BianLian ransomware
-
CountLoader: New Russian-linked malware loader broadens post-exploitation toolkit, researchers warn
Cybersecurity researchers have identified CountLoader, a new malware loader used by Russian ransomware groups to deliver post-exploitation tools such as Cobalt Strike, AdaptixC2, and the PureHVNC RAT. The loader, observed in variants across .NET, PowerShell, and JavaScript, targets Ukrainian users with PDF phishing lures and features a BrowserVenom proxy capability, multiple download/execution methods, and a…
-
Insight Partners notifies thousands after ransomware breach, exposing personal and investor data
New York-based Insight Partners said thousands of individuals were affected by a ransomware breach that involved data exfiltration and subsequent server encryption, with notification letters and identity monitoring offered to impacted individuals and a Sept. 2025 deadline for confirming exposure.
-
KillSec ransomware hits Brazil’s healthcare IT supply chain, exposing tens of thousands of records
KillSec has claimed responsibility for a September 2025 attack on Brazil’s healthcare software provider MedicSolution, breaching the healthcare IT supply chain and exposing more than 34 GB of sensitive health data across clinics and laboratories, including medical and minor records.
-
HybridPetya ransomware emerges with UEFI Secure Boot bypass, encrypts MFT and demands Bitcoin ransom
A new ransomware strain named HybridPetya has been identified by ESET, combining traits of Petya/NotPetya with a UEFI Secure Boot bypass. The threat encrypts the Master File Table on NTFS partitions via a bootkit installed on the EFI System Partition, and demands Bitcoin ransom while offering a decryption mechanism contingent on payment. Researchers warn that…
-
Wyden urges FTC to probe Microsoft over alleged ‘gross cybersecurity negligence’ linked to ransomware attacks, citing Ascension breach
U.S. Senator Ron Wyden has urged the FTC to investigate Microsoft, accusing the company of cybersecurity negligence linked to ransomware attacks on critical infrastructure, including a major Ascension health-system breach that affected millions of people.
-
Lovesac confirms data breach after ransomware attack; notices indicate data exposure and recovery steps
Lovesac disclosed a data breach after a March 2025 ransomware intrusion, exposing personal data of an undisclosed number of individuals. The company discovered the breach on Feb. 28, 2025, and offered 24-month credit monitoring through Experian while noting no current evidence of misuse. A Vermont AG notice and a GlobeneNewswire release provide context on the…
-
Bridgestone confirms cyberattack affecting North American manufacturing; company says containment achieved
Bridgestone Americas said a limited cyber incident affected some North American manufacturing facilities, but it contained the threat early and did not indicate customer data was breached, as reports spread from South Carolina to Quebec.
-
MathWorks reports ransomware breach exposed data of 10,476 individuals
MathWorks disclosed that a ransomware group stole the data of 10,476 individuals after breaching its network in April, prompting outages affecting MFA, SSO, and other services. The company has not named the ransomware operator, and authorities note that a resolution or ransom payment, if any, remains undisclosed.
-
Sweden hit by cyberattack on municipal IT supplier Miljödata, disrupting services for more than 200 municipalities
A cyberattack on Miljödata disrupted access to municipal IT systems across more than 200 regions in Sweden, with reports of potential data leakage and a ransom demand tied to the incident.
-
Storm-0501 Debuts Brutal Hybrid Ransomware Attack Chain, Microsoft Warns
Microsoft Threat Intelligence warns Storm-0501 has deployed a brutal hybrid ransomware chain, exploiting hijacked privileged accounts to pivot between on‑prem and cloud, exfiltrate data, delete backups and encrypt remaining cloud resources, pressuring victims to pay or face potential shutdown.
