Play is a ransomware_group tracked across 17 threat clusters and 25 intelligence report mentions on ThreatCluster. First observed November 3, 2025; most recent activity July 17, 2026.
On July 14, 2026, the US Justice Department unsealed an indictment against three Russian nationals—Alexander Volosovik, Kirill Zatolokin, and Yulia Pankova—accused of operating bulletproof hosting services that…
Adversaries are increasingly leveraging external remote services like VPNs and Citrix to gain unauthorized access to networks. These attacks often involve using valid accounts obtained through credential harvesting or…
ConnectWise ScreenConnect has been compromised by two critical vulnerabilities, CVE-2024-1708 and CVE-2024-1709, which allow attackers to bypass authentication and execute remote code. The vulnerabilities were disclosed…
The LockBit ransomware group has returned with a new data leak site, claiming seven new victims. Following a series of law enforcement actions in early 2024 that disrupted its operations, LockBit has introduced version…
As of February 12, 2026, organizations worldwide are experiencing an average of 2,090 cyber-attacks per week, largely driven by ransomware incidents. This increase highlights the ongoing challenges faced by businesses…
UK small and medium-sized enterprises (SMEs) are increasingly vulnerable to sophisticated AI-driven scams, as highlighted by recent reports. The emergence of 'AI scams 2.0' combines traditional social engineering…
Ransomware attacks are increasingly targeting mid-market firms, with two-thirds reporting breaches in the past year. The rise of Ransomware-as-a-Service (RaaS) has made these attacks more accessible to less…
Brokk, a Swedish manufacturer of remote-controlled demolition machinery, was allegedly hacked by the Play ransomware gang, which is linked to Russia. The gang has threatened to leak a 4GB dataset containing sensitive…
ADC Aerospace, a U.S. engineering component manufacturer, has been targeted by the Play ransomware group, which claims to have accessed sensitive data. The breach includes unauthorized access to databases and potential…
Kirbor Homes experienced a ransomware attack on June 10, 2026, which compromised its computer systems. The ransomware group PLAY claimed responsibility for the breach, stating they had obtained sensitive data, including…