RansomwareUnknownApril 16, 2025

toolsign.com ransomware attack (Lynx, 2025)

toolsign.com was named on the Lynx ransomware data-leak (extortion) site on 2025-04-16.

Victim: toolsign.com

Threat actorLynx

Imported from ransomwatch — pending editorial review. Machine-extracted from ransomware leak-site monitoring.

On 2025-04-16, toolsign.com was listed as a victim on the Lynx ransomware group's data-leak (extortion) site, indicating a ransomware attack with threatened or actual publication of stolen data.

Sources

ransomware.livehttps://www.ransomware.live/
github.comhttps://github.com/joshhighet/ransomwatch

Related incidents

RansomwareUnknownMay 20, 2025

Runtec ransomware attack (Lynx, 2025)

Runtec was named on the Lynx ransomware data-leak (extortion) site on 2025-05-20.

Victim: Runtec

RansomwareUnknownMay 17, 2025

diyar.com ransomware attack (Lynx, 2025)

diyar.com was named on the Lynx ransomware data-leak (extortion) site on 2025-05-17.

Victim: diyar.com

RansomwareUnknownMay 17, 2025

Gearhiser Peters Elliott & Cannon ransomware attack (Lynx, 2025)

Gearhiser Peters Elliott & Cannon was named on the Lynx ransomware data-leak (extortion) site on 2025-05-17.

Victim: Gearhiser Peters Elliott & Cannon

RansomwareUnknownMay 17, 2025

Maruichi Leavitt Pipe & Tube ransomware attack (Lynx, 2025)

Maruichi Leavitt Pipe & Tube was named on the Lynx ransomware data-leak (extortion) site on 2025-05-17.

Victim: Maruichi Leavitt Pipe & Tube