According to a recent LinkedIn post from ReliaQuest, the company’s threat research team is tracking a sharp rise in activity using Black Basta-style ransomware playbooks. The post notes that March 2026 alone accounted for 32% of all such activity observed since May 2025, with a growing focus on senior leadership targets.
Claim 30% Off TipRanks
- Unlock hedge fund-level data and powerful investing tools for smarter, sharper decisions
- Discover top-performing stock ideas and upgrade to a portfolio of market leaders with Smart Investor Picks
The LinkedIn post highlights that 77% of incidents between March 1 and April 1 targeted executives, managers, and directors, up from 59% earlier in the year. It also describes tactics blending email bombing with Microsoft Teams-based help-desk impersonation to create urgency and obtain remote access.
According to the post, threat actors in some cases progressed from initial chat engagement to malicious script execution in as little as 12 minutes. Manufacturing and professional, scientific, technical services were cited as the most frequently targeted sectors in 2026, each accounting for 26% of observed incidents.
The research summary suggests that Supremo Remote Desktop has emerged as a primary remote monitoring and management tool in these campaigns, with Quick Assist also present in recent intrusions. The post links this activity to former Black Basta affiliates who appear to be evolving established tradecraft into faster, repeatable intrusion workflows.
For investors, the post underscores persistently high cyber risk for manufacturing and services sectors, particularly at the executive level. It also implies sustained demand for advanced detection, response, and help-desk security controls, which could support ongoing need for ReliaQuest’s threat research and managed security offerings.
If ReliaQuest can translate this research into differentiated products and services, it may strengthen its competitive position in the cybersecurity market. At the same time, the findings highlight potential cost and operational risks for target industries, which could influence security spending priorities and vendor selection over the medium term.