The Gentlemen Overtakes Qilin as Most Active Ransomware Group in June
The rapid ascent of The Gentlemen to the top of ransomware activity, combined with a broad global surge in attacks, indicates that threat actors are expanding their reach and reorganizing faster than defenses can adapt.
Reporting from 1 source: ASCII.jp.
Check Point Research reports a 17% year-over-year increase in global cyberattacks in June 2026, with ransomware up 33%. The Gentlemen ransomware group overtook Qilin as the most active group. Japan saw a 30% year-over-year increase, the largest in APAC. Education/Research remained the most targeted industry.
The June data shows not a one-off spike, but a broad resurgence in overall cyber activity, said Omer Dembinsky, Data Research Manager at Check Point Research. The Gentlemen overtook Qilin as the most active ransomware group, demonstrating how quickly emerging threat actors can grow into global threats. Globally, organizations faced an average of 2,270 attacks per week, a 10% increase from May. Japan recorded 1,635 weekly attacks, down from May but still the largest year-over-year increase in APAC at 30%. Education/Research remained the most targeted industry with 4,816 attacks per week.
Synthesized by Yomimono from the 1 cited source below, including Japanese-language reporting where cited, then editorially reviewed before publishing.