Ransomware , Threat Intelligence Ransomware supply chain untangled by RAMP forum leak April 24, 2026 Share By SC Staff (Adobe Stock) Security Affairs reports that prolific Russian dark web forum and ransomware network RAMP has suffered a major data leak that exposed thousands of user records, activity logs, and insights into how the cybercrime market operates. The incident revealed that RAMP functions as a structured hub for cybercriminals. Comparitech found that they sell unauthorized access to corporate networks and form ransomware-as-a-service partnerships. They target sectors such as government, finance, healthcare, and technology, particularly in the U.S., focusing on high-value victims. Listings are shared publicly, while private messages are used to negotiate deals, expand attacks, and trade access to multiple network points. Organizations are urged to secure early access points to reduce ransomware risk. They are advised to limit exposed services, implement multi-factor authentication, and monitor for unusual login activities. Companies should also regularly check for leaked credentials on dark web sources and strengthen endpoint and identity protection. "IP addresses were decoded from binary format and geolocated against known ISP allocations. All findings are based on data as it existed in the database dump and have not been independently verified against live sources," Comparitech added. An In-Depth Guide to Ransomware Get essential knowledge and practical strategies to protect your organization from ransomware attacks. Learn More SC Staff Related Data Security Further Vercel customer data compromise confirmed SC Staff April 24, 2026 TechCrunch reports that Vercel has disclosed that unencrypted customer information had been compromised prior to this month's breach that affected its internal systems. Malware Threat of ZionSiphon malware downplayed SC Staff April 24, 2026 Dragos technical lead malware analyst Jimmy Wylie said threat groups that had launched intrusions targeting critical infrastructure, such as water treatment facilities, are more concerning compared with the recently reported ZionSiphon malware targeting Israeli water facilities, reports CyberScoop. Malware CISA: Malware attack compromises US agency via Cisco exploit SC Staff April 24, 2026 Attacks weaponizing the Cisco Adaptive Security Appliance vulnerabilities, tracked as CVE-2025-20333 and CVE-2025-20362, were reported by the Cybersecurity and Infrastructure Security Agency to have successfully compromised a federal civilian executive branch agency with the FIRESTARTER malware in September, according to The Record, a news site by cybersecurity firm Recorded Future. Related Events Cybercast Ransomware reloaded: Finding resilience when attackers wield AI Wed May 13 Virtual Conference Ransomware Resilience: Strategies to Defend, Mitigate, and Recover On-Demand Event Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms Backdoor Black Hat Deauthentication Attack Dictionary Attack Distributed Scans Fault Line Attacks Google Hacking Hybrid Attack Password Cracking Reconnaissance You can skip this ad in 5 seconds