:

FORMER RANSOMWARE NEGOTIATOR PLEADS GUILTY TO EXTORTION

AI DESK1 MIN READ
WED, APR 22, 2026

■ AI-SUMMARIZED FROM 2 SOURCES ▸ TIMELINE

Angelo Martino, a former ransomware negotiator, has pleaded guilty to assisting cybercriminals in extorting companies across five separate cyberattacks, according to the US Department of Justice.

Martino's guilty plea represents a significant case of insider collaboration in ransomware operations. His role as a negotiator—typically hired by companies to communicate with hackers—positioned him with critical knowledge of victim vulnerabilities and negotiation tactics. The charges span five distinct incidents where Martino allegedly provided assistance to cybercriminals conducting extortion schemes. By leveraging his expertise in ransom negotiations and understanding of how companies respond to attacks, Martino reportedly facilitated more effective extortion campaigns. The case underscores growing concerns about insider threats in cybersecurity. Professionals with access to sensitive negotiation details and victim information represent a high-risk vulnerability that organizations must address through vetting and monitoring. Martino's prosecution follows increased DOJ focus on ransomware operations and the networks supporting them. Federal authorities have intensified efforts to prosecute not only the hackers executing attacks but also facilitators and intermediaries enabling criminal enterprises.

■ SOURCES

TechmemeTechmeme

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

Kaseya is hosting a webinar on strengthening MSP resilience through SaaS backups and business continuity strategies. The session focuses on how recovery capabilities prove critical when security defenses are breached.

2H AGOSecurity Desk

A new variant of RedHook Android malware abuses Wireless ADB (Android Wireless Debugging) to gain shell-level privileges without requiring a computer connection. This represents a significant escalation in the malware's capabilities.

3H AGOSecurity Desk

Fraudsters are creating convincing counterfeit news articles impersonating major publishers like the Guardian to direct social media users to bogus investment sites. The fake stories feature fabricated celebrity endorsements and financial narratives designed to establish credibility.

7H AGOIndustry Desk

A security analysis reveals xAI's Grok Build command-line tool transmits complete source code and project files to xAI's servers. The discovery raises data privacy questions for developers using the tool.

13H AGOAI Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.