Ransomware Blog- 2026 2025 2024 2023 2022 2021 2020 2019 2018
AI blog APT blog Attack blog BigBrother blog BotNet blog Cyber blog Cryptocurrency blog Exploit blog Hacking blog ICS blog Incident blog IoT blog Malware blog OS Blog Phishing blog Ransom blog Safety blog Security blog Social blog Spam blog Vulnerebility blog
DATE | NAME | Info | CATEG. | WEB |
| 25.4.26 | DFIR Report – The Gentlemen & SystemBC: A Sneak Peek Behind the Proxy | The Gentlemen ransomware‑as‑a‑service (RaaS) program is rapidly gaining popularity, attracting numerous affiliates and publicly claiming over 320 victims, with the majority of attacks (240) occurring in the first months of 2026. | Ransom blog | CHECKPOINT |
| 25.4.26 | What the ransom note won’t say | An attack is what you see, but a business operation is what you’re up against | Ransom blog | Eset |
| 18.4.26 | QEMU abused to evade detection and enable ransomware delivery | The use of hidden virtual machines (VMs) enables long-term access, credential harvesting, data exfiltration, and PayoutsKing ransomware deployment | Ransom blog | SOPHOS |
| 18.4.26 | Black Hat Asia 2026 Is Coming to Singapore — Here’s What the Threat Landscape Looks Like Ahead of It | Black Hat Asia 2026 explores ransomware growth, AI-driven cyber threats, and supply chain risks reshaping global cybersecurity and digital resilience. | Ransom blog | Cyble |
| 11.4.26 | Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations | The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize recently disclosed vulnerabilities to obtain initial access, exfiltrate data, and deploy Medusa ransomware. | Ransom blog | Microsoft blog |
| 4.4.26 | An overview of ransomware threats in Japan in 2025 and early detection insights from Qilin cases | There were 134 ransomware incidents reported in Japan in 2025, representing a 17.5% year-over-year increase from 2024. | Ransom blog | CISCO TALOS |
| 4.4.26 | Ransomware in 2025: Blending in is the strategy | A summary of the top ransomware trends from the Talos 2025 Year in Review, with a focus on identity, attacker tactics, and practical defenses. | Ransom blog | CISCO TALOS |
| 28.3.26 | The Energy Sector’s Ransomware Nightmare: Why Critical Infrastructure Can’t Catch a Break | Energy sector ransomware nightmare continued in 2025 but here’s lessons to learn for critical infrastructure protection in 2026. | Ransom blog | Cyble |
| 21.3.26 | Since 2018, when many financially motivated threat actors began shifting their monetization strategy to post-compromise ransomware deployments, ransomware has become one of the most pervasive threats to organizations across almost every industry vertical and region. | Ransom blog | GTI | |
| 21.3.26 | Everyday tools, extraordinary crimes: the ransomware exfiltration playbook | Attackers use trusted tools for data theft, making traditional detection unreliable. The Exfiltration Framework enables defenders to spot exfiltration by focusing on behavioral signals across endpoints, networks, and cloud environments rather than static tool indicators. | Ransom blog | CISCO TALOS |
| 14.2.26 | Naming and shaming: How ransomware groups tighten the screws on victims | When corporate data is exposed on a dedicated leak site, the consequences linger long after the attack fades from the news cycle | Ransom blog | Eset |
| 7.2.2026 | Ransomware Attacks Have Surged 30% Since Q4 2025 | Ransomware groups have averaged nearly 700 victims a month in the last four months, and many attacks have posed supply chain risks. | Ransom blog | Cyble |
| 7.2.2026 | Black Basta: Defense Evasion Capability Embedded in Ransomware Payload | A recent Black Basta attack campaign was notable because the ransomware contained a bring-your-own-vulnerable-driver (BYOVD) defense evasion component embedded within the ransomware payload itself. | Ransom blog | SECURITY.COM |
| 1.2.26 | Eeny, meeny, miny, moe? How ransomware operators choose victims | Most ransomware attacks are opportunistic, not targeted at a specific sector or region | Ransom blog | SOPHOS |
| 24.1.26 | Osiris: New Ransomware, Experienced Attackers? | Poortry driver and modified Rustdesk tool used in recent attack campaign, which bears similarities to previous Inc ransomware attacks. | Ransom blog | SECURITY.COM |
| 24.1.26 | Ransomware: Tactical Evolution Fuels Extortion Epidemic | New whitepaper reveals record number of attacks as threat landscape evolves with new players and new tactics. | Ransom blog | SECURITY.COM |
| 17.1.26 | In December 2025, organizations experienced an average of 2,027 cyber attacks per organization per week. ... | Ransom blog | CHECKPOINT | |
| 17.1.26 | Sicarii Ransomware: Truth vs Myth | Sicarii is a newly observed RaaS operation that surfaced in late 2025 and has only published 1 claimed victim. | Ransom blog | |
| 10.1.26 | 5 ways your firewall can keep ransomware out — and lock it down if it gets in | Ransomware continues to cripple organizations worldwide, draining budgets and halting operations. For IT teams already stretched thin, a single attack can mean days of downtime and irreversible data loss. | Ransom blog | SOPHOS |
| 10.1.26 | TRACKING RANSOMWARE : DEC 2025 | EXECUTIVE SUMMARY Ransomware activity in December 2025 highlights an evolution toward cartel-style, collaborative ecosystems, where initial access, persistence, encryption, and | Ransom blog |