SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation
Threat actors associated with The Gentlemen ransomware‑as‑a‑service (RaaS) operation have been observed attempting to deploy a known proxy malware called SystemBC.
According to new research published by Check Point, the...
$13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims
Ravie LakshmananApr 18, 2026Money Laundering / Regulatory Compliance
Grinex, a Kyrgyzstan-incorporated cryptocurrency exchange sanctioned by the U.K. and the U.S. last year, said it's suspending operations after it blamed Western...
ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories
Ravie LakshmananApr 16, 2026Hacking News / Cybersecurity News
You know that feeling when you open your feed on a Thursday morning and it's just... a lot? Yeah. This week delivered. We've got hackers...
CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software
Ravie LakshmananApr 14, 2026Vulnerability / Network Security
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added half a dozen security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence...
OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident
OpenAI revealed a GitHub Actions workflow used to sign its macOS apps led to the download of the malicious Axios library on March 31, but noted that no user...
ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories
Ravie LakshmananApr 09, 2026Hacking News / Cybersecurity News
Thursday. Another week, another batch of things that probably should've been caught sooner but weren't.
This one's got some range — old vulnerabilities getting new...
ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories
Ravie LakshmananApr 09, 2026Hacking News / Cybersecurity News
Thursday. Another week, another batch of things that probably should've been caught sooner but weren't.
This one's got some range — old vulnerabilities getting new...
China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware
Ravie LakshmananApr 07, 2026Vulnerability / Threat Intelligence
A China-based threat actor known for deploying Medusa ransomware has been linked to the weaponization of a combination of zero-day and N-day vulnerabilities to...
BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks
Ravie LakshmananApr 06, 2026Cybercrime / Financial Crime
Germany's Federal Criminal Police Office (aka BKA or the Bundeskriminalamt) has unmasked the real identities of two of the key figures associated with...
Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools
Ravie LakshmananApr 06, 2026Ransomware / Endpoint Security
Threat actors associated with Qilin and Warlock ransomware operations have been observed using the bring your own vulnerable driver (BYOVD) technique to silence security tools running on compromised...
