Ransomware

SANS ISC Ransomware Intel Mar 27

TeamPCP Supply Chain Campaign: Update 002 - Telnyx PyPI Compromise, Vect Ransomware Mass Affiliate Program, and First Named Victim Claim, (Fri, Mar 27th)

This is the second update to the TeamPCP supply chain campaign threat intelligence report, "When the Security Scanner Became the Weapon" (v3.0, March 25, 2026).

T1598

SANS ISC →

The Hacker News Ransomware Microsoft Mar 27

Bearlyfy Hits 70+ Russian Firms with Custom GenieLocker Ransomware

A pro-Ukrainian group called Bearlyfy has been attributed to more than 70 cyber attacks targeting Russian companies since it first surfaced in the threat lan...

The Hacker News →

The Record Ransomware Mar 26

Pro-Ukraine hacker group Bearlyfy targets Russian companies with custom ransomware

A pro-Ukrainian hacker group known as Bearlyfy has carried out more than 70 cyberattacks against Russian companies over the past year and is now escalating i...

The Record →

SC Media Ransomware Mar 26

US imprisons Russian botnet operator linked to US-targeted ransomware attacks

Security Affairs reports that the U.S.

SC Media →

Infosecurity Magazine Ransomware Mar 26

Iran-Linked Pay2Key Ransomware Group Re-Emerges

Halcyon and Beazley Security track the return of Iranian ransomware group Pay2Key

Infosecurity Magazine →

SC Media Ransomware Mar 25

ESET's Tony Anscombe on managing cyber risk as financially motivated attacks grow

ESET's Tony Anscombe discusses how ransomware gangs use EDR Killers to disable cybersecurity tools.

SC Media →

Security Affairs Ransomware Mar 25

Russian national convicted for running botnet used in attacks on U.S. firms

A Russian hacker got 2 years in prison, $100K fine, and $1.6M judgment for running a botnet used in ransomware attacks on U.

Security Affairs →

SC Media Ransomware Mar 25

US healthcare provider reportedly struck by Iranian ransomware gang

Iran-nexus ransomware gang Pay2Key has reportedly targeted a U.S.

T1486

SC Media →

SC Media Ransomware Mar 25

Additional details on Stryker hack emerge

Major U.S.

SC Media →

SC Media Ransomware Mar 25

US jails Russian ransomware access broker

CyberScoop reports that Russian national Aleksei Volkov is facing 81 months in prison for helping major ransomware groups carry out dozens of attacks that re...

SC Media →

The Record Ransomware Mar 25

Ransomware attack disrupts operation at major Spanish fishing port

A ransomware attack has disrupted digital systems at Spain’s Port of Vigo, forcing authorities to disconnect parts of its network and temporarily manage carg...

The Record →

Help Net Security Ransomware Mar 25

Botnet operator behind $14 million in ransomware extortion payments gets 24 months behind bars

A Russian national has been sentenced to 24 months in prison after admitting he managed a botnet used to launch ransomware attacks against dozens of U.S.

Help Net Security →

The Record Ransomware Mar 25

Russian botnet operator linked to major ransomware attacks sentenced in US

Ilya Angelov, 40, of Tolyatti, Russia, pleaded guilty to managing a botnet that other cybercriminals used to break into corporate systems and deploy ransomware.

The Record →

SC Media Ransomware Mar 25

2026 SC Award winner Veeam — Best Business Continuity/Disaster/Ransomware Recovery Solution

Veeam awarded for Veeam Data Platform, combining ransomware resilience with advanced recovery tools.

SC Media →

The Hacker News Ransomware Mar 25

Russian Hacker Sentenced to 2 Years for TA551 Botnet-Driven Ransomware Attacks

The U.S.

The Hacker News →

GBHackers Ransomware Microsoft VMware Linux Mar 25

Linux Ransomware Pay2Key Targets Servers, Virtualization Hosts, and Cloud Workloads

Linux-focused ransomware Pay2Key is actively targeting enterprise servers, VMware ESXi virtualization hosts, and cloud workloads, underscoring how far Linux ...

T1588

GBHackers →

SecurityWeek Ransomware Mar 25

US Prisons Russian Access Broker for Aiding Ransomware Attacks

Aleksei Volkov has been sentenced to 81 months in prison for his role in Yanluowang ransomware attacks. The post US Prisons Russian Access Broker for Aiding ...

SecurityWeek →

BleepingComputer Ransomware Mar 25

Manager of botnet used in ransomware attacks gets 2 years in prison

A Russian national has been sentenced to two years in prison after admitting that the phishing botnet he managed was used to launch BitPaymer ransomware atta...

T1566

BleepingComputer →

Cyberscoop Ransomware Mar 24

Russian access broker sentenced to over 6 years in prison for ransomware schemes

A federal court in Indiana sentenced a Russian cybercriminal to 81 months in prison on charges related to his role as an initial access broker for ransomware...

Cyberscoop →

BleepingComputer Ransomware Mar 24

Yanluowang ransomware access broker gets 81 months in prison

A Russian national was sentenced to nearly 7 years in prison after pleading guilty to acting as an initial access broker (IAB) for Yanluowang ransomware atta...

BleepingComputer →