Connect with us

CyberSecurity

Discord Rolls Out End-to-End Encrypted Voice and Video Calls for All Users

Published

on

Discord Enables End-to-End Encrypted Voice and Video Calls for Every User

In a significant move for user privacy, Discord has now enabled end-to-end encrypted voice and video calls for all its hundreds of millions of users. This means that conversations on the platform are now private, with no one—not even Discord—able to listen in. The update arrives at a time when other major tech companies have been scaling back similar privacy features.

What Is End-to-End Encryption on Discord?

End-to-end encryption ensures that only the participants in a call can access the audio or video data. Even Discord’s servers cannot decrypt the stream. This is a major step up from standard encryption, where the service provider holds the keys. For users, this means their Discord voice call privacy is now significantly stronger.

The feature was first introduced in 2024 but was limited. Now, it’s the default for all one-on-one and group voice and video calls, outside of stage channels. No action is required from users—the encryption is automatically applied.

Why This Matters for Privacy-Conscious Users

This update comes as a welcome contrast to recent decisions by other platforms. For example, Meta discontinued Instagram’s end-to-end encrypted messaging feature earlier this year. Similarly, TikTok announced it would not encrypt user messages after becoming a US-based company. Discord’s move reinforces its commitment to user privacy in an increasingly surveillance-conscious digital landscape.

According to Mark Smith, Discord’s vice president of core technologies, “End-to-end encryption is now standard for every voice and video call on Discord, outside of stage channels. No opt-in required.” This statement highlights the company’s proactive approach to security.

How It Compares to Other Platforms

While platforms like WhatsApp and Signal have long offered end-to-end encryption for calls, Discord’s implementation is notable because it covers a massive user base that includes gamers, communities, and professionals. The shift positions Discord as a leader in private video calls Discord among social and communication apps.

What Users Need to Do

Absolutely nothing. The feature is enabled by default for all voice and video calls. There is no toggle or setting to turn on. This makes it one of the most seamless privacy rollouts in recent memory. For those concerned about end-to-end encryption messaging platform standards, Discord’s move sets a new benchmark.

However, it’s important to note that text messages and stage channels are not yet covered by this encryption. The company has not announced plans to extend it to those areas.

Looking Ahead: The Future of Discord Security

Discord’s decision to enable Discord end-to-end encrypted voice calls for all users is a strong signal that privacy is becoming a core feature rather than an afterthought. As digital communication grows, users are demanding more control over their data. Discord is listening.

For more on how to secure your online communications, check out our guide on best practices for secure messaging. You might also be interested in top privacy tips for gamers.

In conclusion, Discord has taken a bold step forward. By making end-to-end encryption the default, it has raised the bar for Discord security update 2025 and beyond. Users can now talk freely, knowing their conversations are truly private.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

CyberSecurity

Ransomware Turf War Escalates as 0APT and KryBit Groups Trade Blows in Public Feud

Published

on

Ransomware Turf War: 0APT and KryBit Groups Trade Blows in Public Feud

The cybercrime underground is witnessing an unusual spectacle: a ransomware turf war between two rival groups, 0APT and KryBit, who are publicly leaking each other’s operational data. According to a new report from Halcyon, both groups are now scrambling to rebuild their infrastructure after this dramatic exchange of blows.

This clash began when 0APT, a relatively new ransomware group, posted sensitive data on its leak site targeting three rivals: the newcomer KryBit, along with established players RansomHouse and Everest Group. The leak exposed KryBit’s administrator panel, affiliate details, and victim negotiation data. Halcyon noted that the leaked information spanned from March 28 to April 12, 2026, revealing two administrators, five affiliates, and 20 potential victims. Ransom demands ranged from $40,000 to $100,000 per victim, with exfiltrated data volumes between 10GB and 250GB.

However, KryBit did not take this lying down. The group retaliated by hacking back at 0APT, stealing its data and defacing its leak site with a taunting message: “Next time, don’t play with the big boys.” The counter-leak included full access logs, PHP source code, and system files from 0APT’s infrastructure. More importantly, it revealed a stunning deception: the 190+ victims 0APT had claimed since January 2026 were entirely fabricated. No data was ever exfiltrated from any listed victim.

Halcyon’s analysis also uncovered that 0APT’s entire ransomware data leak site was running on an AnLinux-Parrot OS, pushing content via an Android phone’s internal SD card. This amateurish setup has left 0APT unable to recover, while KryBit maintains control over the defaced site.

Why This Ransomware Turf War Matters for Cybersecurity

This ransomware turf war illustrates a growing trend: cybercriminal groups are increasingly targeting each other to gain credibility and market share. Oliver Newbury, former Barclays CISO and chief strategy officer at Halcyon, explained that financial pressure is driving these conflicts. “These groups depend on credibility to survive, so when that starts to crack, rivals move fast to expose it,” he said. “We’re now seeing them disrupt each other’s operations, taking over infrastructure and undermining campaigns in real time.”

As a result, the ecosystem doesn’t shrink—it reshapes, often becoming harder to predict. For defenders, this means that while internal feuds can temporarily weaken certain groups, they also create new, more resilient adversaries.

Interestingly, Everest Group has not retaliated against 0APT despite having its encoded publication and user data leaked. This suggests that not all groups are willing to engage in public warfare, perhaps preferring to rebuild quietly.

How the Feud Exposes Ransomware Group Vulnerabilities

The KryBit leak exposed critical operational components, including administrator panels and affiliate networks. Halcyon warned that such leaks force groups to “rotate leaked operational components to ensure impact on their activities is limited.” This means both 0APT and KryBit will likely need to rebuild, rebrand, and spin up new infrastructure over the coming weeks or months to remain active.

Moreover, the fabricated victim list from 0APT highlights a broader issue: the ransomware economy relies heavily on perceived success. Groups like 0APT may fabricate attacks to attract affiliates, but such deception can backfire spectacularly when exposed.

Data from Chainalysis in 2025 showed that crypto-payments to ransomware actors dropped 8% annually to $820 million, even as attack numbers rose 50%. This financial squeeze likely fuels conflicts like this ransomware turf war, as groups fight for a shrinking pool of ransom payments.

For more on ransomware trends, see our analysis of ransomware attacks in 2026 and how cybercrime groups are evolving their tactics.

What This Means for Businesses and Defenders

While internal feuds may seem like a net positive for cybersecurity, experts caution against complacency. “It creates instability, but not safety,” Newbury added. The disruption caused by this ransomware turf war could lead to unpredictable behavior from both groups, including more aggressive attacks or a shift to new, harder-to-track methods.

Organizations should remain vigilant: patch systems, enforce multi-factor authentication, and maintain offline backups. The chaos among ransomware groups does not eliminate the threat—it merely changes its form.

In conclusion, the 0APT vs. KryBit feud is a stark reminder that the cybercrime landscape is dynamic and ruthless. As these groups trade blows, they reveal not only each other’s weaknesses but also the fragility of the entire ransomware business model.

Continue Reading

CyberSecurity

Grafana Labs confirms code theft in GitHub breach, refuses to pay ransom

Published

on

Grafana Labs confirms code theft in GitHub breach, refuses to pay ransom

Grafana Labs, the company behind the widely used open source visualization platform, has confirmed that hackers broke into its GitHub environment and stole source code. However, the firm has decided not to give in to ransom demands.

The breach came to light through a series of social media posts by the company. According to its initial investigation, attackers exploited a stolen token credential that granted access to the GitHub repositories where Grafana’s source code is stored. Importantly, the compromised token did not provide access to customer records or financial data. The company has since revoked the token and implemented additional security measures to prevent future incidents.

Details of the Grafana Labs hack

The attackers attempted to extort Grafana Labs by demanding payment in exchange for not releasing the stolen codebase. “The attacker attempted to blackmail us, demanding payment to prevent the release of our codebase,” the company stated.

Given that Grafana’s core software is open source, much of its code is already publicly available on platforms like GitHub. It remains unclear whether the hackers managed to steal any proprietary or confidential code that is not part of the public repository. A spokesperson for Grafana Labs did not immediately respond to requests for comment.

Why the company refused to pay

This incident stands in stark contrast to a recent hack at education technology giant Instructure, which chose to negotiate with attackers. Instructure reportedly reached an agreement to pay a ransom after hackers compromised its network twice in recent weeks, threatening to release sensitive data about staff and students.

In Grafana’s case, no customer data was compromised. The company cited long-standing advice from the FBI urging victims not to pay hackers. Law enforcement agencies argue that cooperating with cybercriminals does not guarantee the return of stolen data or prevent its future publication. Critics also point out that paying ransoms effectively funds further cyberattacks.

Ongoing investigation and security lessons

Grafana Labs has stated that its investigation is ongoing and that it will share detailed findings once the probe concludes. The company has not yet disclosed how the token credential was stolen or whether any proprietary code was accessed.

This breach serves as a reminder for organizations using GitHub to safeguard their access tokens. Security experts recommend rotating tokens regularly, using minimal necessary permissions, and monitoring for unusual activity. For more on securing GitHub environments, check out our guide on GitHub security best practices.

As cyberattacks targeting software supply chains become more common, incident response plans should include clear policies on ransom payment. The Grafana Labs hack reinforces the principle that refusing to pay can be a viable strategy, especially when customer data is not at risk. For further reading, see our analysis of ransomware response strategies for tech companies.

Continue Reading

CyberSecurity

Medtronic Confirms Data Breach After ShinyHunters Allegations: What We Know

Published

on

Medtronic Confirms Data Breach After ShinyHunters Allegations: What We Know

The medical technology giant Medtronic has officially confirmed a Medtronic data breach affecting its corporate IT systems. This announcement comes after the notorious cybercrime group ShinyHunters claimed to have stolen millions of records from the company.

According to Medtronic, an unauthorized party gained access to certain internal systems. However, the company stressed that there has been no disruption to its products, patient safety, or overall operations. This distinction is critical for a firm that provides life-saving medical devices to hospitals worldwide.

The ShinyHunters Allegations: A Closer Look

ShinyHunters, a group known for targeting major corporations, listed Medtronic on its leak site in mid-April. The group alleged that it exfiltrated over nine million records containing personal information, alongside massive volumes of internal corporate data. They also set a deadline for ransom negotiations, threatening to publish the data if their demands were not met.

Interestingly, Medtronic was later removed from the leak site. This move often signals ongoing negotiations or other developments, though no official confirmation has been provided. Medtronic has not verified the group’s figures, stating that the investigation is still in its early stages.

Corporate Systems Breach Under Investigation

The intrusion was limited to specific corporate IT environments, according to Medtronic. Importantly, the company emphasized that hospital networks used by its customers are managed independently and were not exposed through this incident. This means that patient care and device functionality remain unaffected.

An investigation is now underway to determine whether sensitive data was accessed. If confirmed, affected individuals will be notified and offered support services. The company acted quickly after detecting the breach, activating incident response measures and bringing in external cybersecurity specialists.

What This Means for Healthcare Data Security

This incident adds to a growing number of cyber-attacks targeting large healthcare and medical technology organizations. Healthcare data security is a pressing concern, as these organizations hold vast amounts of sensitive patient information. The Medtronic data breach serves as a reminder that even industry leaders are not immune to sophisticated cyber threats.

Building on this, the healthcare sector must adopt more robust security measures. For instance, implementing multi-factor authentication, regular security audits, and employee training can reduce the risk of similar incidents. Ransomware prevention strategies are also essential for protecting critical infrastructure.

Impact on Medtronic and Its Customers

Medtronic stated that it does not expect a material impact on its business or financial performance. However, the full implications will depend on the outcome of the ongoing investigation and any confirmed data exposure. For customers, the key takeaway is that patient safety has not been compromised.

Nevertheless, this incident could erode trust if personal data is confirmed stolen. Medtronic has a history of prioritizing security, but this breach highlights the challenges of protecting corporate systems in an increasingly hostile digital landscape. Incident response planning is crucial for minimizing damage and maintaining stakeholder confidence.

Lessons from the Medtronic Incident

This breach underscores the importance of separating corporate IT systems from operational technology. Medtronic’s quick containment of the intrusion to corporate environments likely prevented a more devastating attack on medical devices or hospital networks.

As a result, other healthcare organizations should review their network segmentation strategies. Additionally, they must prepare for the possibility of data leaks by having clear communication plans for affected individuals. The Medtronic data breach is a case study in how rapid response and transparency can mitigate reputational damage.

In conclusion, while the full extent of the breach remains unclear, Medtronic’s handling of the situation sets a benchmark for other companies facing similar threats. The healthcare industry must continue to invest in cybersecurity to protect both patient data and operational integrity.

Continue Reading

Trending