FBI: Play ransomware breached 900 victims, including critical orgs

In an update to a joint advisory with CISA and the Australian Cyber Security Centre, the FBI said that the Play ransomware gang had breached roughly 900 organizations as of May 2025, three times the number of victims reported in October 2023. "Since June 2022, the Play (also known as Playcrypt) ransomware group has impacted a wide range of businesses and critical infrastructure in North America, South America, and Europe. Play ransomware was among the most active ransomware groups in 2024," the FBI warned. "As of May 2025, FBI was aware of approximately 900 affected entities allegedly exploited by the ransomware actors." Today's update also notes that the gang uses recompiled malware in every attack, making it more difficult for security solutions to detect and block it. Additionally, some victims have been contacted via phone calls and threatened to pay the ransom to prevent their stolen data from being leaked online. Since the start of the year, initial access brokers with ties t ... Read full article.