Ransomware

SonicWall Gen6 SSL-VPN devices remain vulnerable to MFA bypass despite patching without manual LDAP reconfiguration.

Banana RAT malware targets 16 Brazilian banks via fake invoices, stealing data with QR code fraud.

7-Eleven confirms cyberattack by ShinyHunters gang that stole 600K+ records from Salesforce systems.

Dark Web Informer daily digest reports multiple breaches, ransomware hits, and supply chain attacks across global

West Pharmaceutical Services discloses cyberattack with data exfiltration and system encryption.

Instructure reaches deal with ShinyHunters to prevent Canvas data leak of 275M student records.

US House investigates ShinyHunters' dual Canvas breaches affecting millions of students.

EtherRAT remote access trojan deployed via malicious MSI installer before delivering The Gentlemen ransomware.

CRPx0 malware campaign uses free OnlyFans lure to target macOS, Windows, and Linux systems.

Instructure reaches deal with ShinyHunters to delete Canvas data stolen in breach affecting 9,000 schools.

Instructure reaches ransom agreement with ShinyHunters over 30M user data breach.

Daily dark web threat digest covering breaches, ransomware claims, and law enforcement actions.

Instructure confirms XSS vulnerabilities allowed hackers to deface Canvas portals and extort ransom.

ShinyHunters hacked Canvas learning platform, affecting ~9,000 schools; system restored after brief outage.

Houghton Mifflin Harcourt added to ShinyHunters extortion portal.

RansomHouse threat group claims responsibility for Trellix source code repository breach.

ShinyHunters breaches Instructure, defaces Canvas LMS portals affecting thousands of universities worldwide.

MuddyWater Iranian hackers use Chaos ransomware as cover for cyber-espionage via Teams social engineering.

MuddyWater conducts false flag ransomware attack using Teams social engineering and credential harvesting.

Latvian Karakurt ransomware negotiator sentenced to 8.5 years in US prison.

Phishing campaign VENOMOUS#HELPER targets 80+ orgs using SimpleHelp and ScreenConnect RMM tools for persistent access.

Russian VPS provider 4VPS.su allegedly exit-scams after serving cybercrime ecosystem since 2017.

New ransomware group CMD Organization surfaces with clearnet and onion infrastructure.

Attackers abuse misconfigured Jenkins servers to deploy DDoS botnet targeting gaming infrastructure.

Brazilian real estate CRM Kenlo Imob breached; 6M PII records and 10K+ docs under extortion threat.

Two former cybersecurity pros sentenced to 4 years for BlackCat ransomware attacks extorting $1.3M.

ClickFix-style campaign uses 588 bulk-registered domains impersonating PureClaw AI software to deliver backdoors and

Two U.S. cybersecurity professionals sentenced to four years for deploying ALPHV BlackCat ransomware.

Sandhills Medical discloses ransomware breach affecting 170,000 after nearly one year delay.

Aur0ra ransomware group claims first seven victims across US sectors.

Russian-speaking threat actor recruits IAB for corporate network access without ransomware deployment.

CISA adds ConnectWise ScreenConnect and Windows Shell flaws to KEV catalog due to active exploitation.

Vimeo confirms data breach via compromised Anodot vendor; ShinyHunters demands ransom by April 30.

US charges 19-year-old Scattered Spider member arrested in Finland for extortion breaches.

Medtronic confirms cyberattack by ShinyHunters claiming 9M records stolen.

Medtronic confirms breach; ShinyHunters claims 9M records theft and ransom demand.

LAPSUS$ claims breaches of MAPFRE, Vodafone, and Checkmarx.

CISA adds 4 actively exploited vulnerabilities to KEV catalog with May 2026 federal deadline.

ADT confirms data breach after ShinyHunters threatens to leak 10M customer records.

Dark Web Informer aggregates breach, ransomware, and vulnerability intelligence from dark web and clearnet sources.

Third US security expert pleads guilty to aiding BlackCat ransomware gang while working as negotiator.

Three US healthcare orgs disclose breaches affecting 600K patients in Illinois and Texas.

Former ransomware negotiator pleads guilty to BlackCat attacks targeting U.S. companies.

Florida ransomware negotiator pleads guilty to aiding BlackCat attacks and extorting U.S. victims.

Daily dark web threat digest reports multiple breaches, ransomware claims, and law enforcement actions across global

Seiko USA website defaced; attackers claim Shopify customer database theft and demand ransom.

Threat actors abuse QEMU emulator in ransomware and RAT campaigns for defense evasion.

Vercel allegedly breached by ShinyHunters with $2M ransom demand.

Shopify store targeted by extortion-based data breach threatening customer database release.

Daily dark web threat digest covering breaches, ransomware, and critical infrastructure incidents across multiple