BianLian ransomware
-
Warlock ransomware breaches network through unpatched SmarterMail instance
A SmarterTools community advisory says the Warlock gang breached an unpatched SmarterMail instance on January 29, 2026, affecting about 12 Windows servers and a secondary data center. Updates and isolation were recommended to limit spread.
-
Sapienza University offline after cyberattack disrupts campus systems
Sapienza University in Rome shut down network systems after a cyberattack, taking its website offline and disrupting services for more than 112,500 students as technicians and national authorities work to restore systems.
-
Romanian oil pipeline operator reports cyberattack that took website offline
Conpet reported a cyberattack that disrupted its corporate IT systems and disabled its website on Tuesday. Operational technology remained unaffected and authorities were notified. A ransomware group using the Qilin name posted files presented as proof.
-
TA584 adopts Tsundere Bot and XWorm in expanded initial access campaign
TA584 is using Tsundere Bot and XWorm in phishing campaigns that tripled in late 2025. The chain uses geofenced URLs, redirect systems, CAPTCHA and PowerShell in memory loaders that complicate detection.
-
Multi-stage phishing campaign in Russia delivers Amnesia RAT and ransomware via GitHub and Dropbox
A multi-stage phishing campaign observed in Russia delivers Amnesia RAT and Hakuna Matata ransomware. The chain uses GitHub and Dropbox for payload staging and disables Defender before stealing data and encrypting files.
-
Monroe University data breach exposed information on 320,973 people
Monroe University said a December 2024 cyberattack exposed personal, financial, and health data for 320,973 people. Notifications began in January and affected individuals are offered one year of free credit monitoring.
-
Belgian hospital shuts down servers and cancels procedures after cyberattack
A Belgian hospital operating in Antwerp and Deurne disconnected servers at 6:32 AM after a cyberattack, cancelling scheduled procedures and transferring seven critical patients. Authorities have been notified and an investigation is under way.
-
Ransomware breach at Cancer Center exposes participant files including 1990s Social Security numbers
A ransomware attack on August 31, 2025 breached the Cancer Center in Honolulu and stole study participant files including 1990s documents with Social Security numbers, the university said in a report to the state legislature.
-
Interpol-led Operation Sentinel results in 574 arrests, $3 million recovered and six ransomware strains decrypted
Interpol said Operation Sentinel, conducted across 19 countries between Oct. 27 and Nov. 27, resulted in 574 arrests, about $3 million recovered, more than 6,000 malicious links removed and the decryption of six ransomware variants, with cases linked to over $21 million in losses.
-
Around 1,000 systems hit in ransomware attack on Romania’s water agency
Romanian Waters said a ransomware attack that began on December 20 has affected around 1,000 systems across its IT network and spread to most river basin organisations; hydrotechnical operations continued to run locally while authorities investigate and work to restore services.
