Encryption
Critrical cPanel flaw mass-exploited in “Sorry” ransomware attacks
A new disclosed cPanel flaw tracked as CVE-2026-41940 is being mass-exploited to breach websites and encrypt data in “Sorry” ransomware attacks. This week, an emergency update for WHM and cPanel was released to fix a critical authentication bypass flaw that allows attackers to access control panels. WHM and cPanel are Linux-based web hosting control panels for server […]
Broken VECT 2.0 ransomware acts as a data wiper for large files
Researchers are warning that the VECT 2.0 ransomware has a problem in the way it handles encryption nonces that leads to permanently destroying larger files rather than encrypt them. VECT has been advertised on one of the latest BreachForums iterations, inviting registered users to become affiliates, and distributing access keys via private messages to those […]
Microsoft fixes Outlook bug blocking access to encrypted emails
Microsoft has fixed a known issue that prevented Microsoft 365 customers from opening encrypted emails in classic Outlook after a December update. This bug affects users who try to open messages encrypted with “Encrypt Only” permissions, a policy that doesn’t restrict forwarding, printing, or copying the email. On impacted systems, users are seeing a message_v2.rpmsg attachment […]
Microsoft: Classic Outlook bug prevents opening encrypted emails
Microsoft is investigating a bug preventing recipients from opening encrypted emails in classic Outlook after a recent update. This known issue affects users who try to open messages encrypted with “Encrypt Only” permissions, which also allows copying, printing, and forwarding. “After updating to Current Channel Version 2511 (Build 19426.20218) recipients may not be able to […]
Microsoft rolls out hardware-accelerated BitLocker in Windows 11
Microsoft is rolling out hardware-accelerated BitLocker in Windows 11 to address growing performance and security concerns by leveraging the capabilities of system-on-a-chip and CPU. BitLocker is the native full-disk encryption feature in Windows that protects data from being readable without proper authentication. During normal device boot, it relies on the Trusted Platform Module (TPM) to securely […]
RansomHouse upgrades encryption with multi-layered data processing
The RansomHouse ransomware-as-a-service (RaaS) has recently upgraded its encryptor, switching from a relatively simple single-phase linear technique to a more complex, multi-layered method. In practice, the upgrades offer stronger encryption results, faster speeds, and better reliability on modern target environments, giving threat actors stronger leverage during post-encryption negotiations. RansomHouse launched in December 2021 as a data extortion […]
Tor switches to new Counter Galois Onion relay encryption algorithm
Tor has announced improved encryption and security for the circuit traffic by replacing the old tor1 relay encryption algorithm with a new design called Counter Galois Onion (CGO). One reason behind this decision is to make the network more resilient against modern traffic-interception attacks that could compromise data security and undermine Tor user anonymity. The Tor network is […]
XWorm malware resurfaces with ransomware module, over 35 plugins
New versions of the XWorm backdoor are being distributed in phishing campaigns after the original developer, XCoder, abandoned the project last year. The latest variants, XWorm 6.0, 6.4, and 6.5, appear to be adopted by multiple threat actors and have support for plugins that allow a wide range of malicious activities. Malware operators can use […]
Microsoft shares temp fix for Outlook encrypted email errors
Microsoft is investigating a known issue that triggers Outlook errors when opening encrypted emails sent from other organizations. According to a recently published support document, this issue affects users in all Office channels who are using the classic Outlook email client. “Currently, when using classic Outlook for Windows, you can’t open an OMEv2 encrypted email […]
Storm-0501 hackers shift to ransomware attacks in the cloud
Microsoft warns that a threat actor tracked as Storm-0501 has evolved its operations, shifting away from encrypting devices with ransomware to focusing on cloud-based encryption, data theft, and extortion. The hackers now abuse native cloud features to exfiltrate data, wipe backups, and destroy storage accounts, thereby applying pressure and extorting victims without deploying traditional ransomware encryption […]