Find notable cyber news and cases, enriched with sources, timelines, and signals.

Ransomware leak-post volume surged in 2024-2025 as extortion speed increased

Trend
First reported
Last updated
Happening score
H score 25
1 unique sources, 1 articles

Summary

Hide ▲

Ransomware leak posts surged from 6,034 in 2024 to 8,835 in 2025, signaling a larger and faster extortion ecosystem that compresses defender reaction time. The increase reflects a broader shift toward speed-optimized criminal monetization and data blackmail. It matters because more leak-post activity usually means more organizations are being forced into rapid incident response, negotiations, or disclosure pressure.

Related Happenings

Silent Ransom Group shifts from Conti-linked ransomware participation to standalone data-theft extortion

Threat Actor Meta
H score21 First: 07.06.2026 17:09 Last: 07.06.2026 17:09 Sources 1

About this happening: **Silent Ransom Group (UNC3753)** is a **standalone data-theft extortion** actor that has operated separately since **2022** after the **Conti** shutdown, using stolen data and le...

Ransomware leak-site postings surged across victim organizations in Q4 2025

Trend
H score39 First: 29.01.2026 15:01 Last: 29.01.2026 15:01 Sources 1

About this happening: In **Q4 2025**, ransomware leak-site postings for **victim organizations** rose sharply, signaling stronger extortion pressure across affected targets. Postings were **up 50% quar...

Timeline

  1. 18.03.2026 21:37 2 articles · 3mo ago

    Rapid7 highlights 2024-2025 ransomware leak-post surge

    Campaign Scope Update

    Rapid7 says ransomware has matured into a speed-optimized access economy, noting that total ransomware leak posts rose from 6,034 in 2024 to 8,835 in 2025, a 46.4% YoY increase. The trend reflects faster data theft and public leak-post pressure that shrink defender response time and intensify extortion against victims and incident response teams.

    Show sources