Ransomware , Threat Intelligence KryBit retaliates against 0APT with extensive data leak April 30, 2026 Share By SC Staff (Adobe Stock) Newly identified ransomware-as-a-service operation KryBit has compromised fellow nascent RaaS gang 0APT and exposed its full operational information, including access logs, system files, and PHP source code, in retaliation for the latter's initial leak of some of its data earlier this month, reports Infosecurity Magazine . Access logs revealed that 0APT had fabricated claims of breaching more than 190 victims published on its data leak site in January, according to a Halcyon report. 0APT has also been struggling to recover its AnLinux-ParrotOS-based leak site, which used an Android device's internal SD card to release content. Everest Group, which also had its hashed and encoded publication and user information exposed by 0APT, has yet to launch a counterattack. Such in-fighting is indicative of ongoing financial pressure in the ransomware landscape, noted Halcyon Chief Strategy Officer Oliver Newbury. "We're now seeing them disrupt each other's operations, taking over infrastructure and undermining campaigns in real time. It creates instability, but not safety. The ecosystem doesn't shrink, it reshapes, often becoming harder to predict in the process," Newbury added. An In-Depth Guide to Ransomware Get essential knowledge and practical strategies to protect your organization from ransomware attacks. Learn More SC Staff Related Phishing Multi-stage DHL phishing campaign examined SC Staff April 30, 2026 HackRead reports that threat actors have spoofed DHL in a new phishing campaign that employed a multi-step attack chain to siphon users' passwords. Phishing Report sheds light on Chinese phishing campaigns against journalists, activists SC Staff April 30, 2026 Report sheds light on Chinese phishing campaigns against journalists, activists Chinese state-backed freelance hackers have launched a pair of phishing campaigns aimed at journalists and opposition activists in Taiwan, Hong Kong, Tibet, and China's Uyghur region in a span of nine months, according to The Record, a news site by cybersecurity firm Recorded Future. Malware Novel Minecraft-targeting stealer tapped by reemergent LofyGang SC Staff April 30, 2026 Brazilian threat group LofyGang has resurfaced to compromise Minecraft players with the novel LofyStealer malware, also known as GrabBot, more than three years after its last attack campaign, The Hacker News reports. Related Events Cybercast Ransomware reloaded: Finding resilience when attackers wield AI Wed May 13 Virtual Conference Ransomware Resilience: Strategies to Defend, Mitigate, and Recover On-Demand Event Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms Account Harvesting Brute Force Deauthentication Attack Deepfake Dictionary Attack Distributed Scans Domain Hijacking DumpSec Dumpster Diving Password Cracking You can skip this ad in 5 seconds