VulnHub

Real-time Cybersecurity News

Ransomware, fraud, and lawsuits drive cyber insurance claims to new peaks

Help Net Security
Actively Exploited
RansomwareVulnerability

Overview

The 2026 InsurSec Report from At-Bay reveals a significant increase in cyber insurance claims, with a 7% rise in frequency and an average claim severity reaching $221,000. Ransomware attacks are notably costly, with an average severity of $508,000, marking a 16% increase from the previous year. A key finding is that remote access services were the entry point for 87% of ransomware claims in 2025, indicating a major vulnerability for organizations. This rise in claims underscores the growing threat of cyber incidents, particularly ransomware, and highlights the need for businesses to strengthen their security measures. As cyber threats evolve, companies must prioritize securing remote access points to mitigate risks and potential financial losses.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: Remote access services, ransomware incidents
  • Action Required: Strengthen security measures on remote access services, implement multi-factor authentication, conduct regular security audits.
  • Timeline: Newly disclosed

Original Article Summary

The 2026 InsurSec Report from At-Bay, covering more than 100,000 policy years of claims data, documents a 7% year-over-year rise in overall claim frequency and an all-time high average severity of $221,000. Ransomware severity reached $508,000, up 16% from the prior year, making it the costliest incident type by a wide margin. Remote access weaknesses dominate ransomware entry Remote access services served as the entry point for 87% of ransomware claims in 2025, up from … More → The post Ransomware, fraud, and lawsuits drive cyber insurance claims to new peaks appeared first on Help Net Security.

Impact

Remote access services, ransomware incidents

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Newly disclosed

Remediation

Strengthen security measures on remote access services, implement multi-factor authentication, conduct regular security audits

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Ransomware, Vulnerability.

Read Original Article

Related Coverage

Taiwan High-Speed Rail Emergency Braking Hack: How a Student Stopped the Trains and Exposed a Major Security Gap

Security Affairs

A 23-year-old student in Taiwan caused significant disruption to the high-speed rail system by spoofing signals and triggering an emergency alarm, halting four trains for nearly an hour during a busy holiday period. This incident occurred on the Qingming Festival, a time when many people travel, leading to chaos and delays for thousands of passengers. Experts are concerned about the security vulnerabilities in the rail system, which is a critical part of Taiwan's infrastructure. This event raises serious questions about the safety measures in place to protect against such tampering and the potential for more sophisticated attacks in the future. The incident serves as a reminder of the importance of cybersecurity in public transportation systems and the need for robust protective measures.

May 6, 2026

A DOD contractor’s API flaw exposed military course data and service member records

CyberScoop

Researchers discovered a significant flaw in the API of Schemata, a contractor for the Department of Defense, which exposed sensitive information related to military courses and service members. This breach included personal details such as names, email addresses, base assignments, and course materials before Schemata implemented a fix and informed government officials. The exposure raises serious concerns about the security of military data and the potential risks to service members' privacy. Such incidents highlight the need for stringent security measures among contractors handling sensitive government information. The incident serves as a reminder of the vulnerabilities that can exist in systems that support military operations.

May 6, 2026

Roku sued for allegedly bricking TVs - see which models are affected, and your best alternatives

Latest news

Roku is facing a lawsuit after numerous users reported that their Roku TVs have become unusable, either getting stuck in boot loops or displaying black screens. This issue affects several models, leading to frustration among customers who rely on these devices for streaming. Users have taken to social media and forums to express their dissatisfaction, prompting legal action against the company. The situation raises concerns about the reliability of Roku devices and the potential need for better customer support and product durability. As these issues continue, affected users are encouraged to seek alternatives while the lawsuit unfolds.

May 6, 2026

Critical vm2 sandbox bug lets attackers execute code on hosts

BleepingComputer

A serious vulnerability in the vm2 library, widely used for sandboxing in Node.js applications, has been discovered. This flaw allows attackers to escape the sandbox environment and execute arbitrary code on the host system, posing a significant risk to applications relying on vm2 for security. Developers and organizations using this library need to take immediate action to safeguard their systems, as this vulnerability could lead to severe breaches. The issue affects multiple versions of vm2, making it critical for users to update their systems promptly. Failure to address this vulnerability could leave systems exposed to potential attacks.

May 6, 2026

Australian small businesses lack cyber security plans, research finds

SCM feed for Latest

A recent study by Ipsos, commissioned by Optus, reveals that one in three small businesses in Australia have faced a cyber incident. Despite this alarming statistic, many of these businesses are not adequately prepared for future attacks. The research indicates a significant gap in cybersecurity planning among small enterprises, which could leave them vulnerable to more sophisticated threats. This lack of readiness is concerning, as cyber incidents can lead to severe financial and reputational damage. Small businesses need to prioritize developing and implementing effective cybersecurity strategies to protect their operations and customer data.

May 6, 2026

MetInfo CMS vulnerability exploited by threat actors

SCM feed for Latest

A serious vulnerability in MetInfo CMS, labeled CVE-2026-29014, has been discovered that allows unauthenticated attackers to execute arbitrary PHP code remotely. This flaw has a high severity rating of 9.8, indicating a significant risk to users of the platform. Organizations using MetInfo should be particularly vigilant, as this could lead to unauthorized access and control over their websites. As of now, there are concerns that this vulnerability is being actively exploited, which underscores the urgency for users to take action. It is crucial for affected users to apply any available patches and review their security measures to protect against potential intrusions.

May 6, 2026