July 6, 2026

JadePuffer Ransomware: The First Fully AI-Run Cyberattack

A ransomware attack usually needs a human behind the keyboard, at least at the critical moments. That assumption just broke. Security researchers at Sysdig have documented what appears to be the first ransomware operation carried out from start to finish by an autonomous AI agent, and they've named it JadePuffer ransomware. No operator typed commands during the intrusion. An AI

JadePuffer Ransomware
June 22, 2026

Prinz Eugen Ransomware Targets Your Newest Files

A new ransomware strain called Prinz Eugen is drawing attention from security researchers, and its approach sets it apart from most threats in this space. Rather than encrypting files in a random or alphabetical order, Prinz Eugen targets the most recently modified files first. The goal is to lock down the data that matters most before defenders have a chance

Prinz Eugen ransomware
May 15, 2026

West Pharmaceutical Hit by Ransomware Attack, Data Stolen

One of America's largest pharmaceutical manufacturers is recovering from a serious cyberattack after criminals broke into its network, made off with company data, and locked down critical systems. West Pharmaceutical Services, a Pennsylvania-based S&P 500 company, disclosed the ransomware attack to the U.S. Securities and Exchange Commission on May 7, 2026, classifying it as a material cybersecurity incident with global

West Pharmaceutical ransomware attack
May 7, 2026

MuddyWater False Flag Attack Hid Behind Chaos Ransomware

What looked like a ransomware attack earlier this year turned out to be something far more calculated. Security researchers have linked a sophisticated intrusion to MuddyWater, an Iranian state-sponsored hacking group, in what has been assessed as a deliberate false flag attack designed to look like the work of a criminal ransomware gang. The Chaos Ransomware Cover Story Chaos is

MuddyWater False Flag Attack
April 24, 2026

Trigona Ransomware Returns With Custom Data Theft Tool

Trigona ransomware is back, and it has upgraded its playbook. New attacks observed in March 2026 show the group using a purpose-built data theft tool — one designed specifically to fly under the radar of modern security software. The shift marks one of the more technically significant developments in the ransomware landscape this year, and it raises a serious question:

Trigona ransomware
April 23, 2026

Kyber Ransomware Hits Windows and VMware With PQC Twist

A new cyber threat is making waves in the security community — and it comes with a bold claim. Kyber ransomware has emerged as a cross-platform operation hitting both Windows file servers and VMware ESXi infrastructure, with operators advertising post-quantum encryption as part of their attack. The reality, however, is more complicated than the ransom note suggests. Two Variants, One

Kyber Ransomware
February 26, 2026

Advantest Ransomware Attack Disrupts Chip Supply Chain

Advantest ransomware attack news has raised fresh concerns across the semiconductor sector after the Japanese technology giant confirmed a cyber intrusion into its corporate network. The company detected suspicious activity on February 15 and immediately activated its incident response protocols to contain the threat and protect critical systems. Advantest later confirmed that attackers gained unauthorized access and deployed ransomware on

Advantest ransomware attack
December 24, 2025

RansomHouse Encryption Upgrade Complicates Recovery

Ransomware groups continue to refine their tools, and the latest RansomHouse encryption upgrade shows how quickly these threats evolve. Security researchers have identified a new encryptor used by the group that applies multi-layered data processing, making file recovery significantly harder after an attack. Instead of relying on a single encryption pass, the updated ransomware processes data in multiple stages. Each

RansomHouse encryption
December 17, 2025

PayPal Subscription Scam Abuses Legitimate Billing Emails

A PayPal subscription scam is circulating that does not rely on fake domains, malicious links, or compromised accounts. Instead, it abuses a legitimate PayPal feature to deliver fraudulent messages directly from PayPal’s own email infrastructure. The result is a scam that bypasses many traditional warning signs and places users at risk through trust rather than technical deception. Security researchers warn

PayPal Subscription Scam
December 16, 2025

CyberVolk Ransomware Trips Over Its Own Encryption

CyberVolk ransomware appeared suddenly and attempted to establish itself as a serious new extortion threat. Security researchers quickly discovered that the operation suffers from critical technical weaknesses. The most damaging issue involves broken cryptography that prevents the malware from securely encrypting victim data. A new ransomware group enters the scene CyberVolk ransomware surfaced as a previously unknown operation targeting Windows

CyberVolk