31 articles. Ransomware threat intelligence. Attack analysis, threat actor profiling, and victim impact assessment across MENA, EU, and US.
SafePay ransomware operators spent 84 days inside Conduent's network, exfiltrating 8.5TB of data affecting 25M+ Americans across 30+ states.
UAE Cybersecurity Council announced disruption of coordinated attacks involving AI-powered ransomware targeting national platforms.
Ransomware attack shut down all 35 statewide clinics for 9 days. Mississippi's only Level 1 trauma center. Recovery expected to take weeks to months.
Medusa ransomware knocked out Passaic County phone lines and IT systems. $800K ransom demanded. Same group that shut down UMMC's 35 clinics.
INC Ransom published 4TB from Saudi Arabia's premier architecture firm - 53 years of drawings for PIF Tower, GCC HQ, National Guard facilities.
Interlock ransomware exploited a Cisco FMC zero-day for 36 days before disclosure. Unauthenticated RCE as root. Also affects Cisco Security Cloud Control.
Dutch paint giant AkzoNobel confirmed breach of US site. Anubis ransomware exfiltrated 170,000 files including passport scans, financial records.
DragonForce ransomware cartel claims exfiltration of 256.92GB from one of Greater Manchester's largest FE colleges Mar 6, 2026.
INC Ransom exfiltrated 400GB from Saudi Arabia's largest private energy company - engineering drawings, financial records.
Cl0p ransomware listed Oman's sole electricity and water utility on its leak site, threatening 4.9M residents' data 76 days before PDPL enforcement.
Gunra ransomware claimed 450M patient records from American Hospital Dubai including Emirates IDs, credit cards, and fertility data.
Everest ransomware exfiltrated 11.7GB from Jordan Kuwait Bank, exposing national IDs, salaries, and employment contracts of 1,003 employees on its dark.
DragonForce ransomware exfiltrated 6.96TB from Saudi contractor Al Bawani including airbase plans and defense blueprints. $20M ransom refused.
AI-assisted ransomware group FunkSec attacked Egypt's flag carrier EgyptAir, claiming passenger manifests, passport numbers, and employee records.
Money Message ransomware group targeted Egypt's tax authority in a double-extortion attack, threatening to publish taxpayer financial records.
Oman's state-owned energy giant OQ, operating across 17 countries, was among the first victims of the newly emerged Termite ransomware using a modified.
RansomHub ransomware exfiltrated 490GB from Omani engineering conglomerate Towell, including employee PII, payroll records, and financial documents.
Daixin ransomware exfiltrated 2M+ records from Dubai Municipality including Emirates IDs, passport scans, HR records, and land ownership data.
Qilin ransomware stole 2.5TB from UAE-operating Habib Bank AG Zurich, exposing passport numbers, account balances, KYC documents, and transaction records.
Ransomware disabled the Sahel EHR system across 16 hospitals and 100+ clinics serving 4.8M residents, forcing Kuwait's healthcare ministry offline.
Omani oilfield services provider SOS was hit by LockBit 3.0 in April 2024 and Meow ransomware four months later, a rare double-hit exposing persistent.
ALPHV/BlackCat breached UnitedHealth's payment processor via a Citrix portal without MFA, exfiltrating 6TB covering 190M patients. Total cost reached $2.87B.
Rhysida ransomware breached Abdali Hospital in Amman, demanding 10 BTC (~$430K) for stolen patient data. Jordan has no comprehensive data protection law.
LockBit 3.0 attacked Fawry, Egypt's largest digital payment platform serving millions through 250,000+ POS terminals, threatening to publish stolen.
Rhysida ransomware hit Kuwait's Ministry of Finance, the fiscal nerve center of one of the Gulf's wealthiest states, disrupting government financial systems.
Stormous ransomware stole 22GB from Wizz Air Abu Dhabi including air operator certificates, crew records, flight operations data, and passenger manifests.
LockBit 3.0 listed Kuwait's Ministry of Commerce and Industry on its leak site, claiming data covering business registrations, trade licenses.
Cl0p ransomware listed Zain Group, Kuwait's largest telecom serving 50M+ subscribers across seven countries, after exploiting the MOVEit Transfer zero-day.
Ransomware attackers exfiltrated 201GB from GlobeMed Saudi, the kingdom's largest healthcare claims administrator, in a double-extortion attack on patient.
LockBit 2.0 claimed a breach of Kuwait's national carrier, threatening to publish 600,000 passenger records including identity documents and travel data.
Ransomware encrypted the main server of one of Oman's largest insurers on New Year's Day, demanding 50 BTC (~$400-500K). Backup systems enabled recovery.