Ransomware Monitor
Ransomware Monitor
Latest Cyber News
Team.jobs
hit by Black Basta (Basta News) Ransomware Gang - Actor: Black Basta (Basta News) ...
11 months ago Twitter.com
11 months ago Twitter.com
Hardeman County Community Health Center
hit by BlackCat (ALPHV) Ransomware Gang - Actor: BlackCat (ALPHV) ...
11 months ago Twitter.com
11 months ago Twitter.com
Dilweg.com
hit by Black Basta (Basta News) Ransomware Gang - Actor: Black Basta (Basta News) ...
11 months ago Twitter.com
11 months ago Twitter.com
Birchallfoodservice.co.uk
hit by Black Basta (Basta News) Ransomware Gang - Actor: Black Basta (Basta News) ...
11 months ago Twitter.com
11 months ago Twitter.com
Zircodata.com
hit by Black Basta (Basta News) Ransomware Gang - Actor: Black Basta (Basta News) ...
11 months ago Twitter.com
11 months ago Twitter.com
Usmerchants.com
hit by Black Basta (Basta News) Ransomware Gang - Actor: Black Basta (Basta News) ...
11 months ago Twitter.com
11 months ago Twitter.com
Climatech.com
hit by Black Basta (Basta News) Ransomware Gang - Actor: Black Basta (Basta News) ...
11 months ago Twitter.com
11 months ago Twitter.com
Nfllp.com
hit by Black Basta (Basta News) Ransomware Gang - Actor: Black Basta (Basta News) ...
11 months ago Twitter.com
11 months ago Twitter.com
Birchall Foodservice
hit by Black Basta (Basta News) Ransomware Gang - Actor: Black Basta (Basta News) ...
11 months ago Twitter.com
11 months ago Twitter.com
Dilweg
hit by Black Basta (Basta News) Ransomware Gang - Actor: Black Basta (Basta News) ...
11 months ago Twitter.com
11 months ago Twitter.com
ZircoDATA
hit by Black Basta (Basta News) Ransomware Gang - Actor: Black Basta (Basta News) ...
11 months ago Twitter.com
11 months ago Twitter.com
KHSS (You have 3 days)
hit by BlackCat (ALPHV) Ransomware Gang - Actor: BlackCat (ALPHV) ...
11 months ago Twitter.com
11 months ago Twitter.com
Desarrollo De Tecnologia y Sistemas Ltda
hit by Akira Ransomware Gang - Actor: akira ...
11 months ago Twitter.com
11 months ago Twitter.com
Austen Consultants
hit by BlackCat (ALPHV) Ransomware Gang - Actor: BlackCat (ALPHV) ...
1 year ago Twitter.com
1 year ago Twitter.com
Dasteam.ch
hit by Black Basta (Basta News) Ransomware Gang - Actor: Black Basta (Basta News) ...
1 year ago Twitter.com
1 year ago Twitter.com
[EN]
hit by Black Basta (Basta News) Ransomware Gang - Actor: Black Basta (Basta News) ...
1 year ago Twitter.com
1 year ago Twitter.com
Compressionleasing.com
hit by Dragonforce Ransomware Gang - Actor: dragonforce ...
1 year ago Twitter.com
1 year ago Twitter.com
River Delta Unified School District
hit by Meow Ransomware Gang - Actor: meow ...
1 year ago Twitter.com
1 year ago Twitter.com
Advancedprosolutions.com\$5M\USA\54GB\<1%DISCLOSED
hit by Cactus Ransomware Gang - Actor: cactus ...
1 year ago Twitter.com
1 year ago Twitter.com
Finlay Screening & Crushing Systems
hit by Hunters Ransomware Gang - Actor: hunters ...
1 year ago Twitter.com
1 year ago Twitter.com
Compression Leasing Services
hit by Dragonforce Ransomware Gang - Actor: dragonforce ...
1 year ago Twitter.com
1 year ago Twitter.com
Se.com\$$33.5B\France\1.5TB\<1%DISCLOSED
hit by Cactus Ransomware Gang - Actor: cactus ...
1 year ago Twitter.com
1 year ago Twitter.com
First Professional Services
hit by BianLian Ransomware Gang - Actor: BianLian ...
1 year ago Twitter.com
1 year ago Twitter.com
Spbglobal.com\$81.4M\Spain\706GB\100%DISCLOSED
hit by Cactus Ransomware Gang - Actor: cactus ...
1 year ago Twitter.com
1 year ago Twitter.com
Gocco.com\$937.9M\Spain\136GB\100%DISCLOSED
hit by Cactus Ransomware Gang - Actor: cactus ...
1 year ago Twitter.com
1 year ago Twitter.com
Parksite.com\$452.7M\USA\170GB\100%DISCLOSED
hit by Cactus Ransomware Gang - Actor: cactus ...
1 year ago Twitter.com
1 year ago Twitter.com
VSP Dental
hit by BlackCat (ALPHV) Ransomware Gang - Actor: BlackCat (ALPHV) ...
1 year ago Twitter.com
1 year ago Twitter.com
Chicago Zoological Society
hit by Hunters Ransomware Gang - Actor: hunters ...
1 year ago Twitter.com
1 year ago Twitter.com
BS&B Safety Systems L.L.C
hit by Hunters Ransomware Gang - Actor: hunters ...
1 year ago Twitter.com
1 year ago Twitter.com
Prudential Financial
hit by BlackCat (ALPHV) Ransomware Gang - Actor: BlackCat (ALPHV) ...
1 year ago Twitter.com
1 year ago Twitter.com
LoanDepot
hit by BlackCat (ALPHV) Ransomware Gang - Actor: BlackCat (ALPHV) ...
1 year ago Twitter.com
1 year ago Twitter.com
Trending Cyber News (last 7 days)
Sophisticated Phishing Attacks Targeting Decision-Makers Including CEOs and CTOs - Security experts at Hackmosphere noted that the results shows the critical risks for organizations: 24% of CEOs clicked malicious links in test emails, compared to just 6% of CTOs, emphasizing discrepancies in threat perception among leadership ...
1 day ago Cybersecuritynews.com
1 day ago Cybersecuritynews.com
CVE-2025-26793 - The Web GUI configuration panel of Hirsch (formerly Identiv and Viscount) Enterphone MESH through 2024 ships with default credentials (username freedom, password viscount). The administrator is not prompted to change these credentials on initial ...
6 days ago Tenable.com
6 days ago Tenable.com
Hackers Abusing Microsoft Teams Meeting Invites to Trick Victims for Gaining Access - In a sophisticated cyberattack campaign, a threat actor identified as Storm-2372 has been leveraging Microsoft Teams meeting invites to execute “device code phishing” attacks. These emails prompt recipients to authenticate using the ...
4 days ago Cybersecuritynews.com
4 days ago Cybersecuritynews.com
Indian Post Office Portal Exposed Thousands of KYC Records With Username & Mobile Number - According to Gokuleswaran, a Cyber Security Analyst, the vulnerability allowed unauthorized users to access private KYC records by exploiting a flaw in the portal’s URL structure. This breach exemplifies how IDOR vulnerabilities can lead to ...
4 days ago Cybersecuritynews.com
4 days ago Cybersecuritynews.com
X now blocks Signal contact links, flags them as malicious - According to BleepingComputer's tests and other users' reports, attempting to post Signal.me links via public posts, direct messages, or profile bios receive error messages citing spam or malware risks. Social media platform X (formerly Twitter) is ...
4 days ago Bleepingcomputer.com
4 days ago Bleepingcomputer.com
Pennsylvania utility says MOVEit breach at vendor exposed some customer data | The Record from Recorded Future News - PPL Electric Utilities said in an emailed statement that the vendor notified it in June 2023 of a breach through a widespread bug in the MOVEit file transfer software, which affected hundreds of organizations and exposed the data of tens of millions ...
6 days ago Therecord.media
6 days ago Therecord.media
Multiple Russian Actors Attacking Orgs To Hack Microsoft 365 Accounts via Device Code Authentication - Security researchers at Volexity have uncovered multiple Russian threat actors conducting sophisticated social engineering and spear-phishing campaigns targeting Microsoft 365 accounts through Device Code Authentication exploitation. The threat ...
4 days ago Cybersecuritynews.com
4 days ago Cybersecuritynews.com
New Go-Based Malware Exploits Telegram and Use It as C2 Channel - Researchers have identified a new backdoor malware, written in Go programming language, that leverages Telegram as its command-and-control (C2) channel. Netskope Advanced Threat Protection proactively detects this threat under the identifier ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
CVE-2024-13439 - The Team – Team Members Showcase Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the response() function in all versions up to, and including, 4.4.9. This makes it possible for authenticated ...
6 days ago Tenable.com
6 days ago Tenable.com
PurpleLab - A Free Cybersecurity Lab for Security Teams To Analyse Cyber Threats - PurpleLab is a cybersecurity lab that integrates various tools and technologies to support analysts in testing detection rules and simulating real-world cyber threats. In a significant step forward for cybersecurity professionals, PurpleLab offers an ...
4 days ago Cybersecuritynews.com
4 days ago Cybersecuritynews.com
New Android Security Feature that Blocks Changing Sensitive Setting During Calls - A common tactic involves guiding victims over the phone to enable sideloading or accessibility permissions, which allow malicious apps to bypass safeguards and gain control of the device. This feature, currently live in the beta version, prevents ...
4 days ago Cybersecuritynews.com
4 days ago Cybersecuritynews.com
Threat Actors Leveraging Modified Version of SharpHide Tool To Create Hidden Registry - Threat actors have been utilizing a modified version of the SharpHide tool to create hidden registry values, significantly complicating detection and deletion efforts. [+] SharpDelete by Andrew Petrus - Tool to delete hidden registry values ...
4 days ago Cybersecuritynews.com
4 days ago Cybersecuritynews.com
Beware of Fake Outlook Troubleshooting Calls that Ends Up In Ransomware Deployment - A sophisticated cyber threat has emerged in recent weeks, targeting unsuspecting users with fake Outlook troubleshooting calls. To protect yourself from fake Outlook troubleshooting scams, always verify the caller’s identity, as legitimate ...
4 days ago Cybersecuritynews.com
4 days ago Cybersecuritynews.com
Hidden Malware in WordPress Websites Allows Attackers to Execute Malicious Code Remotely - A sophisticated malware campaign has recently been uncovered by security researchers at Sucuri, targeting WordPress websites through hidden malware and backdoors in the mu-plugins directory. This campaign shows the importance of continuous WordPress ...
4 days ago Cybersecuritynews.com
4 days ago Cybersecuritynews.com
RansomHub Evolves To Attack Windows, ESXi, Linux and FreeBSD Operating Systems - With RansomHub actively exploiting zero-day vulnerabilities and recruiting displaced ALPHV/LockBit affiliates, organizations must strengthen endpoint security and ensure backup isolation to prevent potential attacks. RansomHub ransomware group ...
4 days ago Cybersecuritynews.com
4 days ago Cybersecuritynews.com
CVE-2025-0822 - Bit Assist plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.5.2 via the fileID Parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of ...
6 days ago Tenable.com
6 days ago Tenable.com
CVE-2024-13500 - The WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 2.6.17 ...
6 days ago Tenable.com
6 days ago Tenable.com
Meta Paid Out $2.3 Million to Researchers via Bug Bounty Program - This initiative, which began in 2011, has now surpassed $20 million in total payouts, underscoring Meta’s dedication to collaborating with the global security research community to enhance platform safety and integrity. Meta’s bug bounty ...
4 days ago Cybersecuritynews.com
4 days ago Cybersecuritynews.com
CVE-2025-1359 - A vulnerability, which was classified as problematic, has been found in SIAM Industria de Automação e Monitoramento SIAM 2.0. This issue affects some unknown processing of the file /qrcode.jsp. The manipulation of the argument url leads to cross ...
4 days ago Tenable.com
4 days ago Tenable.com
CVE-2025-1354 - A vulnerability was found in Asus RT-N12E 2.0.0.19. It has been classified as problematic. Affected is an unknown function of the file sysinfo.asp. The manipulation of the argument SSID leads to cross site scripting. It is possible to launch the ...
5 days ago Tenable.com
5 days ago Tenable.com
CISA Warns of Apple iOS Vulnerability Exploited in Wild - The flaw, an authorization bypass in Apple’s USB Restricted Mode, enables attackers with physical access to disable security protections on locked devices, potentially exposing sensitive data. CVE-2025-24200, cataloged under CWE-863 (Incorrect ...
4 days ago Cybersecuritynews.com
4 days ago Cybersecuritynews.com
Fintech giant Finastra notifies victims of October data breach - While Finastra has yet to share the number of individuals affected by the data breach and the nature of the exposed data (besides victims' names), the company started sending breach notification letters last week to at least 65 people in the state ...
4 days ago Bleepingcomputer.com
4 days ago Bleepingcomputer.com
Microsoft reminds admins to prepare for WSUS driver sync deprecation - Introduced as Software Update Services (SUS) in 2005, almost two decades ago, WSUS enables IT admins to manage and distribute updates for Microsoft products across enterprise networks with large numbers of Windows devices from a single server instead ...
2 days ago Bleepingcomputer.com
2 days ago Bleepingcomputer.com
Venture capital giant Insight Partners hit by cyberattack - After discovering the breach, Insight Partners notified law enforcement in relevant jurisdictions and hired third-party cybersecurity experts to investigate its impact. "We are working diligently to determine the scope of the incident with the ...
2 days ago Bleepingcomputer.com
2 days ago Bleepingcomputer.com
CVE-2024-10581 - The DirectoryPress Frontend plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.9. This is due to missing or incorrect nonce validation on the dpfl_listingStatusChange() function. This makes it ...
6 days ago Tenable.com
6 days ago Tenable.com
Microsoft: Hackers steal emails in device code phishing attacks - "The invitations lure the user into completing a device code authentication request emulating the experience of the messaging service, which provides Storm-2372 initial access to victim accounts and enables Graph API data collection activities, such ...
6 days ago Bleepingcomputer.com
6 days ago Bleepingcomputer.com
Xerox Printers Vulnerability Let Attackers Capture Auth Data From LDAP & SMB - In one demonstrated attack chain, researchers gained admin access via default credentials (Xerox devices often retain factory defaults), modified LDAP settings to attacker IP, triggered LDAP sync via “Test Connection” feature and used captured ...
4 days ago Cybersecuritynews.com
4 days ago Cybersecuritynews.com
Ransomware Gangs Encrypt Systems After 17hrs From Initial Infection - A 2025 threat report by cybersecurity firm Huntress reveals ransomware gangs now take just 17 hours on average to encrypt systems after initial network intrusion, with some groups like Akira and RansomHub operating in as little as 4–6 hours. New ...
4 days ago Cybersecuritynews.com
4 days ago Cybersecuritynews.com
Microsoft to remove the Location History feature in Windows - “We are deprecating and removing the Location History feature, an API that allowed Cortana to access 24 hours of device history when location was enabled,” reads Microsoft's announcement. The API behind the feature, ...
3 days ago Bleepingcomputer.com
3 days ago Bleepingcomputer.com
CVE-2024-13834 - The Responsive Plus – Starter Templates, Advanced Features and Customizer Settings for Responsive Theme plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.1.4 via the 'remote_request' function. ...
6 days ago Tenable.com
6 days ago Tenable.com
CVE-2024-13488 - The LTL Freight Quotes – Estes Edition plugin for WordPress is vulnerable to SQL Injection via the 'dropship_edit_id' and 'edit_id' parameters in all versions up to, and including, 3.3.7 due to insufficient escaping on the user supplied parameter ...
6 days ago Tenable.com
6 days ago Tenable.com
SonicWall Firewall Authentication Bypass Vulnerability Exploited in Wild - The surge in attacks follows the public release of proof-of-concept (PoC) exploit code on February 10, 2025, by researchers at Bishop Fox, amplifying risks for organizations with unpatched devices. Security analysts attribute the rapid weaponization ...
5 days ago Cybersecuritynews.com
5 days ago Cybersecuritynews.com
CVE-2024-13837 - Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage. ...
3 days ago Tenable.com
3 days ago Tenable.com
IDOR vulnerability in ExHub Let Attacker Modify Web Hosting Configuration - The consequences of this IDOR vulnerability were severe where attackers could manipulate deployment configurations, potentially gaining unauthorized access to sensitive resources. This vulnerability effectively allowed unauthorized users to perform ...
4 days ago Cybersecuritynews.com
4 days ago Cybersecuritynews.com
Microsoft rolls out BIOS update that fixes ASUS blue screen issues - "Devices with ASUS models X415KA and X515KA running a BIOS version lower than 311 will need to install the latest BIOS update to remove the safeguard and proceed with the Windows 11, version 24H2 upgrade," Microsoft said. However, in a ...
4 days ago Bleepingcomputer.com
4 days ago Bleepingcomputer.com
Microsoft spots XCSSET macOS malware variant used for crypto theft - A new variant of the XCSSET macOS modular malware has emerged in attacks that target users' sensitive information, including digital wallets and data from the legitimate Notes app. XCSSET then creates a malicious Launchpad application with ...
4 days ago Bleepingcomputer.com
4 days ago Bleepingcomputer.com
Chase will soon block Zelle payments to sellers on social media - While Chase didn't share what exactly prompted this decision, the U.S. Consumer Financial Protection Bureau (CFPB) sued Early Warning Services (Zelle's operator) and three of its owner banks (Bank of America, JPMorgan Chase, and Wells Fargo) in ...
3 days ago Bleepingcomputer.com
3 days ago Bleepingcomputer.com
New Research Proposed To Enhance MITRE ATT&CK In Dynamic Cybersecurity Environments - However, analysts (at National University of Singapore and NCS Cyber Special Ops R&D) noted that the proposed research seeks to address current limitations by introducing advanced capabilities such as real-time threat mapping, cross-domain ...
2 days ago Cybersecuritynews.com
2 days ago Cybersecuritynews.com
CVE-2024-12562 - The s2Member Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 241216 via deserialization of untrusted input from the 's2member_pro_remote_op' vulnerable parameter. This makes it possible for ...
6 days ago Tenable.com
6 days ago Tenable.com
Juniper patches critical auth bypass in Session Smart routers - "An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router may allow a network-based attacker to bypass authentication and take administrative control of the device," the American networking ...
3 days ago Bleepingcomputer.com
3 days ago Bleepingcomputer.com
Threat Actors Trojanize Popular Versions of Games To Infect Systems Bypassing Evasion Techniques - By exploiting user trust in popular games and employing advanced evasion techniques, threat actors have demonstrated their ability to infiltrate systems undetected while maximizing financial gain through cryptomining. In a sophisticated cyberattack ...
2 days ago Cybersecuritynews.com
2 days ago Cybersecuritynews.com
China-Linked Threat Group Targets Japanese Orgs' Servers - In targeting organizations in the Asia-Pacific region, Winnti is exploiting vulnerabilities found in applications like IBM Lotus Domino to deploy malicious malware, including DEATHLOTUS, UNAPIMON, PRIVATELOG, CUNNINGPIGEON, WINDJAMMER, and ...
2 days ago Darkreading.com
2 days ago Darkreading.com
Beware of Fake BSOD Delivered by Malicious Python Script - According to security consultant Xavier Mertens, the tkinter library, a standard Python module, is typically used to create graphical user interfaces (GUIs). Security teams should consider monitoring for unusual uses of GUI libraries like tkinter as ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
CVE-2025-1355 - A vulnerability was found in needyamin Library Card System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /signup.php of the component Add Picture. The manipulation leads to unrestricted ...
5 days ago Tenable.com
5 days ago Tenable.com
CVE-2024-13879 - The Stream plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.2 due to insufficient validation on the webhook feature. This makes it possible for authenticated attackers, with ...
4 days ago Tenable.com
4 days ago Tenable.com
Thrive Acquires Secured Network Services - 13, 2025 (GLOBE NEWSWIRE) -- Thrive, a global technology outsourcing provider for cybersecurity, Cloud, and IT managed services, today announced the acquisition of Secured Network Services (SNS), a leading New Hampshire-based IT provider for ...
2 days ago Darkreading.com
2 days ago Darkreading.com
CVE-2025-26508 - Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job. ...
1 week ago Tenable.com
1 week ago Tenable.com
CVE-2025-26506 - Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job. ...
1 week ago Tenable.com
1 week ago Tenable.com
CVE-2025-1357 - A vulnerability classified as problematic has been found in Seventh D-Guard up to 20250206. This affects an unknown part of the component HTTP GET Request Handler. The manipulation leads to path traversal. It is possible to initiate the attack ...
4 days ago Tenable.com
4 days ago Tenable.com