:

RANSOMWARE NEGOTIATOR GETS 70 MONTHS FOR $75M EXTORTION

SECURITY DESK1 MIN READ
FRI, JUL 10, 2026

■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE

A US court sentenced Angelo Martino, a former ransomware negotiator, to 70 months in prison for colluding with the BlackCat ransomware gang to extort $75.3 million from five of his employer's clients.

Martino exploited his insider position to feed confidential information to ransomware co-conspirators, enabling attacks on five US-based victims. His role as a negotiator gave him access to sensitive data about his employer's clients, which he leveraged to facilitate extortion schemes. The case highlights the risks of insider threats in cybersecurity operations. Ransomware negotiators typically handle negotiations between victims and attackers, making them valuable targets for criminal recruitment. BlackCat, also known as ALPHV, has been one of the most active ransomware-as-a-service operations, targeting critical infrastructure and enterprises globally. The gang's involvement with Martino demonstrates how criminal networks cultivate internal assets to amplify attack effectiveness. The sentencing reflects growing law enforcement action against ransomware actors and their collaborators. Federal prosecutors have increasingly pursued insider threat cases as a strategy to disrupt ransomware operations from within.

■ SOURCES

Techmeme

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.

3H AGOIndustry Desk

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.

3H AGOSecurity Desk

Tailscale disclosed a critical vulnerability in its SSH implementation that allowed attackers to gain root access through insecure argument handling. The flaw has been patched in recent versions.

6H AGOAI Desk

A new study found that social media platforms referred over 5.7 million visits to nonconsensual deepfake pornography sites between December 2025 and March 2026, with YouTube and X accounting for the majority of traffic.

8H AGOIndustry Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.