A ransomware affiliate known as 'hastalamuerte' has revealed operational details about a group called The Gentlemen , shedding light on its tactics, techniques and internal disputes.
Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.
LeakNet uses ClickFix via compromised sites to gain access, enabling stealth attacks and scalable ransomware operations.
Discover five practical strategies to harden your Windows Servers against modern cyber threats. This eBook by ThreatLocker provides actionable steps to enhance your server security using a Zero Trust ...
AI-generated Slopoly malware used by Hive0163 in 2026 attacks maintained access for over a week, highlighting how AI ...
Files on a central cloud server used by the ransomware group highlight a systematic, aggressive attack on network backups as a key TTP.
Qilin ransomware uses WSL to run Linux encryptors stealthily on Windows systems Attackers bypass Windows defenses by executing ELF binaries inside WSL environments EDR tools miss WSL-based threats, ...
Wazuh has advised its users on “DOGE Big Balls,” a recently identified ransomware variant linked to the “Fog” ransomware group. First observed in early 2025, DOGE Big Balls gained notoriety after ...
When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in exploits, defenders might have hoped use of this tactic would decline. They were ...
As Scattered Spider headlines have reminded us of late, ransomware is always in season. The group has been around for many years, and this year it is pivoting from industry to industry to find new ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results