:

US SANCTIONS VPN, MALWARE PROVIDERS FOR RANSOMWARE

SECURITY DESK1 MIN READ
TUE, JUL 14, 2026

■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE

The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned two individuals and one entity for enabling ransomware attacks against American organizations. The action targets infrastructure providers facilitating cyber threats.

OFAC designated the targets under its sanctions authority for providing services that directly supported ransomware operations. The sanctions block any U.S. assets held by the individuals and entity, and prohibit American companies and citizens from conducting business with them. VPN providers and malware distributors have become critical enablers in the ransomware ecosystem, offering anonymity and technical tools to attackers. By sanctioning these service providers, the Treasury Department aims to disrupt the operational capacity of ransomware groups. The action reflects a broader U.S. strategy to target ransomware infrastructure beyond the attackers themselves. Previous OFAC sanctions have focused on cryptocurrency exchanges and financial facilitators used to launder ransom payments. The sanctions come amid sustained ransomware threats against U.S. critical infrastructure sectors, including healthcare, energy, and finance. Federal agencies have intensified efforts to disrupt ransomware operations and hold accountable those enabling attacks.

■ SOURCES

Bleeping Computer

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.

3H AGOIndustry Desk

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.

3H AGOSecurity Desk

Tailscale disclosed a critical vulnerability in its SSH implementation that allowed attackers to gain root access through insecure argument handling. The flaw has been patched in recent versions.

6H AGOAI Desk

A new study found that social media platforms referred over 5.7 million visits to nonconsensual deepfake pornography sites between December 2025 and March 2026, with YouTube and X accounting for the majority of traffic.

8H AGOIndustry Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.