ransomware

Ransomware Is Getting Less Profitable and More Prolific

John Z Black Mar 17, 2026

Threat Intelligence #ransomware #mandiant #threat-intelligence #qilin #akira #wef #enterprise-risk

Mandiant's latest report shows ransomware payments declining while victim counts hit record highs. The ecosystem isn't dying. It's fragmenting faster than defenders can track.

The Week Trust Kept Breaking

John Z Black Mar 15, 2026

Weekly Recap #the-week-in-cyber #iran-cyber #supply-chain #ai-agents #patch-management #ransomware #privacy #cisa

Iranian wipers, poisoned dev tools, AI agents as attack surfaces, patches that never stopped coming, and a ransomware negotiator working for the bad guys. Trust fell apart in every direction this week.

INTERPOL Just Sinkholed 45,000 Criminal IPs and Arrested 94 People Across 72 Countries

John Z Black Mar 14, 2026

Law Enforcement #interpol #operation-synergia #sinkhole #cybercrime #ransomware #phishing #law-enforcement #takedown

Operation Synergia III was one of the biggest cybercrime infrastructure takedowns ever. 45,000 malicious IPs redirected, 94 arrests, 72 countries involved. Here's what that actually means.

The Insider No One Suspected: DOJ Says a Ransomware "Helper" Was Running the Attack

John Z Black Mar 14, 2026

Ransomware #blackcat #ransomware #incident-response #doj #trust #insider-threat #alphv #digitalmint

A ransomware negotiator was secretly feeding BlackCat operators confidential victim data to jack up ransom payments. The DOJ just charged him.

AI Is Now Both the Weapon and the Target

John Z Black Mar 13, 2026

AI Security #ai #malware #prompt-injection #copilot #slopoly #ransomware #enterprise

Slopoly is AI-generated malware used in a live ransomware attack. Microsoft Copilot can be hijacked through emails you just receive. AI security isn't future-tense anymore.

The Ransomware 'Negotiator' Was Running the Attack: DigitalMint's $75M Double Cross

John Z Black Mar 13, 2026

Ransomware #ransomware #incident-response #digitalmint #blackcat #vendor-risk #extortion

Federal charges reveal DigitalMint's ransomware negotiators were allegedly running the attacks themselves. The second employee charged in the same operation. This wasn't a rogue employee. It was the business model.

Veeam Has Seven Critical RCE Flaws and Ransomware Operators Are Paying Attention

John Z Black Mar 13, 2026

Vulnerability Intelligence #veeam #ransomware #rce #backup #patch #enterprise

Seven simultaneous unauthenticated RCE vulnerabilities in Veeam Backup & Replication. This is a ransomware operator's wishlist, and it all dropped at once. Patch now.

ClickFix Is the Social Engineering Trick That Took Over 2026

John Z Black Mar 10, 2026

Threat Intelligence #clickfix #social-engineering #ransomware #teams #phishing #a0backdoor #castlerat #chrome-extensions

A dead-simple social engineering trick is showing up everywhere in 2026. Users paste a command into PowerShell or a Run dialog and boom, malware runs. Three separate campaigns hit this week alone.