Two UK teenagers, core members of the Scattered Spider hacking group, have been sentenced to 5.5 years for a £29 million cyber attack on Transport for London. The case demonstrates the group’s social engineering prowess and the role of cryptocurrency tracing in identifying attackers, while one hacker now faces extradition to the US for $87 million in extortion.
The ransomware attack on Coca-Cola's Fairlife subsidiary has shut down US dairy production, with the company's SEC filing revealing a breach of production systems. No threat actor has claimed responsibility, and the investigation is ongoing, raising questions about data exfiltration and potential extortion. Cybersecurity experts note parallels to past food sector attacks that caused weeks of disruption.
Sysdig’s JadePuffer attack marks the first agentic ransomware, with an AI autonomously encrypting over 1,300 records in a real incident. Human operators still set up the infrastructure, signaling a new era of human-AI teaming in cybercrime. Defenders must prepare for machine-speed attacks that adapt within seconds.
Hong Kong’s Kee Wah Bakery suffers a ransomware attack, potentially exposing employee, partner and customer data. The incident, reported to regulators, highlights growing supply chain and third‑party risks in the region’s digitally connected food retail sector.
While global ransomware incident volume has seen a notable decline in early 2026, specialized threat actors like CL0P and The Gentlemen are bucking the trend with aggressive campaigns. This shift indicates a strategic move away from high-volume encryption toward sophisticated, high-value data exfiltration and targeted extortion.
The percentage of ransomware victims opting to pay ransoms has plummeted to an all-time low of 28%, even as the total volume of attacks continues to climb. This trend signals a major shift in corporate resilience and a growing refusal to fund the cybercriminal ecosystem.
The University of Mississippi Medical Center has shuttered approximately 36 clinics and canceled elective procedures following a major ransomware attack. The disruption, entering its second day, highlights the critical vulnerability of regional healthcare infrastructure to digital extortion.
The University of Mississippi Medical Center (UMMC) has suspended operations across its entire clinic network following a disruptive ransomware attack. The shutdown highlights the critical vulnerability of academic medical centers and the extreme measures required to contain modern cyber threats.
The University of Mississippi Medical Center (UMMC) has suspended operations across its entire network of clinics following a disruptive ransomware attack. The incident has forced the state's only academic medical center to transition to manual processes and divert non-emergency patients, highlighting the persistent vulnerability of critical healthcare infrastructure.
Japanese semiconductor testing giant Advantest has confirmed a ransomware incident affecting its corporate network and potentially compromising sensitive data. The company is currently investigating the scope of the breach and has pledged direct notification to any affected customers or employees.
The ransomware landscape is undergoing a significant shift as the LockBit cartel launches its 5.0 iteration with cross-platform capabilities, while a mysterious new entity, 0APT, claims over 200 victims without providing proof of data theft. These developments highlight a dual-track evolution of high-end technical sophistication and aggressive, volume-based psychological warfare.