Here’s your June 2025 ransomware roundup — and it’s a wild one. Qilin is back on top with 86 confirmed victims, targeting telecom, healthcare, logistics, blockchain, and even a U.S. government contractor. That’s nearly 25% of all U.S. attacks this month. Why the surge? RansomHub’s collapse (sabotaged by rival group DragonForce in April) left a power vacuum — and Qilin moved fast to take advantage. June ransomware by the numbers: * 377 global incidents (just below May’s total of 401) * 213 U.S.-based attacks * Qilin leads with 50 U.S. victims But they’re not the only ones to watch: * CyberVolk, a pro-Russian hacktivist crew, dropped a brand-new strain. * Nova RaaS (formerly RALord) launched a new affiliate program with slick tools and high payouts. Scattered Spider is back — and may now be targeting U.S. airlines. Top attack vectors remain: Phishing, RDP compromise, unpatched vulnerabilities, and supply chain backdoors. Defensive takeaways: Segment critical assets, adopt Zero Trust, deploy immutable backups, and monitor across endpoints, networks, and cloud environments. https://cyble.com/blog/top-ransomware-groups-june-2025-qilin-top-spot/ https://darkfeed.io/time-statistics/ Don’t wait for a breach. Get ahead with layered visibility and rapid response tools. Like, subscribe, and stay vigilant — more threat insights coming soon.
