A prolific ransomware group has been exploiting a zero-day vulnerability in a Cisco firewall product since January, according to a new analysis from AWS. AWS CISO, CJ Moses, warned yesterday that the ...

Interlock ransomware is actively exploiting CVE-2026-20131 (CVSS 10.0) in Cisco FMC, enabling unauthenticated remote code execution as root.

Ransomware hackers exploited a flaw with a maximum vulnerability score in Cisco firewall management software weeks before the ...

The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a ...

Ransomware criminals exploited CVE-2026-20131, a maximum-severity bug in Cisco Secure Firewall Management Center software, as a zero-day vulnerability more than a month before Cisco patched the hole, ...

The ransomware gang, known for double-extortion attacks, had access to a critical Cisco firewall vulnerability weeks before ...

Medical data breaches expose patient records and Social Security numbers that cannot be replaced. Security expert Ricardo ...

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

AI-generated Slopoly malware used by Hive0163 in 2026 attacks maintained access for over a week, highlighting how AI ...

FBI issues Play ransomware warning as attacks multiply. Update, June 7, 2025: This story, originally published on June 5, has been updated with a new FBI warning regarding yet another critical ...

Ransomware has always been more than a technical risk—it’s a business, a weapon, and a psychological warfare tool. In my previous Forbes article titled “Ransomware on a Rampage; a New Wake-Up Call,” I ...

Ransomware actors are ditching Cobalt Strike in favor of native Windows tools, as payment rates hit record lows and data theft surges.