Close Menu
  • Home
  • News
  • Security
  • Privacy
  • Cybercrime
    • Threat Groups
    • Ransomware
    • Explainers
    • Stealer Logs
  • AI
  • OSINT
  • Tools
    • Ransomtracker
    • Stealercheck
    • FortiBleed Checker
  • About Us
Facebook X (Twitter) Instagram Threads
Ransomnews
  • Home
  • News
  • Security
  • Privacy
  • Cybercrime
    • Threat Groups
    • Ransomware
    • Explainers
    • Stealer Logs
  • AI
  • OSINT
  • Tools
    • Ransomtracker
    • Stealercheck
    • FortiBleed Checker
  • About Us
Facebook X (Twitter) LinkedIn
Ransomnews

About Us

// ABOUT

Tracking the criminal infrastructure of the internet.

Ransomnews exists to make ransomware operations, breach economics, and the open-source investigation toolkit visible to anyone who cares to look.

// MISSION

What we do

Ransomware is the defining cybercrime of the past decade, and the supporting economy around it, initial-access brokers, leak sites, threat actors, OSINT investigators, security vendors, regulators, is one of the most consequential ecosystems on the internet. Most reporting on it is fragmented, technical to the point of inaccessibility, or written for an audience that already knows the answer.

Ransomnews is a publication for people who want to understand this ecosystem properly. We write for a security-aware reader who wants the real picture: how operators run their businesses, how breaches actually unfold, what defensive controls move the needle, and how to verify what you read elsewhere.


// COVERAGE

What we cover

Ransomware

The mechanics of modern attacks, the economics of the operations behind them, and the leak-site landscape that defines the public face of the industry.

Threat Groups

Detailed profiles of LockBit, Conti, Akira, Cl0p, Black Basta, and the rest, origins, tradecraft, victims, and where they go after the takedown.

Security & Privacy

What actually defends against modern threats, Zero Trust, MFA, EDR, IR, and what the surveillance economy looks like once you pull back the cookie banner.

AI & OSINT

Prompt injection, deepfakes, model theft, the EU AI Act on one side; tools, methods, and case studies from the open-source investigation discipline on the other.


// PRINCIPLES

How we work

Source-driven. Every article links to authoritative primary sources, CISA, NIST, MITRE ATT&CK, ENISA, the EU AI Act text, FIRST.org, OWASP, Bellingcat, EFF, the Cloud Security Alliance, so you can verify what we report and follow the threads yourself.

Independent. We are not a vendor blog. No story is shaped by who advertises, who sponsors, or who briefs. We name vendors when they are relevant and we name them honestly.

Verifiable. Where we make factual claims, the methodology is in the article. Where we make judgement calls, we say so. Where we are uncertain, we say that too.

Practical. Our explainers are built to be referenced, not skimmed. The shape of an article is the shape of the question someone is actually asking.


// EDITORIAL TEAM

Who’s behind this

Jesse William McGraw / GhostExodus

Jesse William McGraw

a.k.a. GhostExodus

Threat Intelligence · OSINT · Public Speaking

Jesse William McGraw, known publicly as GhostExodus, is a former insider threat and threat actor. He became the first person in recent U.S. history to be convicted of corrupting industrial control systems. Today he focuses on threat intelligence, OSINT, and public speaking, using his knowledge to bring awareness to the security risks that organisations and individuals face.

His work on Ransomnews draws directly on that history: the difference between how operators and operations really behave and how security teams imagine they behave is at the centre of nearly every story.

Celeste Seberras

Celeste Seberras

a.k.a. har00ga

Technical Content Strategist & Writer

Celeste, also known online as har00ga, is a Technical Content Strategist and Writer specializing in open source, Web3, and digital privacy. With a background in Information Security and anonymity technologies, including previous work with the Tor Project, she brings over a decade of experience creating and curating content for highly specialized audiences across a broad range of media and platforms.

Martynas Vareikis

Martynas Vareikis

Senior Researcher · LLM Security

AI · Machine Learning · Adversarial Threats

Martynas Vareikis covers the intersection of artificial intelligence and information security at Ransomnews, from machine-learning models in defensive tooling to the adversarial use of LLMs by ransomware operators, deepfake-driven social engineering, and the rise of agentic threats.

His reporting focuses on translating fast-moving AI research into practical guidance for defenders, journalists, and the broader security community. For tips on AI-related stories, reach Martynas via [email protected].

Ransomnews Research Team monogram

Ransomnews Research Team

Collective byline · Editorial

Threat Intelligence · Research · OSINT

The Research Team byline is used for collaborative pieces, editorial briefings, and articles drawing on contributions from multiple researchers across the publication.

Coverage spans ransomware operations, breach economics, threat actor profiling, OSINT methodology, and emerging risks across security, privacy, and AI. Where a story is the work of more than one person, or where the lead doesn’t want personal attribution, this is the credit line you’ll see.

Donata Damijonaitytė

Donata Damijonaitytė

PR Manager · Editorial

Press · Partnerships · External Communications

Donata Damijonaitytė leads public-relations and partnership communications at Ransomnews, handling incident-response media requests, conference outreach, source coordination, and the editorial team’s external profile.

For press matters, partnership enquiries, or speaking engagements, reach Donata via [email protected].


// CONTACT

Get in touch

Tips, corrections, source documents, story leads. Anything we publish that turns out to be wrong, we want to know.

Email: [email protected]
Editorial: [email protected]

Find us on X at @Ransomnews_com, on LinkedIn, and via the social links in the footer.

Facebook X (Twitter) LinkedIn
© 2026 Ransomnews.com

Type above and press Enter to search. Press Esc to cancel.

Cookies on Ransomnews

We use strictly-necessary cookies to run the site and may use first-party analytics to understand which articles are read. Some pages contain affiliate links — when you click one, the affiliate network sets cookies on the merchant's domain to attribute the referral. See the Cookie Policy and Affiliate Disclosure for detail.

RANSOMNEWS.COM

Tracking the criminal infrastructure of the internet.

Independent coverage of ransomware, breach economics, threat actors, privacy, AI security, and the open-source investigation toolkit.

// Topics

  • News
  • Security
  • Privacy
  • Cybercrime
  • AI
  • OSINT
  • Threat Groups
  • Stealer Logs
  • Ransomtracker
  • Stealercheck
  • FortiBleed Checker

// Site

  • About Us
  • Editorial Team
  • Contact
  • Tip Line
  • Editorial

// Legal

  • Privacy Policy
  • Terms of Service
  • Cookie Policy
  • Funding & Independence
  • RSS Feed
© 2026 Ransomnews.com · Tracking the criminal infrastructure of the internet.