ZCyberNews
中文

#raas

6 articles

Between 20 April and 13 May 2026, ZCyberNews published six articles under the RaaS tag, covering two critical, three high, and one medium-severity incidents. Threat actors The Gentlemen, LockBit, and VECT Ransomware were observed targeting financial services, government, retail, software consultancy, and various sectors. Affected regions included the Caribbean, Latin America, Turkey, and the UK. Key vulnerabilities exploited were CVE-2024-55591, CVE-2025-32433, and CVE-2025-33073.

The Gentlemen RaaS Internal Leak Exposes Admin, Affiliates, TacticsCRITICAL
Threat Intel

The Gentlemen RaaS Internal Leak Exposes Admin, Affiliates, Tactics

A leaked backend database from The Gentlemen RaaS operation reveals 9 accounts, admin TOX ID, initial access via Fortinet/Cisco edge flaws, and a 190,000 USD ransom payout.

CVE-2024-55591CVE-2025-32433CVE-2025-33073
4 min readThe Gentlemen
VECT Ransomware Wiper Bug Destroys Data, Not Just EncryptsCRITICAL
Malware

VECT Ransomware Wiper Bug Destroys Data, Not Just Encrypts

Check Point Research found a bug in VECT ransomware's encryption logic that permanently destroys files on Windows systems — no recovery possible even after paying.

3 min readVECT Ransomware
LAC Cybercrime Ecosystem Matures with RaaS, Crypto Fraud SurgeHIGH
Threat Intel

LAC Cybercrime Ecosystem Matures with RaaS, Crypto Fraud Surge

Recorded Future's Insikt Group maps a maturing Latin American cybercrime ecosystem: RaaS affiliates, crypto fraud rings, and targeted phishing against financial and government…

2 min readLockBit
Recorded Future Maps Latin America's Maturing Cybercrime EcosystemMEDIUM
Threat Intel

Recorded Future Maps Latin America's Maturing Cybercrime Ecosystem

Insikt Group report details how LAC cybercrime evolved in 2025: RaaS adoption, crypto fraud, and phishing-as-a-service expand across the region.

2 min read
The Gentlemen Ransomware Deploys Dual Lockers for Windows, Linux, and VMwareHIGH
Malware

The Gentlemen Ransomware Deploys Dual Lockers for Windows, Linux, and VMware

The Gentlemen ransomware-as-a-service operation has infected over 320 victims, deploying separate encryptors for Windows/Linux and VMware ESXi systems to maximize disruption and ransom pressure on enterprise networks.

3 min readThe Gentlemen
The Gentlemen Ransomware Deploys SystemBC Proxy for C2 EvasionHIGH
Malware

The Gentlemen Ransomware Deploys SystemBC Proxy for C2 Evasion

The Gentlemen ransomware-as-a-service group uses the SystemBC SOCKS5 proxy tool to hide command-and-control traffic, according to a Check Point DFIR report analyzing a recent affiliate attack.

3 min readThe Gentlemen

Stay Updated

Get the latest cybersecurity news delivered to your inbox.