VulnHub

Real-time Cybersecurity News

Ransomware Victim Numbers Rise, Despite Drop in Active Extortion Groups

Infosecurity Magazine
RansomwareExploit

Overview

According to researchers from ReliaQuest, the number of ransomware victims increased significantly in the fourth quarter of 2025, even though there were fewer active extortion groups at that time. The report indicates that data leaks also saw a dramatic rise of 50%. This situation suggests that while the number of groups engaging in ransomware attacks has decreased, the effectiveness and impact of those that remain have intensified. Companies and organizations need to be vigilant and enhance their cybersecurity measures, as the rise in victims and data leaks indicates that attackers are still finding ways to exploit vulnerabilities. This trend raises concerns about the overall security posture of businesses and the potential exposure of sensitive information.

Key Takeaways

  • Action Required: Companies should enhance cybersecurity measures and consider implementing more robust data protection strategies.
  • Timeline: Ongoing since Q4 2025

Original Article Summary

Ransomware victims surged in Q4 2025 despite fewer active extortion groups, with data leaks rising 50%, ReliaQuest researchers report

Impact

Not specified

Exploitation Status

The exploitation status is currently unknown. Monitor vendor advisories and security bulletins for updates.

Timeline

Ongoing since Q4 2025

Remediation

Companies should enhance cybersecurity measures and consider implementing more robust data protection strategies.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Ransomware, Exploit.

Read Original Article

Related Coverage

Taiwanese operator of Incognito Market sentenced to 30 years over $105M darknet drug ring

Security Affairs

Rui-Siang Lin, a 24-year-old Taiwanese man, has been sentenced to 30 years in prison for his role in operating Incognito Market, a significant darknet drug marketplace. This platform facilitated the sale of over one ton of illegal drugs, amounting to more than $105 million in transactions. Lin was found guilty of various charges, including conspiracy to distribute narcotics. The case illustrates the ongoing challenges law enforcement faces in combating illicit online drug trade and underscores the risks associated with the anonymity provided by darknet platforms. The long sentence reflects the severity of his actions and serves as a warning to others involved in similar activities.

Feb 4, 2026

Half of Chrome AI extensions are harvesting your data - see the surprising worst offenders

Latest news

Recent research reveals that nearly half of Chrome AI extensions are collecting user data without proper consent. Tools focused on coding, transcription, and productivity seem to be the worst offenders, raising significant privacy concerns for users. This issue could affect anyone using these extensions, as they often require extensive permissions to function. The findings suggest that many users may unknowingly expose their personal information to third parties through these seemingly helpful tools. As the use of AI technology grows, it’s crucial for users to be aware of what data they are sharing and how it might be used.

Feb 4, 2026

CISA: VMware ESXi flaw now exploited in ransomware attacks

BleepingComputer

CISA has reported that ransomware gangs are now exploiting a serious vulnerability in VMware ESXi, which allows attackers to escape sandboxes and gain unauthorized access to systems. This vulnerability, which had previously been used in zero-day attacks, poses a significant risk to organizations using affected VMware products. Companies relying on VMware ESXi for virtualization need to be particularly vigilant, as attackers are actively targeting this flaw. The exploitation of such vulnerabilities can lead to severe data breaches and financial losses. Organizations should prioritize patching their systems to mitigate this risk and protect sensitive data from potential ransomware attacks.

Feb 4, 2026

Global SystemBC Botnet Found Active Across 10,000 Infected Systems

Infosecurity Magazine

Researchers have identified the SystemBC malware, which is currently active across approximately 10,000 infected systems. This botnet is particularly concerning as it poses risks to sensitive government infrastructure, potentially exposing critical data and functionalities to malicious actors. The malware's widespread presence raises alarms about the security of various networks, especially those that manage important public services. Organizations, particularly in the public sector, need to take immediate action to secure their systems against this threat. Failure to address this could lead to significant operational disruptions and data breaches.

Feb 4, 2026

UK investigates X over Grok AI's nonconsensual image generation

SCM feed for Latest

The UK's data protection authority has initiated an investigation into X and its Irish subsidiary over allegations that the Grok AI assistant was utilized to create nonconsensual sexual images. This raises serious concerns about privacy and consent, particularly in how AI technologies are being employed. The investigation aims to determine whether X has violated data protection laws, especially regarding the generation of harmful content without individuals' consent. The implications of this investigation could lead to stricter regulations on AI use and accountability for companies developing such technologies. Users and stakeholders are closely watching this case, as it could set precedents for how AI-generated content is governed.

Feb 4, 2026

CISA warns of five-year-old GitLab flaw exploited in attacks

BleepingComputer

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding a five-year-old vulnerability in GitLab that is currently being exploited in cyberattacks. This flaw affects various versions of GitLab, and its exploitation puts government agencies and organizations using this software at risk. CISA is urging all agencies to apply the necessary patches to safeguard their systems against potential attacks. This situation emphasizes the importance of keeping software up to date, especially for widely used platforms like GitLab. Failure to address such vulnerabilities can lead to serious security breaches, impacting sensitive data and operations.

Feb 4, 2026