The article reports that two U.S. cybersecurity professionals — Ryan Goldberg (Georgia) and Kevin Martin (Texas) — have pleaded guilty to charges tied to BlackCat/ALPHV ransomware attacks, according to the U.S. Department of Justice. Prosecutors say three people were charged in October 2025 for breaking into multiple U.S. companies, stealing valuable data, and then deploying BlackCat ransomware to disrupt operations and pressure victims into paying. Martin and another unnamed suspect previously worked as ransomware negotiators at incident response firm DigitalMint, while Goldberg worked as an incident response manager at Sygnia.

Authorities describe them as BlackCat affiliates: they allegedly kept 80% of any ransom while paying 20% to the ransomware group’s administrators in exchange for access to the malware and an extortion “platform.” The DOJ says the group received $1.2 million in Bitcoin from one victim. Both Goldberg and Martin pleaded guilty to conspiracy to commit extortion, face up to 20 years in prison, and are scheduled for sentencing on March 12, 2026. The article adds context that BlackCat targeted 1,000+ organizations between late 2021 and late 2023, was disrupted by law enforcement, continued operating for a period, and later pulled an “exit scam” after a major ransom payment.

Source: https://www.securityweek.com/two-us-cybersecurity-pros-plead-guilty-over-ransomware-attacks/