Latest news

CISA Adds Oracle PeopleSoft Zero-Day CVE-2026-35273 to KEV Catalog After Ransomware Gang Exploitation
Ransomware

CISA Adds Oracle PeopleSoft Zero-Day CVE-2026-35273 to KEV Catalog After Ransomware Gang Exploitation

18 June 2026 dark6

CISA has added a critical Oracle PeopleSoft vulnerability (CVE-2026-35273) to its Known Exploited Vulnerabilities catalog after confirming active exploitation in...
Read more 0
DragonForce Ransomware Abuses Microsoft Teams TURN Relay to Hide Malicious C2 Traffic
Ransomware

DragonForce Ransomware Abuses Microsoft Teams TURN Relay to Hide Malicious C2 Traffic

17 June 2026 dark6

Symantec researchers have discovered that DragonForce ransomware actors used a novel Go-based backdoor called Backdoor.TURN to route C2 communications through...
Read more 0
CVE-2026-50751: Check Point VPN 0-Day Actively Exploited to Deploy Qilin Ransomware
Ransomware

CVE-2026-50751: Check Point VPN 0-Day Actively Exploited to Deploy Qilin Ransomware

9 June 2026 dark6

A critical CVSS 9.3 authentication bypass in Check Point Remote Access VPN (CVE-2026-50751) is being actively exploited in the wild,...
Read more 0
The Gentlemen Ransomware Group: Fortinet Exploits, AI Operations, and Custom C2 Make Them 2026’s Most Dangerous Crew
Ransomware

The Gentlemen Ransomware Group: Fortinet Exploits, AI Operations, and Custom C2 Make Them 2026’s Most Dangerous Crew

5 June 2026 dark6

Russian-speaking ransomware group The Gentlemen ranks second in 2026 activity, exploiting Fortinet vulnerabilities, deploying the custom G-BOT C2 framework, using...
Read more 0
‘The Gentlemen’ Ransomware: Self-Propagating Go Encryptor Uses SYSTEM Scheduled Tasks to Lock Entire Networks
Ransomware

‘The Gentlemen’ Ransomware: Self-Propagating Go Encryptor Uses SYSTEM Scheduled Tasks to Lock Entire Networks

30 May 2026 dark6

A new Go-based ransomware called The Gentlemen (tracked as Storm-2697 by Microsoft) spreads automatically across networks using eight simultaneous propagation...
Read more 0
NightSpire Ransomware Exploits RDP and Remote Admin Tools to Hit 64 Organizations in 33 Countries
Ransomware

NightSpire Ransomware Exploits RDP and Remote Admin Tools to Hit 64 Organizations in 33 Countries

28 May 2026 dark6

NightSpire ransomware has hit at least 64 organizations across 33 countries by exploiting Remote Desktop Protocol access and installing legitimate...
Read more 0
Payload Ransomware Deploys ChaCha20 + Curve25519 ECDH to Lock Files — 50+ Victims Across Five Countries
Ransomware

Payload Ransomware Deploys ChaCha20 + Curve25519 ECDH to Lock Files — 50+ Victims Across Five Countries

26 May 2026 dark6

A new ransomware operation called Payload has emerged using military-grade ChaCha20 encryption paired with Curve25519 ECDH key exchange, making file...
Read more 0
WantToCry Ransomware Encrypts Files Remotely Over SMB — No Malware Required
Ransomware

WantToCry Ransomware Encrypts Files Remotely Over SMB — No Malware Required

22 May 2026 dark6

A ransomware operation called WantToCry is exploiting exposed SMB file-sharing services to encrypt business data without ever installing malware on...
Read more 0
Inside The Gentlemen: The Fastest-Growing Ransomware-as-a-Service Operation of 2026 — 332 Victims, Leaked Playbook Exposed
Ransomware

Inside The Gentlemen: The Fastest-Growing Ransomware-as-a-Service Operation of 2026 — 332 Victims, Leaked Playbook Exposed

16 May 2026 dark6

The Gentlemen, a ransomware-as-a-service operation that emerged in mid-2025, has claimed approximately 332 victims in the first five months of...
Read more 0
Foxconn Confirms Cyberattack: Nitrogen Ransomware Gang Claims 8TB Stolen From North American Plants
Ransomware

Foxconn Confirms Cyberattack: Nitrogen Ransomware Gang Claims 8TB Stolen From North American Plants

14 May 2026 dark6

Foxconn has confirmed a ransomware attack on its North American factories after the Nitrogen gang claimed to have stolen 8TB...
Read more 0
VECT 2.0 Ransomware Permanently Destroys Files Over 128 KB Due to Encryption Flaw
Ransomware

VECT 2.0 Ransomware Permanently Destroys Files Over 128 KB Due to Encryption Flaw

1 May 2026 dark6

A critical encryption bug in VECT 2.0 ransomware permanently destroys all files larger than 128 KB rather than encrypting them,...
Read more 0
Qilin Ransomware Adopts Stealthy RDP History Enumeration to Map Victim Networks
Ransomware

Qilin Ransomware Adopts Stealthy RDP History Enumeration to Map Victim Networks

1 May 2026 dark6

The Qilin ransomware group, responsible for over 700 attacks in 2025, has been observed using a stealthy PowerShell technique to...
Read more 0