Ransomware in April 2025—RansomHub is gone
While DaVita and Marks & Spencer reel from devastating attacks, the most dominant ransomware group of the last year has…
1 minute
News
Ransomware in March 2025
March 2025 saw a huge number of ransomware attacks, and the Pennsylvania State Education Association quietly notify over 500,000 current…
1 minute
Save our CVE! Last minute rescue for critical cybersecurity service
At the last possible moment, CISA confirms funding for the CVE program for another eleven months.
2 minutes
Celebrating our Partners of the Year: recognizing excellence and innovation
Celebrating ThreatDown's partners of the year
2 minutes
One in five Fortune 500 companies had leaked credentials in the past 30 days
Stolen credentials can open the door for ransomware and Business Email Compromise (BEC).
1 minute
April 2025 Patch Tuesday includes one zero-day
April’s Patch Tuesday fixes a whopping 126 Microsoft vulnerabilities.
2 minutes
Ransomware group Mora_001 targets Fortinet applications
The new gang appears to have links to the defunct LockBit group.
2 minutes
Introducing ThreatDown OneView free self-serve trial for MSPs
We’re giving MSPs a 15-day, no-obligation trial to explore the OneView Platform on their own terms.
2 minutes
Ransomware in February 2025—Cl0p and RansomHub run riot
The Cl0p ransomware group posted data on 335 victims in February 2025, by far the largest one month total any…
2 minutes
ThreatDown is Product of The Year
ThreatDown Endpoint Protection is the first and only winner of the MRG Effitas Product of the Year award, after 13…
1 minute
March 2025 Patch Tuesday, severity over quantity
The March 2025 Patch Tuesday update contains an unusually large number of zero-day vulnerabilities that are being actively exploited.
3 minutes
Infighting brings down the Black Basta ransomware group
It seems that internal struggles lead to the break-down of one of the last ransomware-as-a-service giants.
2 minutes
Four zero-days in February’s Patch Tuesday
February 2025's Patch Tuesday seems relatively relaxed, but there’s a catch for organizations using NTLM.
2 minutes
Ransomware in January 2024—bad news for US healthcare
January 2025 saw some high profile attacks and no shortage of bad news for the US healthcare sector.
0 minutes
Ransomware in December 2024—Cl0p returns
December 2024 saw the unwelcome return of the notorious Cl0p ransomware gang.
1 minute
December patch Tuesday fixes one actively exploited zero-day vulnerability
Microsoft patched an actively exploited vulnerability in the CLFS component.
1 minute
Update now! November Patch Tuesday tackles 4 zero-days, two actively exploited
Microsoft’s November Patch Tuesday includes fixes for 89 vulnerabilities in total.
3 minutes
Exchange Server 2016 and 2019 have less than a year to live
On October 14, 2025, Exchange Server 2016 and Exchange Server 2019 reach end of support.
2 minutes
How threat actors use AI
OpenAI has published an update on some of the criminal campaigns it has identified and disrupted.
2 minutes
