SEO poisoning ➡️ Fake RVTools ➡️ Python backdoor ➡️ PipeMagic ➡️ CVE-2025-29824 ➡️ #Ransomexx — domain-wide in <19 hrs.

The Python backdoor connected to azure-secure-agent[.]com (87.251.67[.]241), enabling cmd/PowerShell exec, payload download, screenshots, and IP discovery.

PipeMagic evolve con exploit CVE-2025-29824, integrando loader sofisticati e moduli backdoor per attacchi globali attribuiti al gruppo Storm-2460.

#backdoor #PipeMagic #RansomEXX #Storm2460
www.matricedigitale.it/2025/08/19/p...

BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan affiliated command-and-control (C2) server read more about BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan

BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan reconbee.com/bianlian-and...

#bianlian #ransomEXX #SAP #NetWeaver #pipemagictrojan #trojan #cybersecurity

Original post on blog.bushidotoken.net

Ransomware Tool Matrix Project Updates: May 2025 Introduction This blog is a summary and analysis...

blog.bushidotoken.net/2025/05/ransomware-tool-...

#BianLian #BlackSuit #Cybercrime #HuntersInternational #lockbit #Medusa #PLAY #Qilin #RansomEXX #RansomHub […]

Original post on blog.bushidotoken.net

Ransomware Tool Matrix Project Updates: May 2025 Introduction This blog is a summary and analysis...

blog.bushidotoken.net/2025/05/ransomware-tool-...

#BianLian #BlackSuit #Cybercrime #HuntersInternational #lockbit #Medusa #PLAY #Qilin #RansomEXX #RansomHub […]

Banda de ransomware RansomEXX explotó vulnerabilidad zero day en Windows - CIBERNINJAS Microsoft ha revelado que el grupo de ransomware RansomEXX ha estado explotando activamente una vulnerabilidad zero-day de alta gravedad en el subsistema

💥 Banda de ransomware RansomEXX explotó vulnerabilidad zero day en Windows ciberninjas.com/banda-de-ran...

#Ransomware #RansomEXX #ZeroDay #Ciberseguridad #Windows #Cibercriminales #Vulnerabilidades #SeguridadInformática #Explotación #AtaquesCibernéticos

PipeMagic Trojan Attack: Windows CLFS Zero-Day Vulnerability Discover how the PipeMagic trojan exploited the Windows CLFS zero-day vulnerability (CVE-2025-29824) to deploy ransomware across global sec...

🚨 New Cybersecurity Alert

🧠 Full Report:
👉 technijian.com/cyber-securi...

#PipeMagicTrojan #CVE202529824 #WindowsExploit #RansomEXX #CyberSecurityNews #ZeroDayExploit #MSBuildMalware #PatchTuesday

🚨 Ransomexx Ransomware Alert 🚨

Makesworth Accountants 🇬🇧

Makesworth Accountants, a UK-based firm specialising in providing expert accounting and business service, falls victim to Ransomexx Ransomware.

#UK
#Ransomware #Ransomexx #Infosec #DarkWeb

Venezuela: Laboratorios Vargas ha sido publicado en el sitio de RansomEXX y liberan sus datos empresa farmacéutica venezolana con base en Caracas fue atacada por el grupo ransomexx

#Noticias: Laboratorios Vargas ha sido publicado en el sitio de RansomEXX y liberan sus datos, #Venezuela #ransomware #ransomexx #news #infosec #ciberseguridad

blog.security-chu.com/2024/12/vene...

𝗔𝗰𝘁𝗼𝗿: #ransomexx
𝗩𝗶𝗰𝘁𝗶𝗺: Planet Group International | planetgroupint.com
𝗖𝗼𝘂𝗻𝘁𝗿𝘆: Italy 🇮🇹
𝗦𝗮𝗺𝗽𝗹𝗲: no
𝗗𝗮𝘁𝗮: yes
𝗘𝘅𝗳𝗶𝗹𝘁𝗿𝗮𝘁𝗲𝗱 𝗱𝗮𝘁𝗮: 4.9 GB
𝗗𝗲𝗮𝗱𝗹𝗶𝗻𝗲: published

👉🏻 Planet Group has its original office in Treviglio, while it has expanded in several other countries.

🔗 ransomfeed.it/index.php?pa...

#RansomExx is a ransomware family that targeted multiple companies starting in mid-2020. It shares commonalities with Defray777.

Newest entry:

"TUV Rheinland AG Post will be available soon… Leaked data size: 650GB."
#Ransomware #TÜV
www.ransomlook.io/group/ransom...

🚨 Ejército del PerU
🌍 ransomfeed.it/index.php?pa...

🚨 Ministry of Defense of Peru
🌍 ransomfeed.it/index.php?pa...

Same country 🇵🇪, different groups.
#incransom claimed to have exfiltrated 502GB (Ejército) while #ransomexx stated they stole 763.8GB (Ministry).