Latest Ransomware News and New File Extensions Chaos Ransomware: New Encrypted File Extension: Not specified in reports. Attack Methods: An upgraded C++ variant includes new encryption methods, destructive wiper capabilities, and cryptocurrency-stealing functions. It operates as a Ransomware-as-a-Service (RaaS). Targets: General targets via its RaaS model; a recent victim includes MSS Solutions. Decryption Status: No …

Latest Ransomware News and New File Extensions Medusa Ransomware: New Encrypted File Extension: Not specified. Attack Methods: Exploitation of a critical deserialization vulnerability (CVE-2025-10035) in Fortra GoAnywhere MFT software, attributed to the threat actor Storm-1175. Targets: Organizations using vulnerable versions of Fortra GoAnywhere MFT. Decryption Status: No known decryption method mentioned. Source: Microsoft Links Storm-1175 …

Latest Ransomware News and New File Extensions Cl0p Ransomware: New Encrypted File Extension: Not specified. The primary goal noted is data theft. Attack Methods: Actively exploiting a critical zero-day vulnerability (CVE-2025-61882) in Oracle’s E-Business Suite, which allows for unauthenticated remote code execution. Targets: Organizations using Oracle E-Business Suite. Decryption Status: The threat focuses on data …

Latest Ransomware News and New File Extensions Medusa: New Encrypted File Extension: Not specified in the articles. Attack Methods: Data exfiltration for public leakage (double extortion). Specific intrusion vectors are not mentioned. Targets: CCMC (community management), Comcast (media/tech), Organon (pharmaceuticals), Insightin Health (healthcare tech), Future Generali (insurance), Leprohon (construction), and LGB (manufacturing). The group lists …

Latest Ransomware News and New File Extensions ShinyHunters Extortion Group: New Encrypted File Extension: Not applicable (extortion based on data theft). Attack Methods: Breaching companies via their Salesforce instances, exfiltrating data, and then extorting the victims through a dedicated data leak site. The group has threatened to publish stolen data if its demands are not …

Latest Ransomware News and New File Extensions Cl0p-affiliated Activity: New Encrypted File Extension: Not specified. Attack Methods: Sending extortion emails directly to executives, claiming to have stolen sensitive data from their Oracle E-Business Suite systems. This is a data theft and extortion campaign rather than a traditional encryption attack. Targets: Organizations using Oracle E-Business Suite. …

Latest Ransomware News and New File Extensions Motility Software Solutions Ransomware Attack: New Encrypted File Extension: Not specified. Attack Methods: A ransomware attack that resulted in data exfiltration. Targets: Motility Software Solutions, a provider of dealer management software. The breach exposed the data of 766,000 customers. Decryption Status: Not specified in the report. Source: Data …

Latest Ransomware News and New File Extensions Akira: New Encrypted File Extension: Not specified. Attack Methods: Actively targeting SonicWall firewall customers by exploiting a known vulnerability. Targets: A wide range of industries including manufacturing (Cascade Pacific Pulp, Midwest Industries, Sinco, Pawling), aviation (Priester Aviation), construction (Burke Contracting), real estate (Sueba USA), retail/distribution (Tom Duffy Company, …

Latest Ransomware News and New File Extensions Akira Ransomware: New Encrypted File Extension: Not specified. Attack Methods: Breaching SonicWall SSL VPN devices, successfully logging into accounts even when they are protected with One-Time Password (OTP) Multi-Factor Authentication (MFA). It is suspected this is achieved using previously stolen OTP seeds. Targets: Organizations using vulnerable SonicWall SSL …

Latest Ransomware News and New File Extensions Akira Ransomware: New Encrypted File Extension: Not specified in the article. Attack Methods: Breaching SonicWall SSL VPN accounts, even those protected with OTP-based Multi-Factor Authentication (MFA). The method is suspected to involve the use of previously stolen OTP seeds. Targets: Organizations utilizing SonicWall SSL VPN devices. Decryption Status: …