In an update to a joint advisory with CISA and the Australian Cyber Security Centre, the FBI said that the Play ransomware gang had breached roughly 900 organizations as of May 2025, three times the number of victims reported in October 2023 .

"Since June 2022, the Play (also known as Playcrypt) ransomware group has impacted a wide range of businesses and critical infrastructure in North America, South America, and Europe. Play ransomware was among the most active ransomware groups in 2024," the FBI warned .

"As of May 2025, FBI was aware of approximately 900 affected entities allegedly exploited by the ransomware actors."

Today's update also adds that the ransomware gang will use recompiled malware in every attack, making it harder to detect and block by security solutions and that

See Full Page