DragonForce ransomware-as-a-service claimed a double-extortion attack on Ink, a London-based production studio, alleging encryption and exfiltration of internal documentation, contractor data, software assets, and business correspondence. No forensic IOCs have been publicly released. The primary risk for other organizations is supply chain exposure if Ink is a vendor, contractor, or integration partner, and secondary risk from DragonForce’s continued active targeting of creative and media sector organizations.
