Ransomware – NuclearCoffee

Hacker news

SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation

On Apr 21, 2026 9:24 pm, by NuclearCoffee

Threat actors associated with The Gentlemen ransomware‑as‑a‑service (RaaS) operation have been observed attempting to deploy a known proxy malware called SystemBC. According to new research published by Check… Continue reading

Hacker news

Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023

On Apr 21, 2026 3:17 pm, by NuclearCoffee

A third individual who was employed as a ransomware negotiator has pleaded guilty to conducting ransomware attacks against U.S. companies in 2023. Angelo Martino, 41, of Land O’Lakes,… Continue reading

Hacker news

China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware

On Apr 07, 2026 10:34 pm, by NuclearCoffee

A China-based threat actor known for deploying Medusa ransomware has been linked to the weaponization of a combination of zero-day and N-day vulnerabilities to orchestrate “high-velocity” attacks and break… Continue reading

Hacker news

Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools

On Apr 06, 2026 12:12 pm, by NuclearCoffee

Threat actors associated with Qilin and Warlock ransomware operations have been observed using the bring your own vulnerable driver (BYOVD) technique to silence security tools running on compromised hosts, according to findings from… Continue reading

Hacker news

BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks

On Apr 06, 2026 8:10 am, by NuclearCoffee

Germany’s Federal Criminal Police Office (aka BKA or the Bundeskriminalamt) has unmasked the real identity of the main threat actors associated with the now-defunct REvil (aka Sodinokibi) ransomware-as-a-service… Continue reading

Hacker news

Bearlyfy Hits Russian Firms with Custom GenieLocker Ransomware

On Mar 27, 2026 9:29 pm, by NuclearCoffee

A pro-Ukrainian group called Bearlyfy has been attributed to more than 70 cyber attacks targeting Russian companies since it first surfaced in the threat landscape in January 2025,… Continue reading

Hacker news

Russian Hacker Sentenced to 2 Years for TA551 Botnet-Driven Ransomware Attacks

On Mar 25, 2026 4:55 pm, by NuclearCoffee

The Hacker NewsMar 25, 2026Cybercrime / Ransomware The U.S. Department of Justice (DoJ) said a Russian national has been sentenced to two years in prison for managing a… Continue reading

Hacker news

U.S. Sentences Russian Hacker to 6.75 Years for Role in $9M Ransomware Damage

On Mar 24, 2026 8:09 am, by NuclearCoffee

Ravie LakshmananMar 24, 2026Cybercrime / Network Security A 26-year-old Russian citizen has been sentenced in the U.S. to 6.75 years (81 months) in prison for his role in… Continue reading

Hacker news

CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks

On Mar 19, 2026 7:56 am, by NuclearCoffee

Ravie LakshmananMar 19, 2026Network Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged government agencies to apply patches for two security flaws impacting Synacor… Continue reading

Hacker news

Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access

On Mar 18, 2026 7:46 pm, by NuclearCoffee

Ravie LakshmananMar 18, 2026Network Security / Ransomware Amazon Threat Intelligence is warning of an active Interlock ransomware campaign that’s exploiting a recently disclosed critical security flaw in Cisco… Continue reading

Tag: Ransomware

Stay Connected