RaaS
-
Lazarus Group uses Medusa ransomware in Middle East attack
A technical report by Broadcom’s Symantec and Carbon Black Threat Hunter Team reported that the Lazarus Group used Medusa ransomware in a Middle East attack and attempted an unsuccessful strike against a U.S. healthcare organization.
-
VolkLocker ransomware contains hard-coded master keys, SentinelOne analysis finds
A SentinelOne analysis says VolkLocker, a RaaS from the CyberVolk collective, contains hard-coded master keys and writes a plaintext backup key to the temporary folder, enabling file recovery without payment while still displaying typical ransomware behaviors.
-
Qilin ransomware deployed in supply-chain attack hits South Korean financial firms
Security researchers say a supply‑chain compromise of a managed service provider enabled Qilin ransomware to hit multiple South Korean financial firms in September 2025, stealing more than 1 million files and about 2 TB of data in a campaign researchers call “Korean Leaks.”
-
SimonMed says 1.2 million patients impacted in January data breach
SimonMed Imaging said more than 1.2 million people were affected by a data breach that gave attackers access to its network from Jan. 21 to Feb. 5; Medusa ransomware claimed the theft and the company said it found no evidence of misuse as of Oct. 10.
-
Manpower data breach affecting about 144,189 individuals; FBI investigating after RansomHub claim
ManpowerGroup disclosed a data breach affecting about 144,189 individuals, with attackers gaining access to systems between December 29, 2024 and January 12, 2025. The company is cooperating with the FBI and offering free credit monitoring through Equifax. The incident was linked to a claim by the RansomHub ransomware group, which reportedly stole about 500GB of…
