Between October and November 2025, one of the biggest cybercrime operations in Interpol history saw the arrest of 574 people suspected of business email compromise (BEC), digital extortion, and ransomware. Despite its scale, the operation gained almost no attention in the US and UK because it happened across 19 African countries, principally Ghana and Nigeria. […]

It’s nearly 20 years since I first encountered ransomware as the security editor of an online computer magazine, although at the time I had no idea what it was and the term had not yet been coined to describe it. A reader emailed me to describe how the main computer he used as part of […]

His name is Guan Tianfeng and in December 2024 the US State Department’s Rewards for Justice campaign placed a reward of up to $10 million for anyone offering information on his whereabouts. Guan Tianfeng, it is alleged, masterminded an April 2020 attack on Sophos XG firewalls using an exploit for a zero-day vulnerability later hastily […]

When ransomware strikes, the first question every security team asks themselves is how the attackers got inside what was supposed to be a well-defended network. These days, the question is asked within minutes of the attack being discovered, and for good reason. Without understanding the weakness that led to an attack, resolving it is a […]

Ransomware’s history is littered with threat actors that rise and fall but every now and then a new name appears that grabs people’s attention for the wrong reasons. RansomHub, a ransomware-as-a-service (RaaS) platform which seems to have successfully recruited affiliates from the downed BlackCat and Lockbit groups during 2024, is the latest example of this […]