💰 Ransomware Activity
Ransomware groups in 2026 will likely use faster exfiltration and quieter intrusion methods. Expect more double extortion and shifting alliances among groups. Predictions indicate a continued dominance of ransomware in the dark web economy.
- Dark Web Guide 2026: The Biggest Threat Groups to Watch — Now, the gang has moved far beyond simple encryption, adopting a quadruple extortion model supported by its Tor hosted leak site, CL0P^\_-LEAKS. The group’s impact is significant, with more than $500 ...
- The State Of Ransomware 2026 - BlackFog — 1. Kid’s footwear operator Esquire Brands was reportedly targeted by the Play ransomware group, which claims to have stolen sensitive company data. The group listed Esquire Brands on its dark web leak...
- Weekly Intelligence Report – 20 February 2026 — Image 16 _Source: Dark Web_ Relevancy & Insights: Space Bears operates a dedicated leak site that was first identified in April 2024. This site is used to publish stolen data from victims, showc...
- Weekly Intelligence Report – 13 February 2026 - CYFIRMA — Source: Dark Web Relevancy & Insights: Everest is a “double-extortion” ransomware gang: attackers first exfiltrate data, then encrypt systems, and finally threaten to leak or sell the stolen infor...
🚨 Critical Vulnerabilities
A critical vulnerability in FileZen (CVE-2026-25108) was exploited in 2026 and added to CISA's KEV catalog. Immediate patching is required. Russian state-sponsored APT28 exploited a Microsoft Office zero-day (CVE-2026-21509) in January 2026.
- Critical FileZen Bug Exploited, Patch Immediately for CVE-2026 ... — # Critical FileZen Bug Exploited, Patch Immediately for CVE-2026-25108 Vulnerability. ## A Critical Vulnerability in FileZen File Transfer Solution Exploited in the Wild. A recently disclosed vulnerab...
- CISA Adds Two Known Exploited Vulnerabilities to Catalog — [Skip to main content](https://www.cisa.gov/news-events/alerts/2026/02/25/cisa-adds-two-known-exploited-vulnerabilities-catalog#main). * [Spotlight](https://www.cisa.gov/spotlight). 1. [Home](http...
- CISA Adds Four Known Exploited Vulnerabilities to Catalog — [Skip to main content](https://www.cisa.gov/news-events/alerts/2026/02/17/cisa-adds-four-known-exploited-vulnerabilities-catalog#main). * [Spotlight](https://www.cisa.gov/spotlight). 1. [Home](htt...
- January 2026 CVE Landscape: 23 Critical Vulnerabilities Mark 5 ... — # January 2026 CVE Landscape: 23 Critical Vulnerabilities Mark 5% Increase, APT28 Exploits Microsoft Office Zero-Day. January 2026 saw a modest 5% increase in high-impact vulnerabilities, with Recorde...
🛡️ Incident Response & DFIR News
Recent DFIR news includes new ransomware threats and exploited vulnerabilities, with CISA adding several known vulnerabilities to its catalog. The DFIR Report offers actionable intelligence from real intrusions. SANS DFIR Summit focuses on digital forensics and incident response training.
- SANS DFIR Summit & Training 2026 | Cybersecurity Training — About DFIR NetWars: Focused on digital forensics, incident response, threat hunting, and malware analysis, this tool-agnostic approach covers everything from low-level artifacts to high-level behavior...
- The DFIR Report | Actionable Cyber Threat Intelligence — Dfir-Home-Hero-Background # Where Incidents Become Intelligence The DFIR Report delivers detailed, actionable intelligence drawn directly from observed intrusions—empowering organizations to harden ...
- Incident response — Latest News, Reports & Analysis — ## STAC6565 Targets Canada in 80% of Attacks as Gold Blade Deploys QWCrypt Ransomware How Can Retailers Cyber-Prepare for the Most Vulnerable Time of the Year? How Can Retailers Cyber-Prepare for the...
- Cybersecurity Alerts & Advisories - CISA — Cybersecurity Advisory: Provides detailed information on cyber threats, including threat actor tactics, techniques, and procedures and indicators of compromise, along with recommended actions for det...
📰 Latest Ransomware Attacks
In 2026, ransomware attacks continue to target global sectors, with healthcare and government being primary victims. The United Arab Emirates thwarted significant ransomware attempts. AI-driven attacks and RaaS platforms are increasing threat levels.
- February 2026: Recent Cyber Attacks, Data Breaches ... — University of Mississippi Medical Center University of Mississippi Medical Center closes clinics after ransomware attack Unknown A ransomware attack crippled the University of Mississippi Medical C...
- The State Of Ransomware 2026 - BlackFog — # The State Of Ransomware 2026 ## January 2026 opened with 91 publicly disclosed ransomware attacks. Healthcare was the most targeted sector with 27 incidents, followed by government with 11 and man...
- 2026 Global Cyber Risk Outlook Reveals New ... — Ransomware remains one of the biggest concerns for cyber security teams today as it continues to pose a major threat to organisations worldwide. Over the last five to ten years, ransomware attacks hav...
- Threat Brief: March 2026 Escalation of Cyber Risk Related to Iran — ### Other Threat Group Activity Cybercriminals are reportedly capitalizing on the conflict in the United Arab Emirates in a social engineering vishing scam to steal credentials. The threat actors cal...
Facing an active incident? Contact us immediately at alerts@binary-response.com — we respond 24/7.