A prolific ransomware group has been exploiting a zero-day vulnerability in a Cisco firewall product since January, according to a new analysis from AWS. AWS CISO, CJ Moses, warned yesterday that the ...

Interlock ransomware is actively exploiting CVE-2026-20131 (CVSS 10.0) in Cisco FMC, enabling unauthenticated remote code execution as root.

Ransomware hackers exploited a flaw with a maximum vulnerability score in Cisco firewall management software weeks before the ...

Ransomware criminals exploited CVE-2026-20131, a maximum-severity bug in Cisco Secure Firewall Management Center software, as a zero-day vulnerability more than a month before Cisco patched the hole, ...

The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a ...

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

AI-generated Slopoly malware used by Hive0163 in 2026 attacks maintained access for over a week, highlighting how AI ...

Medical data breaches expose patient records and Social Security numbers that cannot be replaced. Security expert Ricardo ...

Ransomware actors are ditching Cobalt Strike in favor of native Windows tools, as payment rates hit record lows and data theft surges.

The ransomware gang, known for double-extortion attacks, had access to a critical Cisco firewall vulnerability weeks before ...

Hacking and IT incidents accounted for 88% of patient records exposed from 2010 to 2024, while ransomware made up nearly 40%, according to the research published in JAMA Network Open. The study, which ...

Ransomware has always been more than a technical risk—it’s a business, a weapon, and a psychological warfare tool. In my previous Forbes article titled “Ransomware on a Rampage; a New Wake-Up Call,” I ...