Conti is a ransomware_group tracked across 45 threat clusters and 77 intelligence report mentions on ThreatCluster. First observed October 31, 2025; most recent activity July 16, 2026.
The Akira ransomware group has been identified as a significant threat to critical infrastructure, with the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the FBI warning of its active ransomware…
The European Union has condemned and sanctioned Russia for a prolonged cyber espionage campaign targeting its member states. The campaign, orchestrated by the 16th Centre of the FSB, has involved infiltrating government…
On July 14, 2026, the European Union, in coordination with the U.S. and U.K., sanctioned Vitaly Nikolayevich Kovalev, known as 'Stern,' a key figure in the Trickbot ransomware syndicate. Kovalev is linked to over $300…
Grinex, a Kyrgyzstan-based cryptocurrency exchange linked to Russia, suspended its operations following a cyberattack that resulted in the theft of over 1 billion rubles (approximately $13 million). The attack, which…
In 2022, the Conti ransomware group experienced a major internal collapse, leading to the leak of over 300,000 internal messages. These messages revealed the group's operations and internal conflicts, particularly in…
Veeam has disclosed a critical vulnerability (CVE-2026-44963) affecting its Backup & Replication software, allowing authenticated domain users to execute remote code on domain-joined backup servers. This flaw impacts…
On July 13, 2026, the U.S. Treasury's Office of Foreign Assets Control (OFAC) sanctioned First VPN Service (1VPNS), its administrator Dmytro Rashevskyi, and malware provider Yegeniy Vladimirovich Silayev for enabling…
Foxconn confirmed a cyberattack on its North American facilities, attributed to the Nitrogen ransomware group, which claims to have stolen 8 terabytes of data, including over 11 million files. The attack reportedly…
A new supply chain attack, dubbed 'Mini Shai-Hulud', has compromised multiple npm packages related to SAP's Cloud Application Programming Model (CAP). This attack involves injecting malicious preinstall scripts into…
The Silent Ransom Group has been implicated in a series of cyberattacks targeting US law firms, employing operatives to physically access computers and insert USB devices. This tactic aims to bypass remote security…