June 2025 Ransomware Roundup — New Threats, New Tactics, Same Chaos

 

Here’s your June 2025 ransomware roundup — and it’s a wild one. Qilin is back on top with 86 confirmed victims, targeting telecom, healthcare, logistics, blockchain, and even a U.S. government contractor. That’s nearly 25% of all U.S. attacks this month. Why the surge? RansomHub’s collapse (sabotaged by rival group DragonForce in April) left a power vacuum — and Qilin moved fast to take advantage. June ransomware by the numbers: * 377 global incidents (just below May’s total of 401) * 213 U.S.-based attacks * Qilin leads with 50 U.S. victims But they’re not the only ones to watch: * CyberVolk, a pro-Russian hacktivist crew, dropped a brand-new strain. * Nova RaaS (formerly RALord) launched a new affiliate program with slick tools and high payouts. Scattered Spider is back — and may now be targeting U.S. airlines. Top attack vectors remain: Phishing, RDP compromise, unpatched vulnerabilities, and supply chain backdoors. Defensive takeaways: Segment critical assets, adopt Zero Trust, deploy immutable backups, and monitor across endpoints, networks, and cloud environments. https://cyble.com/blog/top-ransomware-groups-june-2025-qilin-top-spot/ https://darkfeed.io/time-statistics/ Don’t wait for a breach. Get ahead with layered visibility and rapid response tools. Like, subscribe, and stay vigilant — more threat insights coming soon.

TL;DR on Dire Wolf Ransomware: New Double-Extortion Threat Targets Tech & Manufacturing

 

Brand-new ransomware alert — Meet Dire Wolf, an emerging threat actor first spotted in May 2025 and already impacting manufacturing and technology organizations across the globe. What is Dire Wolf? * Written in Golang * Encrypts data & appends .direwolf extension * Uses double extortion: encryption + threat to leak data Tactics and Capabilities: * Terminates system processes * Deletes backups and volume shadow copies * Employs multiple encryption algorithms (AES-256 & more) * Drops ransom notes with deadlines and negotiation terms Global Reach: * At least 16 victims already * High activity in the U.S. and Thailand * Focused on high-value tech and manufacturing targets Victims are given 30 days to pay before their data is released — a grim reminder that ransomware is evolving fast. If you’re in infrastructure, cybersecurity, or incident response — keep this group on your radar. Stay informed and Stay secure from emerging threats like Dire Wolf. https://www.darkreading.com/threat-intelligence/dire-wolf-ransomware-manufacturing-technology https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/dire-wolf-strikes-new-ransomware-group-targeting-global-sectors/

16 Billion Passwords Leaked?! The Truth Behind the Mega Credential Dump

 

You read that right — 16 billion credentials were discovered leaked online this past week. That’s more than 2 passwords per person on Earth. But here’s the real story… This isn’t a single new breach, but rather an accumulation of data from 30+ previous breaches, including credentials from major platforms like Facebook, Google, GitHub, Apple, and more. Essentially, someone stitched together a "best of" compilation from recent info stealer malware campaigns, creating a blueprint for cybercriminals to exploit. This is very dangerous and you should enable Multi-factor authentication, passkeys, and credit freezes as soon as possible. Whether you're a user or a security pro, now's the time to check your credentials and stay extra vigilant. Like & subscribe for more breakdowns, insights, and straight talk on security. Stay safe out there. https://www.kaspersky.com/blog/16-billion-passwords-leak-2/53670/ https://www.techradar.com/pro/website-building/over-16-billion-records-leaked-in-unimaginable-major-data-breach-heres-what-we-know-and-how-you-can-see-if-youre-safe https://cointelegraph.com/news/16b-passwords-from-apple-facebook-and-google-leaked

Only 40% of People in Antelope Valley Use Their Turn Signal

 

Here in the Antelope Valley (Palmdale/Lancaster/LA County) less than half of people use their turn signals. How about your town? #TurnSignalChallenge

Wrapping Up an Epic Week in San Diego

 

As Cisco Live 2025 wraps up, Peter Silva shares appreciation to everyone who made this year’s event a success — from booth teammates to camera crew and partners. Find Plixer Booth 1940 at Cisco Live 2025! https://youtu.be/v0ztsijHb0M Unlock the Power of Plixer One: AI-Driven Network Data Analysis https://youtu.be/gVYaIM_5JeQ Day Two at CiscoLive Starts Hot https://youtube.com/shorts/zdhMTysPlaU Introducing Plixer AI: Revolutionizing Network Data Analysis https://youtu.be/8TO-bJQEyXU Partner Spotlight: Endless Network Insight with LogicVein https://youtu.be/cEWWRf3F1wQ If you didn’t enjoy the content... as Kent Brockman says, “I place the blame squarely on you, the viewer.” Whether you stopped by Booth 1940 or watched from afar, mahalo for being part of it. See you at the next one!

Partner Spotlight: Endless Network Insight with LogicVein

 

Peter from Plixer visits Booth 2327 to chat with Jamie Lee from LogicVein, one of Plixer’s key technology partners. LogicVein is a leader in network configuration, change management, and automation — and when paired with Plixer’s world-class network observability and NDR (Network Detection & Response) capabilities, customers get a single pane of glass to visualize, manage, and secure their entire network ecosystem. In this walkthrough, you’ll see: How LogicVein tracks network inventory across all vendors Real-time compliance monitoring and alerting Lifecycle management down to transceivers Powerful automation playbooks (like link-down remediation) The future of AI in networking with their Terminal Proxy and built-in AI bot Learn how this integration helps you go beyond, and visit LogicVein.com for more info. Don’t forget to like and subscribe for more Cisco Live 2025 coverage from Plixer!

Day Two at CiscoLive Starts Hot

 

Our hot open for Day Two at CiscoLive 2025