New ransomware gang RA Group quickly expanding operations

Read Time:35 Second

Researchers warn of a new ransomware threat dubbed RA Group that also engages in data theft and extortion and has been hitting organizations since late April. The group’s ransomware program is built from the leaked source code of a different threat called Babuk.

“Like other ransomware actors, RA Group also operates a data leak site in which they threaten to publish the data exfiltrated from victims who fail to contact them within a specified time or do not meet their ransom demands,” researchers from Cisco Talos said in a new report. “This form of double extortion increases the chances that a victim will pay the requested ransom.”

To read this article in full, please click here

Smashing Security podcast #412: Signalgate sucks, and the quandary of quishing

WK Kellogg Confirms Data Breach Tied to Cleo Software Exploit

Precision-Validated Phishing Elevates Credential Theft Risks

Ransomware Attacks Hit All-Time High as Payoffs Dwindle

How to Leak to a Journalist

Three-Quarters of IT Leaders Fear Nation-State AI Cyber Threats

Microsoft Fixes Over 130 CVEs in April Patch Tuesday

NCSC Warns of Spyware Targeting Chinese and Taiwanese Diaspora

Patch Tuesday, April 2025 Edition