-
CISA: BeyondTrust RCE flaw now exploited in ransomware attacks
Hackers are actively exploiting the CVE-2026-1731 vulnerability in the BeyondTrust Remote Support product, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns.
- February 20, 2026
- 12:02 PM
0
-
Mississippi medical center closes all clinics after ransomware attack
The University of Mississippi Medical Center (UMMC) closed all its clinic locations statewide on Thursday following a ransomware attack.
- February 20, 2026
- 06:50 AM
2
-
State of Browser Attacks: Learn from John Hammond, Troy Hunt & Matt Johansen
Join Push Security's free three-part webinar series where top security researchers break down the browser-based attacks driving today's biggest breaches - from AiTM phishing and ConsentFix to compromised credentials and session hijacking.
-
Poland arrests suspect linked to Phobos ransomware operation
Polish police have detained a 47-year-old man suspected of ties to the Phobos ransomware group and seized computers and mobile phones containing stolen credentials, credit card numbers, and server access data.
- February 17, 2026
- 06:31 AM
- 0
-
Washington Hotel in Japan discloses ransomware infection incident
The Washington Hotel brand in Japan has announced that that its servers were compromised in a ransomware attack, exposing various business data.
- February 16, 2026
- 04:10 PM
- 0
-
Romania's oil pipeline operator Conpet confirms data stolen in attack
Romania's national oil pipeline operator, Conpet S.A., confirmed that the Qilin ransomware gang stole company data in an attack last week.
- February 12, 2026
- 02:16 PM
- 0
-
Crazy ransomware gang abuses employee monitoring tool in attacks
A member of the Crazy ransomware gang is abusing legitimate employee monitoring software and the SimpleHelp remote support tool to maintain persistence in corporate networks, evade detection, and prepare for ransomware deployment.
- February 11, 2026
- 02:29 PM
- 1
-
Hackers breach SmarterTools network using flaw in its own software
SmarterTools confirmed last week that the Warlock ransomware gang breached its network after compromising an email system, but did not impact business applications or account data.
- February 09, 2026
- 02:08 PM
- 0
-
Payments platform BridgePay confirms ransomware attack behind outage
A major U.S. payment gateway and solutions provider says a ransomware attack has knocked key systems offline, triggering a widespread outage affecting multiple services. The incident began on Friday and quickly escalated into a nationwide disruption across BridgePay's platform.
- February 07, 2026
- 04:47 AM
- 0
-
CISA warns of SmarterMail RCE flaw used in ransomware attacks
The Cybersecurity & Infrastructure Security Agency (CISA) in the U.S. has issued a warning about CVE-2026-24423, an unauthenticated remote code execution (RCE) flaw in SmarterMail that is used in ransomware attacks.
- February 06, 2026
- 12:16 PM
- 0
-
Ransomware gang uses ISPsystem VMs for stealthy payload delivery
Ransomware operators are hosting and delivering malicious payloads at scale by abusing virtual machines (VMs) provisioned by ISPsystem, a legitimate virtual infrastructure management provider.
- February 05, 2026
- 03:57 PM
- 1
-
Italian university La Sapienza goes offline after cyberattack
Rome's "La Sapienza" university has been targeted by a cyberattack that impacted its IT systems and caused widespread operational disruptions at the educational institute.
- February 05, 2026
- 12:02 PM
- 0
-
Romanian oil pipeline operator Conpet discloses cyberattack
Conpet, Romania's national oil pipeline operator, has disclosed that a cyberattack disrupted its business systems and took down the company's website on Tuesday.
- February 05, 2026
- 10:15 AM
- 0
-
CISA: VMware ESXi flaw now exploited in ransomware attacks
CISA confirmed on Wednesday that ransomware gangs have begun exploiting a high-severity VMware ESXi sandbox escape vulnerability that was used in zero-day attacks since at least February 2024.
- February 04, 2026
- 12:38 PM
- 0
-
EDR killer tool uses signed kernel driver from forensic software
Hackers are abusing a legitimate but long-revoked EnCase kernel driver in an EDR killer that can detect 59 security tools in attempts to deactivate them.
- February 04, 2026
- 09:17 AM
- 0
-
Crypto wallets received a record $158 billion in illicit funds last year
Illegal cryptocurrency flows hit a record $158 billion in 2025, reversing a three-year trend of declining amounts from $86B in 2021 to $64B in 2024.
- January 30, 2026
- 01:49 PM
- 1
-
Marquis blames ransomware breach on SonicWall cloud backup hack
Marquis Software Solutions, a Texas-based financial services provider, is blaming a ransomware attack that impacted its systems and affected dozens of U.S. banks and credit unions in August 2025 on a security breach reported by SonicWall a month later.
- January 29, 2026
- 12:57 PM
- 0
-
Initial access hackers switch to Tsundere Bot for ransomware attacks
A prolific initial access broker tracked as TA584 has been observed using the Tsundere Bot alongside XWorm remote access trojan to gain network access that could lead to ransomware attacks.
- January 28, 2026
- 06:29 PM
- 0
-
FBI seizes RAMP cybercrime forum used by ransomware gangs
The FBI has seized the notorious RAMP cybercrime forum, a platform used to advertise a wide range of malware and hacking services, and one of the few remaining forums that openly allowed the promotion of ransomware operations.
- January 28, 2026
- 12:38 PM
- 0
-
From Cipher to Fear: The psychology behind modern ransomware extortion
Modern ransomware has shifted from encryption to psychological extortion that exploits fear, liability, and exposure. Flare shows how today's ransomware groups weaponize stolen data and pressure tactics to force payment.
- January 27, 2026
- 10:02 AM
- 0
-
INC ransomware opsec fail allowed data recovery for 12 US orgs
An operational security failure allowed researchers to recover data that the INC ransomware gang stole from a dozen U.S. organizations.
- January 22, 2026
- 11:21 AM
- 0
2
