Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Update, March 26, 2025: This story, originally published March ...

Ransomware has always been more than a technical risk—it’s a business, a weapon, and a psychological warfare tool. In my previous Forbes article titled “Ransomware on a Rampage; a New Wake-Up Call,” I ...

In 2022, the ALPHV Ransomware as a Service group attacked the city of Alexandria, La., with its malware. Two years later, LockBit ransomware bandits attacked Wichita, Kans. Once novel RaaS gangs are ...

On 29 August 2025, Huntress analysts encountered a previously unseen ransomware variant called “Obscura.” This name was taken from the ransom note (README_Obscura.txt), which also made several ...

As cybercrime surges around the world, new research increasingly shows that ransomware is evolving as a result of widely available generative AI tools. In some cases, attackers are using AI to draft ...

The past year was much quieter than 2024 in ransomware takedown and anti-cybercrime law enforcement operations. Additionally, less organized collectives such as Scattered Spider, Lapsus$ and ...

Ransomware-as-a-service (RaaS) models, double extortion tactics, and increasing adoption of AI characterize the evolving ransomware threat landscape. Law enforcement takedowns of groups such as ...

The number of ransomware victims paying threat actors has dropped to 28% last year, an all-time low, despite a significant increase in the number of claimed attacks. A downward payment trend has been ...

Ransomware isn’t just locking systems — it’s weaponizing fear, shame and time to bleed US banks dry. It's pay up, or get exposed. Before sunrise on a chilly November morning, I got the kind of call no ...

NeuShield, creators of the industry’s first Mirror Shielding™ technology, today announced a strategic partnership with Data Guards, a Canada-based managed service provider (MSP), to deliver instant ...

WithSecure acknowledges the complexity of modern cyber threats. Almost a year ago in June 2024, South Africa suffered substantial ransomware attacks again that disrupted services in July. They were ...