions for such an attack already exist. This paper presents the first game-theoretic framework for modeling ransomware against satellites: the orbital escalation game. In this model, the attacker escalates ransom demands across orbital passes, while...

5.9AI score
Exploits0
Rows per page
Query Builder