The UNC3944/Scattered Spider group launches new social engineering campaigns targeting European IT helpdesks. TTP analysis, MGM/Caesars parallels, and defense plan.
The Qilin ransomware group breached Covenant Health (Michigan, 16 hospitals) and exfiltrated data on 480,000 patients. Analysis of HIPAA notification obligations, Qilin's threat profile, and the rise of ransomware in healthcare in 2026.
On April 1, 2026, Middlesex County in New Jersey was struck by a ransomware attack targeting its municipal and public safety systems. This new incident confirms the structural vulnerability of local US governments to cybercriminal groups.
Microsoft Threat Intelligence documents Storm-1175, the first major Chinese actor linked to the Medusa ransomware. Targets: hospitals, education, and finance in Australia, the UK, and the USA. Less than 24 hours from initial access to encryption.
Pro-Ukrainian hacktivist group Bearlyfy has conducted over 70 cyberattacks against Russian companies since January 2025, deploying custom ransomware GenieLocker.
Foster City, California declared a state of emergency after a ransomware attack paralyzed municipal services for over a week.
Ransomware group Qilin claims an attack on Malaysia Airlines. Passenger bookings, HR files, vendor contracts, and internal communications compromised.
Analysis of the 2026 ransomware landscape: Qilin reaches 1,480+ victims, data-only exfiltration tactics emerge, and new non-Russian actors enter the scene.
On March 11, 2026, TELUS Digital suffered a ransomware attack claimed by ShinyHunterz, compromising 1 petabyte of data. Incident analysis and takeaways.