ransomware Archives - The Threat Box

AI-Built Ransomware Toolkit Automates EDR Evasion in 2026

06/03/2026 by The Threat Box Team

AI-Built Ransomware Toolkit Automates EDR Evasion, Leverages Claude Agents for Attack Development Researchers at Sophos have uncovered an active threat actor operating a fully functional, AI-built ransomware toolkit that automates Active Directory (AD) reconnaissance, systematically tests endpoint detection bypass techniques, and uses multiple AI agents, including one powered by Claude Opus 4.5, to build and … Read more

Gentlemen RaaS Uses SYSTEM Scheduled Task to Encrypt Drives

05/29/2026 by The Threat Box Team

The Gentlemen Ransomware Abuses Windows SYSTEM Tasks to Encrypt Entire Networks The Gentlemen ransomware is a growing and technically sophisticated threat that Canadian organizations in healthcare, finance, education, and transportation cannot afford to overlook. Published in a new analysis by Microsoft Threat Intelligence, this ransomware-as-a-service (RaaS) platform combines self-propagation, SYSTEM-level privilege abuse, and double extortion … Read more