UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign

Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of organizations across professional, legal, and financial services in the U.S. between January and May 2026. The activity has been attributed by Google Mandiant and...

Cl0p-Linked Gang Attempts to Extort Oracle E-Business Customers

A ‘high-volume’ extortion campaign possibly linked to FIN11 and Cl0p is targeting Oracle E-Business executives. Mandiant and GTIG are investigating unproven data theft claims...

Attackers Exploit Public .env Files to Breach Cloud Accounts in Extortion Campaign

A large-scale extortion campaign has compromised various organizations by taking advantage of publicly accessible environment variable files .env that contain credentials associated with cloud and social media applications. "Multiple security missteps were present in the course of this campaign,...

RTM Locker: Emerging Cybercrime Group Targeting Businesses with Ransomware

Cybersecurity researchers have detailed the tactics of a "rising" cybercriminal gang called "Read The Manual" RTM Locker that functions as a private ransomware-as-a-service RaaS provider and carries out opportunistic attacks to generate illicit profit. "The 'Read The Manual' Locker gang uses...

Extortion Gang Breaches Cybersecurity Firm Qualys Using Accellion Exploit

Enterprise cloud security firm Qualys has become the latest victim to join a long list of entities to have suffered a data breach after zero-day vulnerabilities in its Accellion File Transfer Appliance FTA server were exploited to steal sensitive business documents. As proof of access to the data...

PART I: Retrospective 2020: DDoS Was Back -- Bigger and Badder Than Ever Before

Never before has the risk of a distributed denial-of-service DDoS attack been higher. In 2020, we saw record-breaking attacks, a DDoS extortion campaign impacting thousands of organizations globally, more emergency customer turnups, and more Akamai customers attacked than any year on record -- an...

Don't Let DDoS Extortionists Deliver a KO Punch

Since mid-August, a variety of threat actors and copycats alike have been targeting organizations across all industries globally, threatening impending DDoS attacks unless Bitcoin is paid out. It's apparent, as the campaign rages on, that some businesses must be paying the extortion demands, --...