Clasificacion automatica desde IntelTracker/APTTrail/OSINT. Estado real solo si viene indicado por la fuente.
| Tipo | Estado | Host / enlace | Title / ultimo titulo |
|---|---|---|---|
| DLS / leak site | unknown | nitter.net | Ido Cohen: The attackers never rest... and neither do we. Meet RedAct, a newly tracked ransomware group. The group has already published 2 victims and states that it is driven purely by financial gain—not politics or hacktivism. According to its public message, organizations that refuse to negotiate or fail to meet ransom demands should expect their stolen data to be published. Another emerging threat worth keeping on your radar. |
| X/Twitter | unknown | x.com | Ido Cohen: A new ransomware-linked vulnerability has recently been added to DarkFeed's CISA KEV monitoring. CVE-2026-35273 affects Oracle PeopleSoft Enterprise PeopleTools and allows unauthenticated attackers to potentially gain control over vulnerable systems. The vulnerability is already listed in CISA's Known Exploited Vulnerabilities catalog and has been associated with ransomware activity. Organizations using PeopleSoft should prioritize patching and exposure assessment. |
| DLS / leak site | unknown | nitter.net | Ido Cohen: New Ransomware Group: Settra Settra has entered the ransomware landscape with 10+ published victims already listed on its leak site. Unlike groups that attempt to justify their actions, Settra openly states its motivation is simple: money. The group claims it does not target specific countries or industries—it targets organizations with exploitable security weaknesses. |
| DLS / leak site | unknown | nitter.net | Ido Cohen: Two ransomware groups are showing a sharp increase in activity during 2026. SafePay Q1 2026: 22 victims Q2 2026: 59 victims (+168%) RALord (Nova) Q1 2026: 14 victims Q2 2026: 60 victims (+329%) Both groups have significantly accelerated their operations in recent months, making them two of the fastest-growing ransomware threats to watch. Track ransomware trends and emerging threat groups with DarkFeed. |
| DLS / leak site | unknown | nitter.net | Ido Cohen: Tracking the pulse of ransomware in 2026—these are the groups leading the global attack landscape right now: Qilin – 665 attacks The Gentleman – 453 attacks Akira – 290 attacks DragonForce – 245 attacks INC – 239 attacks Lockbit – 199 attacks Play – 154 attacks CLOP – 127 attacks NightSpire – 115 attacks CoinBase Cartel – 97 attacks Stay ahead of ransomware threats. |
| DLS / leak site | unknown | nitter.net | Ido Cohen: Stormous is back with increased activity. Recent victims have had their public websites defaced with a ransomware message displayed directly on the homepage—a pressure tactic sometimes used by ransomware groups to increase urgency and force negotiations. DarkFeed makes it easy to compare a ransomware group's leak site with the victim's public website in one place, helping analysts quickly identify attacks like these. |
| DLS / leak site | up | nitter.net | Ido Cohen: Country Spotlight: Canada Over the past 7 days, our AI-powered platform tracked ransomware and cyber extortion attacks targeting Canada. |
| DLS / leak site | up | nitter.net | Ido Cohen: Sector Spotlight: HealthCare Over the past 7 days, our AI-powered platform tracked ransomware and cyber extortion groups actively targeting the HealthCare sector. |
| DLS / leak site | unknown | nitter.net | Ido Cohen: We continue to monitor additional sources in the darknet. Here are some of the events that were added to our platform in the last week. 1 A major breach exposed over 500GB of sensitive personal information from job seekers, posing a high risk of identity theft and fraud. 2 Remote access to POS systems is being sold, threatening financial data and sensitive customer information across large retail businesses globally. |
| DLS / leak site | unknown | nitter.net | Ido Cohen: The Icarus supply chain extortion campaign continues to unfold. The group has now added 5 additional victims, all with their identities partially concealed. The guessing game has officially begun. How many organizations were impacted through this supply chain incident? And are we witnessing the emergence of a serious competitor to CLOP in the supply chain extortion arena? We'll know more soon. |
| DLS / leak site | unknown | nitter.net | Ido Cohen: Supply Chain Extortion Alert The Icarus ransomware group has escalated pressure tactics against a major Canadian consulting and competitive intelligence provider. After initially naming the organization, the group is now threatening to release data belonging to the company's clients, giving them a deadline to make contact before publication begins. |
| DLS / leak site | unknown | nitter.net | Ido Cohen: APT73 continues to expand its operations. The group has added 3 new victims to its leak site, including a government entity in South America and a major international airport operator in Central Europe serving tens of millions of passengers annually. APT73 was added to the DarkFeed platform in mid-2024 and has since claimed 110+ victims. |
| DLS / leak site | up | nitter.net | Ido Cohen: Meet Wallstreet — not the financial market, but the latest ransomware group added to our monitoring platform. The group's leak site currently lists a single victim: a manufacturing company from India. With 1,000+ ransomware and cyber extortion victims already tracked since the beginning of the year, keeping up with the threat landscape is becoming increasingly challenging. |
| DLS / leak site | unknown | nitter.net | Ido Cohen: Threat Group Update Prinz Eugen has launched a newly redesigned leak site and updated its public profile. According to the group's latest statement, it describes itself as a for-profit organization that "specializes in hacking" while claiming it currently does not operate a Ransomware-as-a-Service (RaaS) program. The group also stated that membership intake is currently closed and limited to existing core members. |
| DLS / leak site | up | nitter.net | Ido Cohen: Weekly Ransomware & Cyber Extortion Intelligence Report Our platform continuously monitors ransomware groups and darknet activity worldwide. |
| DLS / leak site | unknown | nitter.net | Ido Cohen: New Ransomware Groups Added to DarkFeed Over the past few days, we added two new ransomware/extortion groups to the DarkFeed intelligence platform: SevyWare A newly launched RaaS operation claiming ties to former members of established ransomware groups. The operators are actively recruiting Initial Access Brokers and insiders while promoting an aggressive affiliate-focused model. |
| DLS / leak site | unknown | nitter.net | Ido Cohen: A new ransomware-linked vulnerability has recently been added to DarkFeed's CISA KEV monitoring. CVE-2026-35273 affects Oracle PeopleSoft Enterprise PeopleTools and allows unauthenticated attackers to potentially gain control over vulnerable systems. The vulnerability is already listed in CISA's Known Exploited Vulnerabilities catalog and has been associated with ransomware activity. Organizations using PeopleSoft should prioritize patching and exposure assessment. |
United States Media
Canada Technology
United States Healthcare
United States Media
India Manufacturing
United States Healthcare
United States Media