Forbes

Ongoing Ransomware Attacks Exploit Linux Vulnerability, CISA Warns

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Admit it: the first thing you think of when ransomware is ...
Hosted on MSN

Ransomware hackers are now running Linux encryptors in Windows to stay undetected

Qilin ransomware uses WSL to run Linux encryptors stealthily on Windows systems Attackers bypass Windows defenses by executing ELF binaries inside WSL environments EDR tools miss WSL-based threats, ...
CSOonline

Cross-platform ransomware: Qilin weaponizes Linux binaries against Windows hosts

Agenda ransomware group, popularly known as Qilin, has been abusing legitimate remote management and file transfer tools, security researchers revealed in a new disclosure. By deploying a Linux-based ...
Infosecurity-magazine.com

Albabat Ransomware Evolves to Target Linux and macOS

New versions of the Albabat ransomware have been developed, enabling threat actors to target multiple operating systems (OS) and improve the efficiency of attacks. Trend Micro researchers said ...
Dark Reading

Qilin Targets Windows Hosts With Linux-Based Ransomware

The Quilin ransomware group has attacked Windows hosts using a Linux-based binary in a cross-platform attack that can evade Windows-centric detections and security solutions, including conventional ...
Forbes

New FBI Warning — Windows And Linux Users Must Apply 2FA Now

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Update, July 28, 2025: This story, originally published on ...
Bleeping Computer

New Akira ransomware decryptor cracks encryptions keys using GPUs

Security researcher Yohanes Nugroho has released a decryptor for the Linux variant of Akira ransomware, which utilizes GPU power to retrieve the decryption key and unlock files for free. Nugroho ...
CSOonline

Ransomware upstart Gunra goes cross-platform with encryption upgrades

A new Linux variant of the “Gunra” ransomware family has been identified with highly configurable multithreading, allowing attackers to run up to 100 parallel encryptions. A Trend Micro research ...
PC World

LockBit ransomware returns with a vengeance, affecting multiple OSes

The cybercriminal group known as LockBit has released an improved 5.0 version of its ransomware (LockBit 5.0), which is “significantly more dangerous,” warns Trend Micro. The malware now attacks ...
Bleeping Computer

Experimental PromptLock ransomware uses AI to encrypt, steal data

Threat researchers discovered the first AI-powered ransomware, called PromptLock, that uses Lua scripts to steal and encrypt data on Windows, macOS, and Linux systems. The malware uses OpenAI’s ...
TechSpot

LockBit ransomware returns, targeting Windows, Linux, and VMware ESXi

What we know so far: Whether LockBit 5.0 achieves broad deployment remains to be seen, but its design signals that ransomware ecosystems are evolving beyond traditional Windows-only targets. Security ...