Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The manufacturing sector has long been a favorite target for ransomware actors. However, the true scale of the issue has only recently become apparent: research published in Infosecurity Magazine last December revealed that ransomware attacks on manufacturing companies have caused an estimated $17bn in downtime since 2018. But why is the manufacturing sector so vulnerable? And what can organizations do to protect themselves? Keep reading to find out.

2024 saw data-leak sites (DLSs) for 72 extortion groups materialise. As of February 2025, Cyjax has identified DLSs for five new groups, as noted in recent blogs on extortion groups Kraken, Morpheus, GD LockerSec, and Babuk2. The fifth one to emerge goes by the name Linkc. Read on to find out what Cyjax knows so far about this new entrant into the data leak extortion scene.

The RansomHub ransomware group has emerged as a significant player in the ransomware landscape, making bold claims and substantiating them with data leaks. The group emerged after the Federal Bureau of Investigation (FBI) disrupted ALPHV’s ransomware operation on December 19, 2023. There are assumptions that RansomHub is a “spiritual successor” of the ALPHV group and operates with the help of former ALPHV affiliates.

On February 19, 2025, the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint advisory to disseminate known Ghost (Cring)—(“Ghost”)—ransomware IOCs and TTPs identified through FBI investigation as recently as January 2025. Detailed information about this threat and the associated IOCs and TTPs can be seen in the advisory: Ghost (Cring) Ransomware.

The future cyber threat is not static and appears to exploit vulnerabilities with fresh ransomware gangs and devastate businesses all over the world. One of such infamous gangs, Fog Ransomware, is currently dumping sensitive data of several businesses, recent attacks including GitLab deep. Foresiet security researchers believe that Fogs recently exploited Gitlab Cve perhaps they employed a fresh or unfixed zero-day vulnerability in GitLab.to launch its attacks.

You wake up to an unusual notification—a new device logged into your work email account overnight. But it’s not yours.

The government sector is facing growing cybersecurity threats that require robust solutions to safeguard sensitive data and critical infrastructure. With rapidly evolving threats—from adversarial actions from politically unstable state actors to GenAI-powered social engineering and phishing campaigns—the government sector faces a pressing need to transition from reactive threat monitoring to proactive threat monitoring.

The origin of the word “Rhadamanthys”, goes back to Greek mythology where he was a legendary figure who ruled as king of Crete. Born to Zeus and Europa, he held the status of demigod and was renowned for his wisdom. Rhadamanthys Stealer is a sophisticated information stealer written in C++ that employs multiple evasion techniques. The malware utilizes a custom packer for code obfuscation and incorporates anti-VM and anti-debugging mechanisms to prevent analysis.

Ransomware has evolved into one of the most devastating cyber threats of modern times, creating previously unimaginable financial and operational hardships for entities in every sector. As malicious actors employ increasingly sophisticated tools, honing their tactics and spreading their tentacles, understanding the key trends, targeted industries, and financial impact is at the heart of successfully mitigating risks.