DragonForce is a ransomware_group tracked across 31 threat clusters and 57 intelligence report mentions on ThreatCluster. First observed October 31, 2025; most recent activity July 9, 2026.
On April 24, 2026, CISA added four actively exploited vulnerabilities to its Known Exploited Vulnerabilities catalog. The affected products include SimpleHelp remote management software, Samsung MagicINFO 9 Server, and…
Peter Stokes, a 19-year-old dual citizen of the U.S. and Estonia, was extradited from Finland to the U.S. to face charges related to his involvement in the Scattered Spider hacking group. The group has been linked to…
The DragonForce ransomware group has been observed using a custom malware, Backdoor.Turn, to conceal command-and-control (C&C) traffic within Microsoft Teams' relay infrastructure. This sophisticated technique allows…
Scattered Spider, a cybercrime entity linked to various high-profile attacks since 2022, has been reclassified as a decentralized collective rather than a unified group. Group-IB's analysis indicates that it consists of…
Aflac Japan disclosed a data breach affecting 4.38 million customers after unauthorized access to its systems between June 15 and June 25, 2026. The breach was detected on June 25, prompting the suspension of certain…
The 'Payroll Pirate' campaign has emerged, utilizing advanced phishing and AiTM session hijacking to bypass MFA and reroute payroll disbursements. Targeting mid-market and enterprise organizations, attackers exploit…
Gelatissimo, an Australian gelato franchiser, is under threat from the ransomware group Dragonforce, which claims to have stolen 352.42 gigabytes of sensitive employee data. The hackers have provided sample screenshots…
On May 4, 2026, UpGuard researchers found a publicly exposed Azure storage bucket belonging to Pay Tel Communications, revealing 3.4 million documents, including 300,000 driver’s licenses and sensitive inmate…
A.S.A.P. Restoration Corp. has been targeted by a ransomware attack attributed to DragonForce. The attack has led to unauthorized access to sensitive information and potential data leaks affecting the company. This…
Váhostav has been targeted by a ransomware attack attributed to DragonForce, leading to unauthorized access to sensitive databases and email breaches. The attack is part of a broader trend of cyber incidents affecting…