Top Ransomware Groups June 2025: Qilin Reclaims Top Spot
Qilin ransomware group tops June 2025 with 86 victims, surpassing rivals in a shifting threat landscape. Read Cyble’s analysis of top ransomware groups.| Cyble
Cyble Vulnerability Intelligence researchers tracked nearly 700 vulnerabilities in the last week, and more than 30 already have a publicly available Proof-of-Concept (PoC), significantly increasing the likelihood of real-world attacks exploiting those vulnerabilities. A total of 46 vulnerabilities were rated as critical under the CVSS v3.1 scoring system, while 36 received a critical severity rating based on the newer CVSS v4.0 scoring system. Here are some of the top IT ...| Cyble Podcast | Cybersecurity & Threat Intelligence Insights
In the time it takes to read this paragraph—less than a minute—thousands of cyberattacks will have struck systems across the world. Financial institutions remain among the most targeted, facing roughly a third of all global DDoS and web application attacks. For Chief Information Security Officers (CISOs) across Europe’s banking, financial services, and insurance (BFSI) sector, the mission is no longer limited to defending against known threats. It’s about anticipating t...| Cyble Podcast | Cybersecurity & Threat Intelligence Insights
The South Korea-aligned cyber espionage group APT-C-60 continued its aggressive targeting of Japanese organizations throughout Q3 2025, deploying three updated versions of its SpyGlace backdoor with enhanced capabilities and improved evasion techniques. JPCERT/CC's latest analysis reveals that attacks between June and August employed refined delivery mechanisms, more sophisticated victim tracking methods, and modified encryption schemes designed to complicate detection and analysis. Unl...| Cyble Podcast | Cybersecurity & Threat Intelligence Insights
For years, cybersecurity has revolved around one enduring truth: humans make the final call. Analysts detect, respond, and recover — often under immense pressure and shrinking time windows. But as threat actors grow more sophisticated and the global digital surface expands, that human-led model is nearing its breaking point. The next evolution in defense is already underway — Agentic AI. Unlike conventional AI systems that assist with specific tasks, agentic AI represents a fundamental ...| Cyble Podcast | Cybersecurity & Threat Intelligence Insights
Despite major changes in the leading ransomware groups, ransomware attacks have surged 50% in 2025, as cybercriminals have proven adept at finding new opportunities and exploiting vulnerabilities. Ransomware attacks were up 50% in 2025 through October 21, according to Cyble data, rising to 5,010 from 3,335 in the same period of 2024. Cyble’s data is based on ransomware group claims on their dark web data leak sites. From the decline of RansomHub to the rise of Qilin ...| Cyble Podcast | Cybersecurity & Threat Intelligence Insights
Overview The Cybersecurity and Infrastructure Security Agency (CISA) has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, impacting key enterprise and consumer products from Oracle, Microsoft, Apple, and Kentico. These vulnerabilities — ranging from authentication bypass to remote code execution — are confirmed to be actively exploited and/or present a heightened risk of exploitation. CISA has directed all federal civilian executive branch (FCEB) ag...| Cyble Podcast | Cybersecurity & Threat Intelligence Insights
Cyble Vulnerability Intelligence researchers tracked 996 vulnerabilities in the last week, and more than 140 already have a publicly available Proof-of-Concept (PoC), raising the likelihood of real-world attacks. A total of 74 vulnerabilities were rated as critical under the CVSS v3.1 scoring system, while 18 received a critical severity rating based on the newer CVSS v4.0 scoring system. Here are some of the more significant IT and ICS vulnerabilities flagged by Cyble threat intelligence...| Cyble Podcast | Cybersecurity & Threat Intelligence Insights
Europe's ransomware problem isn't getting better! Q3 2025 saw 288 attacks hammer organizations across the region, with Qilin claiming 65 victims and cementing its position as the most aggressive threat actor targeting the continent. But it's SafePay's meteoric rise to second place—and a devastating airport attack that rippled across multiple countries—that has security teams particularly worried about what's coming next. The numbers tell a sobering story in Cyble's latest report, “E...| Cyble Podcast | Cybersecurity & Threat Intelligence Insights
Executive Summary Cyble Research and Intelligence Labs (CRIL) observed a notable rise in Android malware campaigns masquerading as the Indian RTO (Regional Transport Office) applications and target Indian users to steal sensitive information. The malware spreads mainly through WhatsApp messages and SMS containing shortened URLs that appear as the RTO app, mParivahan, which redirect to GitHub-hosted APKs, and via compromised websites. Once installed, the malware uses phishing pages to capture ...| Cyble Podcast | Cybersecurity & Threat Intelligence Insights
The European Union continues to face a complex web of cyber threats, according to the 2025 ENISA Threat Landscape report. Covering incidents from July 2024 through June 2025, the report details how a variety of threat actors are targeting the EU’s digital infrastructure with overlapping tactics, highly technical attack models, and heightened collaboration. The EU Threat Landscapeand Converging Threat Groups ENISA’s latest analysis, based on 4,875 recorded cybersecurity incidents, reveal...| Cyble Podcast | Cybersecurity & Threat Intelligence Insights
Qilin ransomware group tops June 2025 with 86 victims, surpassing rivals in a shifting threat landscape. Read Cyble’s analysis of top ransomware groups.| Cyble
Ransomware groups like Qilin dominated July attacks with 73 victims. New variants and groups, including AiLock and Crux, target critical industries globally.| Cyble
ACSC alerts on CVE-2025-53770, a SharePoint flaw under active attack. Urges immediate patching to protect on-premises systems from remote code execution.| Cyble
Cyble investigates the DOGE BIG BALLS Ransomware, analyzing its operation and the false ties made to Edward Coristine.| Cyble
Cyble's incident management tools help you detect, respond, and resolve threats faster. Secure your business with smarter alert handling today!| Cyble
Experience the award-winning Cyble Vision Threat Intelligence Platform. Schedule a demo and witness its power in action. Discover how it safeguards against threats and provides real-time insights for your cybersecurity needs| Cyble
A cybersecurity threat actor, defined as an individual, group, organization, or entity engaged in activities designed to compromise computer systems, or information, can have various motivations. Read more about threat actors at Cyble!| Cyble
