APT / THREAT GROUP
Ramp
1
aliases
Intelligence Profile
Ramp — tracked by MISP Galaxy (ransomware).
Threat Analysis
Ramp is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.
Intelligence Reports Mentioning Ramp
DHS chief says president has met with likely CISA nominee; agency plans to hire 600
The Record· Jun 25, 2026
Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available
The Hacker News· Jun 6, 2026
Why Huntress Doesn’t Need FedRAMP
Huntress Blog· Jun 5, 2026
China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan
The Hacker News· Jun 1, 2026
The AI Era Is Creating a Bug Hunting Arms Race
Wired Security· May 25, 2026
Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development
The Hacker News· May 20, 2026
Introducing RAMPART and Clarity: Open source tools to bring safety into Agent development workflow
Microsoft Security Blog· May 20, 2026
Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens
BleepingComputer· Mar 24, 2026
External References
Quick Facts
TypeAPT / Threat Group
Aliases1
Also Known As
Ramp
Research Links
Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.