6521 matches found
Exploit for Missing Authentication for Critical Function in Cpanel
Sorry Ransomware Analysis CVE-2026-41940 cPanel Campaign Pu...
Paying Ransom Won’t Help as VECT 2.0 Ransomware Destroys Data Irreversibly
VECT 2.0 ransomware contains fatal flaws that permanently destroy files, making recovery impossible and rendering ransom payments useless for victims worldwide...
2 US Cybersecurity Experts Jailed for Aiding ALPHV (BlackCat) Ransomware
Two US cybersecurity experts jailed for aiding BlackCat ransomware group, extorting victims worldwide and exploiting insider access for profit...
A Ransomware Negotiator Was Working for a Ransomware Gang
Someone pleaded guilty to secretly working for a ransomware gang as he negotiated ransomware payments for clients...
Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks
The U.S. Department of Justice DoJ on Thursday announced the sentencing of two cybersecurity professionals to four years each in prison for their role in facilitating BlackCat ransomware attacks in 2023. Ryan Goldberg , 40, of Georgia, and Kevin Martin , 36, of Texas, were accused of deploying th...
PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks
A pro-Ukrainian hacktivist group called PhantomCore has been attributed to attacks actively targeting servers running TrueConf video conferencing software in Russia since September 2025. That's according to a report published by Positive Technologies, which found the threat actors to be leveragin...
Winning the Ransomware Race: The New Segmentation Partner Playbook
...
Detecting Avalanche Effect in Adversarial Settings: Spotting the Encryption Loops in Ransomware
Spotting encryption loops in binary-only ransomware is a critical reverse engineering task. Since the existence of avalanche effect, an intrinsic characteristic of any secure encryption algorithms, is unavoidable during a victim data encryption attack, it is a very promising direction to spot...
Safeguarding Skies: Airport Cybersecurity in the Digital Age
The aviation industry faces significant vulnerabilities from both physical and cybersecurity threats, highlighting the urgent need for enhanced cybersecurity measures amid increasingly sophisticated attacks. This paper systematically reviews emerging threats at airports, analyzing real-world...
Exploit for CVE-2017-0144
EternalBlue Exploit Demonstration MS17-010 Cybersecurity la...
IR Trends Q1 2026: Phishing reemerges as top initial access vector, as attacks targeting public administration persist
Phishing reemerged as the most observed means of gaining initial access, accounting for over a third of the engagements where initial access could be determined. Phishing has not been the top vector for initial access since Q2 2025. Public administration and health care tied as the most targeted...
TL-RL-FusionNet: An Adaptive and Efficient Reinforcement Learning-Driven Transfer Learning Framework for Detecting Evolving Ransomware Threats
Modern ransomware exhibits polymorphic and evasive behaviors by frequently modifying execution patterns to evade detection. This dynamic nature disrupts feature spaces and limits the effectiveness of static or predefined models. To address this challenge, we propose TL-RL-FusionNet, a reinforceme...
SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation
Threat actors associated with The Gentlemen ransomware‑as‑a‑service RaaS operation have been observed attempting to deploy a known proxy malware called SystemBC. According to new research published by Check Point, the command-and-control C2 or C&C server linked to SystemBC has led to the discover...
Kyber Ransomware Double Trouble: Windows and ESXi Attacks Explained
Overview For executive leadership, the emergence of Kyber ransomware represents a significant and immediate threat due to its specialized, dual-platform deployment capability targeting mission-critical virtualization infrastructure VMware ESXi and core Windows file systems. This cross-platform...
Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023
A third individual who was employed as a ransomware negotiator has pleaded guilty to conducting ransomware attacks against U.S. companies in 2023. Angelo Martino , 41, of Land O'Lakes, Florida, teamed up with the operators of the BlackCat ransomware starting in April 2023 to assist the e-crime ga...
No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attacks
The cybersecurity industry has spent the last several years chasing sophisticated threats like zero-days, supply chain compromises, and AI-generated exploits. However, the most reliable entry point for attackers still hasn't changed: stolen credentials. Identity-based attacks remain a dominant...
PT-2026-34021
RansomLook is a tool to monitor Ransomware groups and markets and extract their victims. Prior to 1.9.0, the API in the affected application improperly filters private location entries in website/web/api/genericapi.py. Because the code removes elements from a list while iterating over it, entries...
CVE-2026-5966
ThreatSonar Anti-Ransomware developed by TeamT5 has an Arbitrary File Deletion vulnerability. Authenticated remote attackers with web access can exploit Path Traversal to delete arbitrary files on the system...
CVE-2026-5967
ThreatSonar Anti-Ransomware (TeamT5) is affected by a Privilege Escalation vulnerability. The description states that authenticated remote attackers with shell access can inject OS commands and execute them with root privileges, indicating a post-authentication, command-injection path that could ...
CVE-2026-5966
ThreatSonar Anti-Ransomware developed by TeamT5 has an Arbitrary File Deletion vulnerability. Authenticated remote attackers with web access can exploit Path Traversal to delete arbitrary files on the system...