ransomware4 articles
Play Ransomware Claims MyPillow Scalp — Lindell Says It's a Political Stitch-Up
The Russian-language ransomware group Play has claimed to have stolen sensitive financial and personal data from Mike Lindell's MyPillow, setting a Friday deadline for the company to make contact before publishing the data. Lindell has denied the breach, dismissing the claims as a politically motivated "hit job" related to his gubernatorial campaign. Play has targeted over 900 organisations since 2022 and is known for data theft and extortion tactics.
Microsoft Dismantles Shady Code-Signing Operation Fuelling Ransomware Campaigns
Microsoft has taken down a malware-signing service that threat actors were using to get ransomware and other malicious software past Windows security defences. The operation targeted a cybercriminal outfit providing a kind of laundering service for malware, giving it legitimately signed certificates so it looked trustworthy to the operating system.
Shadow AI Is the Insider Threat Nobody's Watching
Verizon's 2026 Data Breach Investigations Report reveals a fourfold increase in "shadow AI" use, with 67% of employees who regularly use AI at work doing so through unauthorized personal accounts, potentially exposing sensitive corporate data such as source code, documents, and proprietary research to unvetted third-party platforms. The report also highlights worsening vulnerability management, with remediation rates for critical flaws dropping from 38% to 26% and resolution times rising from 32 to 43 days, while ransomware featured in nearly half of all breaches. On a positive note, ransom payments continued to decline, with 69% of victims refusing to pay and the median payment falling slightly to just under $140,000.
Grafana Labs Got Its GitHub Raided. It's Not Paying Up.
Grafana Labs has disclosed that an unauthorized attacker obtained a token to access its GitHub environment and stole its codebase, subsequently threatening to release the code unless a ransom was paid. The company refused to pay, citing FBI guidance and the fact that no customer data or operational systems were affected. The incident's impact may be limited, as much of Grafana's code is already open source, though it remains unclear exactly what proprietary code was taken.