S6 Ransomware Signal

S6 Ransomware Signal

Weekly ransomware news and protection tactics for SMBs who don't have a security team.

Your IT Provider's Remote Tool Is the Target Now

Jun 30, 2026

•

9 min read

Your IT Provider's Remote Tool Is the Target Now

A critical SimpleHelp flaw is being actively exploited to steal credentials across Windows, Mac, and Linux. Plus: KrebsOnSecurity named the administrator behind The Gentlemen, and PRODAFT confirmed the group is using AI to build its ransomware.

S6 Tech
S6 Tech
When ransomware stops asking for a ransom

Jun 23, 2026

•

11 min read

When ransomware stops asking for a ransom

A new ransomware leaves no note. AI is compressing attack timelines from days to hours. Why backups are no longer the fallback plan, plus this week's intelligence: The Gentlemen hit Mackay Sugar, Aurora's enterprise breach spree, and a sharp drop in healthcare hits.

S6 Tech
S6 Tech
The Door You Forgot You Opened

Jun 17, 2026

•

9 min read

The Door You Forgot You Opened

ShinyHunters pulled 137,000 accounts through a Salesforce connector. Your tenant has the same shape. The audit takes 15 minutes.

S6 Tech
S6 Tech
Qilin weaponizes a Check Point VPN zero-day

Jun 9, 2026

•

10 min read

Qilin weaponizes a Check Point VPN zero-day

Active exploitation confirmed before the patch shipped. Silent Ransom Group is calling law firms by name. Healthcare snapped back to 14 victims.

S6 Tech
S6 Tech
The Gentlemen ransomware now spreads itself

Jun 2, 2026

•

9 min read

The Gentlemen ransomware now spreads itself

Microsoft documents 21 simultaneous propagation methods. Plus Carnival's six-million-record breach, a WordPress campaign hiding in Steam profiles, and healthcare targeting resumes after a one-week pause.

S6 Tech
S6 Tech
The FBI just named the phishing service that bypasses your MFA

May 30, 2026

•

9 min read

The FBI just named the phishing service that bypasses your MFA

Plus DragonForce takes the top spot by hunting small CPAs and insurance agencies

S6 Tech
S6 Tech
Load more