Bleeping Computer

VanHelsing ransomware builder leaked on hacking forum

The VanHelsing ransomware-as-a-service operation published the source code for its affiliate panel, data leak blog, and Windows encryptor builder after an old developer tried to sell it on the RAMP ...
The Hacker News

Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access

Interlock ransomware is actively exploiting CVE-2026-20131 (CVSS 10.0) in Cisco FMC, enabling unauthenticated remote code execution as root.
Business Wire

Sygnia First to Link Two Ransomware Groups to Larger Chinese Threat Actor, Dubbed ‘Emperor Dragonfly’

In a new report, Sygnia’s Incident Response (IR) team connects Night Sky and Cheerscrypt activity to one unified threat group targeting Windows and VMWare ESXi environments TEL AVIV, Israel & NEW YORK ...