Here’s your June 2025 ransomware roundup — and it’s a wild one.

Qilin is back on top with 86 confirmed victims, targeting telecom, healthcare, logistics, blockchain, and even a U.S. government contractor. That’s nearly 25% of all U.S. attacks this month.

Why the surge? RansomHub’s collapse (sabotaged by rival group DragonForce in April) left a power vacuum — and Qilin moved fast to take advantage.

June ransomware by the numbers:

* 377 global incidents (just below May’s total of 401)

* 213 U.S.-based attacks

* Qilin leads with 50 U.S. victims

But they’re not the only ones to watch:

* CyberVolk, a pro-Russian hacktivist crew, dropped a brand-new strain.

* Nova RaaS (formerly RALord) launched a new affiliate program with slick tools and high payouts.

Scattered Spider is back — and may now be targeting U.S. airlines. Top attack vectors remain: Phishing, RDP compromise, unpatched vulnerabilities, and supply chain backdoors.

Defensive takeaways: Segment critical assets, adopt Zero Trust, deploy immutable backups, and monitor across endpoints, networks, and cloud environments.

Top Ransomware Groups June 2025: Qilin Reclaims Top Spot

Time-Statistics

Don’t wait for a breach. Get ahead with layered visibility and rapid response tools. Like, subscribe, and stay vigilant — more threat insights coming soon.

*** This is a Security Bloggers Network syndicated blog from psilva's prophecies authored by psilva. Read the original post at: https://psilvas.wordpress.com/2025/07/07/june-2025-ransomware-roundup-new-threats-new-tactics-same-chaos/