Broken decryptor leaves Sicarii ransomware victims adrift | Computer Weekly

A coding error, possibly introduced thanks to over-reliance on artificial intelligence (AI) vibe coding tools, has rendered an emergent strain of ransomware an acutely dangerous threat, according to researchers at Halcyon’s Ransomware Research Center (RRC). The Sicarii ransomware-as-a-service (RaaS) operation emerged from the cyber criminal underground in December 2025, when it started advertising for affiliates on the dark web. But now, technical analysis by Halcyon’s team has identified a critical coding flaw in Sicarii’s encryption key handling that renders it impossible for either victim or cyber criminal to decrypt impacted systems.