Brand-new ransomware alert — Meet Dire Wolf, an emerging threat actor first spotted in May 2025 and already impacting manufacturing and technology organizations across the globe. What is Dire Wolf? * Written in Golang * Encrypts data & appends .direwolf extension * Uses double extortion: encryption + threat to leak data Tactics and Capabilities: * Terminates system processes * Deletes backups and volume shadow copies * Employs multiple encryption algorithms (AES-256 & more) * Drops ransom notes with deadlines and negotiation terms Global Reach: * At least 16 victims already * High activity in the U.S. and Thailand * Focused on high-value tech and manufacturing targets Victims are given 30 days to pay before their data is released — a grim reminder that ransomware is evolving fast. If you’re in infrastructure, cybersecurity, or incident response — keep this group on your radar. Stay informed and Stay secure from emerging threats like Dire Wolf. https://www.darkreading.com/threat-intelligence/dire-wolf-ransomware-manufacturing-technology https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/dire-wolf-strikes-new-ransomware-group-targeting-global-sectors/