Cyber Intelligence Strategist
British authorities confirm a Foreign Office data breach with 'low risk' to individuals, amid disputed reports of Chinese involvement and rising political debate over the UK’s cyber defenses and China’s influence.
Ransomfeeds are reshaping cybercrime by turning data theft into public spectacle and powerful leverage. This feature investigates how these platforms operate, the psychological weapons they wield, and the high-stakes choices facing their victims.
patrhscom has rapidly risen as a central hub for ransomware gangs, hosting stolen data and accelerating extortion worldwide. Our in-depth investigation reveals how this dark web platform is changing the face of cybercrime.
Ransomfeed is the secret scoreboard of corporate ransomware attacks, where every breach is exposed and leveraged for extortion. Discover how this dark web hub shapes the cybercrime ecosystem and what it means for companies worldwide.
The Iranian state-sponsored 'Prince of Persia' hacking group has reemerged with sophisticated malware and Telegram-based command-and-control, targeting critical infrastructure worldwide. Investigators reveal new tactics and evolving threats in this cyber-espionage campaign.
Ink Dragon’s latest campaign transforms vulnerable European government networks into covert relay chains, using ShadowPad on IIS and FinalDraft via Microsoft Graph API to evade detection and amplify espionage operations.
On the dark web, the line between innocent exploration and criminal activity is razor-thin. European regulations and forensic advances mean even accidental downloads or the use of anonymizing tools can put users under suspicion. Here’s how to stay safe—and why curiosity is no defense.
A deep dive into L-S-GRIM, the latest ransomware gang to hit Ransomfeed, exposing their double extortion strategy and the growing threat they pose to organizations worldwide.
The Clop ransomware syndicate has launched a new wave of data theft, targeting Gladinet CentreStack file servers and putting hundreds of organizations at risk. Discover how this campaign unfolds and what it signals for the future of cyber extortion.
LongNosedGoblin, a China-aligned hacking group, is exploiting Windows Group Policy and cloud services to deliver custom spyware tools in targeted espionage campaigns against government networks in Asia and Europe.
Sinobi ransomware has struck again—this time targeting the Lawrence Family Jewish Community Center and a range of organizations across different sectors. Discover how the group’s tactics are putting both community organizations and businesses at risk.
After years of silence, Iran’s ‘Prince of Persia’ hackers have reemerged with upgraded malware and global ambitions, exploiting Telegram for covert cyber-espionage against political targets.
China-aligned hackers known as LongNosedGoblin are covertly targeting Southeast Asian and Japanese governments using advanced malware and legitimate Windows features. Here’s how they operate.
Leaked spreadsheets provide an unprecedented look into APT35’s operations, showing how Iran’s cyber-espionage is run like a corporate IT department—with meticulous records of domains, payments, and infrastructure.
Telechaim is the latest name to haunt cybersecurity teams worldwide. This feature investigates the group's tactics, rapid rise, and the chilling impact of their data extortion campaigns.
Iran’s legendary 'Prince of Persia' cyber-espionage group has quietly spied on dissidents and international targets for nearly two decades, using stealthy malware and advanced cryptography to evade detection and takedown.
Ransomfeed is the dark web’s bulletin board for ransomware gangs, turning data leaks into public shaming and high-stakes extortion. Learn how this platform professionalizes cybercrime and why it’s so hard to stop.
A Chinese espionage group, Ink Dragon, has breached European government networks, using compromised servers as covert relays in a global attack infrastructure. Their updated malware hides in plain sight, turning victims into unwitting accomplices.
Chinese group Ink Dragon covertly transformed European government servers into global relay points for espionage, masking command traffic and supporting operations across continents. Here’s how their campaign stayed undetected—and why defenders must rethink their response.
A stealthy Chinese APT campaign exploited a zero-day in Cisco AsyncOS, compromising enterprise email security with advanced backdoors and anti-forensic tools. Find out how the attackers operated and what steps organizations should take now.
Ink Dragon, a Chinese APT group, has escalated attacks on European governments by transforming hacked servers into nodes in a global espionage relay network. Discover how their cutting-edge tactics are blurring the line between victim and perpetrator in this exclusive investigation.
Ransomware gangs are reshaping the cybercrime landscape with leak sites and sophisticated operations. Ransomfeed and similar trackers reveal the scale and tactics of these digital extortion rackets, as organizations worldwide grapple with the escalating threat.
Ink Dragon, a Chinese cyber-espionage group, is transforming compromised IIS servers into nodes in a global ShadowPad relay network, targeting governments and public infrastructure with advanced stealth tactics.
ForumTrol APT’s latest campaign blends Chrome zero-day exploitation with social engineering, targeting Russian academics through convincing phishing emails and advanced malware techniques.
APT28, Russia’s notorious Fancy Bear hacking group, is targeting Ukrainian UKR.net users with a sophisticated phishing campaign. Using fake login pages, anonymized tunneling, and relentless tactics, the group continues its cyber-espionage operations amid the ongoing war.
The future of cybersecurity is here: AI, deepfakes, and identity attacks are erasing the old perimeter. By 2026, trust itself will be under siege—are you ready for the collapse?
Russian GRU-linked hackers have shifted tactics, exploiting misconfigured network edge devices to infiltrate Western critical infrastructure. This feature investigates their stealthy methods and what defenders must do to stay ahead.
Amazon has exposed a sophisticated, years-long GRU cyber campaign that quietly targeted the energy sector and cloud infrastructure across the West by exploiting misconfigured network edge devices. Here’s how Russian hackers evaded detection and what it means for digital security.
Devman ransomware has claimed Productos Lácteos Flor de Aragua CA as a victim in a new wave of attacks targeting critical Latin American industries. Here’s what we know so far about the incident and its implications.
Cybercriminals are selling Comcast customer data on the dark web after a major ransomware attack, exposing millions to potential scams and identity theft. Here’s what happened and what it means for users.
Google will discontinue its dark web monitoring tool in February 2026, raising concerns about personal data protection. Discover why the tool is ending, what alternatives exist, and how you can safeguard your digital identity.
Google will discontinue its dark web report feature in January 2026, ending alerts for users whose data appears on the dark web. Find out why Google is making this change and how to protect yourself going forward.
A vulnerable API at a 700Credit partner enabled hackers to steal personal data from nearly 6 million auto dealership customers. Our investigation reveals the timeline, impact, and lessons for fintech security.
The xHunt APT group blends anime flair with sophisticated cyber-espionage, infiltrating Kuwaiti organizations through Exchange and IIS servers. Their stealthy backdoors and creative command channels signal a new era of threat in the Gulf.
Ransomfeed, a notorious dark web platform, is amplifying ransomware attacks across Europe by publicly exposing victims and auctioning stolen data. Explore how this new tactic is reshaping the digital extortion landscape and what it means for organizations.
The xHunt group has launched a sophisticated cyber-espionage campaign in Kuwait, deploying custom PowerShell backdoors on Microsoft Exchange and IIS servers. Using covert email-based channels and advanced lateral movement, xHunt evades detection while harvesting credentials and sensitive data.
A Hamas-linked hacking group is targeting Middle Eastern diplomatic offices with a sophisticated malware campaign called AshTag, using deceptive documents and advanced evasion techniques to steal sensitive information.
Google has identified five Chinese state-linked hacker groups exploiting the React2Shell vulnerability, unleashing a global wave of malware attacks on vulnerable web applications. The incident highlights the urgent need for rapid patching and increased vigilance in the face of fast-moving cyber threats.
Prosper Marketplace and 700Credit have suffered massive data breaches, compromising the personal details of nearly 20 million Americans and underscoring the persistent vulnerabilities in the financial services industry.
The Pear ransomware gang has added Gordon Clifford Properties Inc. and Angstrom Automotive Group to its victim roster, signaling a growing threat to businesses across sectors. Explore how Pear operates and what these attacks mean for corporate cybersecurity.
A major data breach at 700Credit has exposed the personal data of nearly 6 million people after hackers compromised a partner’s API. Here’s how the attack unfolded and what it means for those affected.
A notorious ransomware gang has targeted kmwcom, a European tech firm, encrypting vital data and threatening to leak sensitive information on Ransomfeed. This incident highlights escalating cyber threats and the urgent need for robust defenses.
The STIC ransomware gang has emerged as a formidable threat, unleashing targeted double extortion attacks on organizations across the globe. This feature unpacks their methods, victims, and the urgent response from cybersecurity experts.
The 'Gentlemen' ransomware group is shaking up the cybercrime landscape with global attacks that steal corporate secrets before locking networks. Discover how this new syndicate operates and what makes its tactics so dangerous.
Ransomfeeds have become a central weapon in the arsenal of ransomware gangs, turning data theft into public spectacle and relentless extortion. This investigation reveals how these secretive leak sites operate, the technical tricks that keep them online, and the growing impact on organizations worldwide.
Lampuscom has rapidly become a major player in the ransomware leak economy, orchestrating data-driven extortion campaigns across the globe. This feature uncovers their tactics, impact, and why their model is redefining cybercrime.
Ransomfeed and similar leak sites have revolutionized ransomware attacks, enabling cybercriminals to publicly expose stolen data and pressure victims. Discover how these platforms operate, their impact, and the technical tactics behind the new age of digital extortion.
The CANCER ransomware group is shaking up the cybercrime world with ruthless double extortion tactics and high-profile leaks on Ransomfeed. Here’s how they operate, who they target, and what it means for businesses everywhere.
A ransomware gang has exposed the identities of engineers behind Israel’s Arrow and David’s Sling missile systems, blurring the line between cybercrime and espionage. Our investigation reveals the technical, personal, and geopolitical stakes of the breach.
The Nobility ransomware group is rapidly rising through the cybercrime ranks, using advanced tactics and public shaming to pressure victims into paying hefty ransoms. Learn how this digital aristocracy operates and what organizations can do to defend themselves.
Ransomware feeds are transforming cybercrime, turning stolen data into profit and public spectacle. This feature investigates how these platforms operate, the rise of ransomware-as-a-service, and the devastating impact on victims.
A dark web ad offered admin access to Italy's tax authority for just $500. Investigation shows it’s likely a scam selling worthless credentials, not a real breach—thanks to strong authentication defenses.
David M. Schwarz Architects, a leading architectural firm, has been targeted by ransomware attackers, exposing sensitive blueprints and client data. This incident highlights the growing cyber risks faced by creative industries and the need for stronger digital defenses.
A new investigation uncovers the industrial-scale pipeline that turns stolen phishing credentials into commodities, revealing the dark web’s sophisticated trade in your personal data.
A reported breach of the IRS has put 18 million U.S. retiree 401(k) records up for sale on the dark web, exposing seniors to unprecedented risks of identity theft and financial scams.
Amnesty International has launched a .onion site on the Tor network, providing safe access to its resources for users facing censorship and surveillance. Here’s how and why the organization is fighting for digital freedom in the world’s most repressive environments.
A major cryptography oversight in Gladinet's CentreStack platform allowed attackers to extract keys and remotely execute code, hitting organizations across multiple sectors. Here’s how the attack worked and what it means for enterprise security.
NanoRemote is a sophisticated malware that turns Google Drive into a command-and-control hub, allowing attackers to steal data and control infected systems undetected. Linked to Chinese espionage, it targets sensitive organizations worldwide.
A Hamas-linked cyber-espionage group has evolved into a major threat, using sophisticated malware to infiltrate diplomatic networks across the Middle East—even as war raged in Gaza.
Scipioni, a petroleum distributor in Belgium, has been targeted by the Morpheus ransomware gang. Learn about the attack, its implications for the oil sector, and the growing threat to critical infrastructure.
Ashen Lepus has escalated its cyber-espionage campaign against Middle Eastern diplomatic networks, deploying the advanced AshTag malware suite and adopting cutting-edge evasion tactics to steal sensitive intelligence.
Ashen Lepus, a Hamas-linked hacker group, has launched a sophisticated espionage campaign using the new AshTag malware to target diplomatic entities in the Middle East, signaling a dangerous escalation in regional cyber-espionage.
Over 700,000 personal and professional records from an Italian registry have appeared for sale on the dark web, exposing citizens and organizations to heightened risks of fraud, phishing, and identity theft.
wwwdigitalcom has become the latest victim of ransomware gangs using double extortion tactics. This feature uncovers how attackers exploit security gaps, the role of leak sites like Ransomfeed, and the wider implications for mid-sized tech companies.
WIRTE, a persistent Arabic-speaking hacking group, is leveraging new malware to infiltrate Middle Eastern governments—even as regional conflicts rage. Here’s how their AshTag toolkit works, and why their activity is on the rise.
A major underground forum listing is selling 896 FortiSSL VPN credentials—including those from Italian firms—for $3,000, highlighting the growing sophistication of cybercrime marketplaces and the urgent need for stronger security defenses.
A 19-year-old in Spain faces arrest after allegedly stealing and selling 64 million personal records. Authorities seized electronic devices and cryptocurrency wallets, signaling a new era of youth-driven cybercrime.
A newly uncovered WinRAR vulnerability has become the centerpiece of global cyber attacks, with advanced threat actors exploiting the flaw to target high-profile government and military entities. This feature unpacks the technical details, real-world impacts, and urgent steps for defense.
Ransomfeed, a dark web marketplace, is revolutionizing ransomware attacks by auctioning stolen data to the highest bidder. This feature investigates the rise of Ransomfeed, its impact on victims, and the technical tactics fueling a global cybercrime ecosystem.
Cybersecurity teams are diving into the Dark Web to protect against threats, but their defensive tactics can carry serious legal risks. Here’s how the line between protection and prosecution is drawn—and how to stay on the right side.
A Chinese APT group known as Silver Fox is poisoning search results to distribute fake Microsoft Teams installers, targeting Chinese-speaking users with malware while using clever misdirection to evade detection.
A Spanish teenager is accused of stealing 64 million personal records from nine companies and attempting to sell them on hacker forums. Authorities seized computers and cryptocurrency wallets in the bust.
An exclusive investigation into how an Italian e-commerce site became the latest prize on the dark web, as hackers auction off admin access and reveal the professionalization of cybercrime. Learn what this means for the future of online retail security.
Polish police have arrested three Ukrainian men found with sophisticated hacking and surveillance gadgets, including Flipper Zero devices and encrypted drives, amid fears of cyber sabotage and espionage.
Heidelberg Golf Club near Melbourne has fallen victim to the Kairos ransomware group, highlighting the growing threat of cyber extortion to community and hospitality venues.
Lynx ransomware has struck Elite Flower, adding the floral industry leader to its list of victims. Learn the details behind the attack, the tactics used by ransomware gangs, and why all businesses must take cybersecurity seriously.
GhostFrame, a novel phishing kit uncovered in late 2025, uses iframe deception and dynamic subdomains to evade detection and has already powered over a million attacks. Learn how this kit is changing the phishing landscape and what defenses are needed.
Amazon reveals Chinese state-sponsored hackers are actively exploiting the critical React2Shell flaw, targeting organizations using React and Next.js. Immediate patching is urged to prevent compromise.
Iran’s MuddyWater group has deployed the stealthy UDPGangster backdoor in targeted campaigns against Turkey, Israel, and Azerbaijan, using advanced phishing and anti-analysis techniques to evade detection and compromise critical sectors.
A new ransomware group, platinumonein, is making waves with aggressive double extortion tactics and public data leaks. Experts scramble to respond as victims pile up and fear spreads.
NATO’s Cyber Coalition 2025 in Estonia brought together 1,300 cyber specialists from across the globe to tackle simulated attacks on critical infrastructure and satellites, testing the alliance’s preparedness for tomorrow’s digital threats.
For months, a subtle flaw in Windows shortcut (LNK) files allowed global cyber-espionage groups to launch stealthy attacks. Learn how the exploit worked, who was targeted, and why official fixes lagged behind hacker ingenuity.
Iranian-backed MuddyWater hackers have unleashed a new cyber-espionage campaign targeting Windows users in Turkey, Israel, and Azerbaijan. Using sophisticated phishing lures, the group deploys the UDPGangster backdoor and CastleRAT trojan to bypass security and maintain covert control, leveraging advanced anti-analysis and privilege escalation techniques.
US and Canadian agencies warn of Brickstorm, a stealthy China-linked malware targeting VMware and Windows systems in critical infrastructure. Discover how it works and what defenders must do.
Lynx ransomware has targeted Canadian fintech Trucash, highlighting evolving cyber threats in the financial sector. Discover the group's methods, motives, and the broader implications for businesses.
Russian Calisto hackers ramp up phishing campaigns against NATO and Ukraine supporters, using advanced social engineering and custom malware to steal credentials and undermine Western security.
MuddyWater hackers are using UDPGangster, a stealthy backdoor, to breach Windows networks via phishing, evading security and targeting governments across the Middle East.
Elite Chinese cyber spies used the Brickstorm backdoor to silently infiltrate critical networks for years, stealing sensitive data and setting the stage for potential large-scale sabotage.
Chinese state-backed hackers are infiltrating US organizations using advanced malware like BrickStorm, enabling them to remain hidden and siphon sensitive data for months or years.
A hidden flaw in Windows shortcuts let cyber spies access diplomats' secrets for eight years. Microsoft patched it only after nation-backed hackers exploited the gap.
Chinese hackers are using the stealthy BrickStorm malware to infiltrate VMware servers, creating rogue virtual machines and stealing credentials from critical U.S. networks, security agencies warn.
Chinese hackers use BRICKSTORM malware for stealthy, long-term access to US and Canadian networks, targeting sensitive data and high-level emails in a strategic espionage campaign.
A Bangladeshi student sold access to over 5,200 government and university websites, enabling Chinese cyber spies to launch stealthy attacks for as little as $3 each.
A Windows shortcut bug exploited by hackers for eight years has finally been fixed by Microsoft, closing a loophole that enabled global cyber espionage campaigns.
Cybersecurity teams must monitor the dark web to prevent attacks, but the line between legal defense and criminal offense is perilously thin—posing risks for privacy, legality, and evidence.
Qilin ransomware has struck Yellow Cab of Columbus, highlighting the growing threat to local services and the urgent need for cyber resilience in transportation.
Microsoft has quietly patched a long-exploited Windows shortcut flaw used by state-backed hackers. Discover how the hidden LNK bug enabled years of stealth cyberattacks and what it means now.
A daring sting operation exposed how North Korea’s Lazarus hackers use fake identities and remote job markets to infiltrate companies worldwide, bypassing traditional cybersecurity defenses.
A long-running gambling scam is actually a cover for a global cyber espionage operation, targeting critical industries and governments under the guise of illicit online casinos.
Explore how leading dark web intelligence platforms like Lunar, ZeroFox, and DarkOwl are helping organizations fight back against cybercrime in the internet’s hidden corners.
India abandons plans to force its 'cyber safety' app onto all new smartphones after public and industry backlash, spotlighting the ongoing tension between security and privacy.
BPFDoor and Symbiote rootkits weaponize Linux’s eBPF technology, hiding deep in the operating system to outpace defenders. Discover their evolution and the new digital arms race.
StreamSpy, the latest malware from Maha Grass APT, slips past traditional defenses using WebSocket. Targeting Asia's key sectors, it signals a new era of stealthy cyber espionage.
Iran’s MuddyWater hackers have unleashed advanced, stealthy malware inspired by the Snake game, targeting Israel and Egypt and signaling a new era in cyber espionage.
Sinobi ransomware has breached Pathmaker Group, a leading identity security firm, spotlighting the risks to organizations that safeguard digital access for other businesses.
Iranian hackers disguised spyware as the classic Snake game to infiltrate Israeli and Egyptian infrastructure, revealing a new level of creativity in state-sponsored cyber espionage.
Oriental Castle Sdn Bhd, a major Malaysian company, is the latest victim of a ransomware attack—highlighting a growing wave of digital extortion across Southeast Asia’s business sector.
North Korean hackers have unleashed nearly 200 malicious npm packages, spreading OtterCookie malware and targeting developers through a sophisticated, industrialized software supply chain attack.
Over four million Chrome and Edge users fell victim to malicious extensions that tracked activity, injected affiliate links, and opened backdoors—exposing the hidden risks of browser add-ons.
India’s mandatory cyber safety app for smartphones sparks privacy concerns, industry resistance, and global debate over digital rights versus national security. Tech giants and citizens brace for impact.
Tlusty and Kennedy have become the latest victims of a ransomware gang, facing threats of data leaks unless they pay up. Discover the tactics and risks involved.
Hackers are hijacking trusted app installers like Telegram and Chrome to deliver ValleyRat malware. Discover how this stealthy threat evades security and what organizations can do.
Meet 888, the solo hacker who turned data leaks into a dark web business—targeting weak corporate systems and exposing secrets from Ryanair, IBM, and beyond.
A seven-year campaign by ShadyPanda turned trusted Chrome and Edge extensions into spyware, compromising over 4 million users and exposing critical flaws in browser marketplace security.
A ransomware attack on CodeRED, a key emergency alert platform, exposed sensitive user data and left U.S. communities in digital silence. Here’s what happened and why it matters.
Tomiris, a Russian-speaking cyber-espionage group, now uses Telegram and Discord to hide attacks on CIS governments, making detection harder for defenders and raising the stakes in digital espionage.
A major cyberattack on HASCO-Hasenclever exposed sensitive blueprints, highlighting how hackers now target Europe’s manufacturing sector and the urgent need for digital defense.
Millions of users installed ShadyPanda browser extensions, unknowingly exposing their data to cybercriminals. Discover how this campaign unfolded and why browser vigilance is crucial.
A disguised cyberattack campaign targeting Vietnam’s IT recruiters used fake resumes and pseudo-polyglot files to steal browser passwords, revealing new tricks in digital espionage.
Chinese front companies are supplying advanced steganography tools to state-backed hackers, arming cyber spies with new ways to conceal secrets in everyday files and evade detection.
An Australian cybercriminal used fake airport Wi-Fi to steal thousands of travelers’ private data. Discover how the Evil Twin attack works and how to protect yourself.
Tomiris hackers now use Telegram and Discord to control malware targeting Central Asian governments, blending into normal app traffic for unprecedented stealth and persistence.
APT36 unleashes Python-based malware against Indian government Linux systems, signaling a major evolution in cross-platform cyberespionage and raising new security challenges for public sector IT.
Tomiris hackers are hijacking trusted apps like Telegram and Discord to spy on diplomats across Russia and Central Asia, making detection harder for cyber defenders.
A wave of ransomware attacks hit US law firms and public broadcasters, exposing sensitive data and disrupting vital services. Cyber gangs now target the digital connectors of American society.
A new ransomware group, vviewisdnet, is shaking up the cybercrime world with aggressive data-leak extortion tactics, signaling escalating threats for organizations worldwide.
Akira ransomware strikes again, leaking 22GB of sensitive files from law, media, healthcare, and industrial firms, revealing the growing threat to North American organizations.
Akira ransomware has targeted Design Team Sign Company, stealing 108GB of sensitive data and threatening public leaks. The attack highlights rising cyber risks for manufacturers.
Malicious AI chatbots are making cybercrime easier for novices. Learn how rogue language models are empowering script kiddies and reshaping cyber threats worldwide.
The dark web is buzzing with offers to sell personal information—dossiers, geolocation, and call logs—turning private lives into commodities for cybercriminals and fraudsters.
AI browser assistants tricked, Iranian hacker group exposed, and a teenage cybercriminal unmasked. Dive into this week’s most revealing cybersecurity stories and what they mean for us all.
Handala hackers have published Israeli tech professionals’ data, offering bounties for more, and weaponizing LinkedIn profiles in a new wave of cyber intimidation campaigns.
Russian-linked hackers are leveraging fake browser updates and SocGholish malware to breach U.S. firms, signaling a dangerous blend of cybercrime and espionage.
ByteToBreach, a bold new cybercriminal, leaks sensitive data from airlines, banks, and governments worldwide—revealing the evolving risks and marketing tactics of modern data theft.
Russian hackers used fake browser updates and advanced malware to target a US engineering firm linked to Ukraine, revealing new tactics in digital espionage.
Israeli startup Opti emerges from stealth with $20 million, aiming to revolutionize identity security using AI to protect both human and machine digital credentials.
Cybersecurity expert Sandro Sana’s book 'The Near Future' urges us to pause and reflect on AI, privacy, and our choices in today’s fast-changing digital world.
Hackers are exploiting the old 'finger' command to sneak malware onto Windows PCs, using forgotten tech to evade detection and launch data theft or remote control attacks.
Google has uncovered BadAudio, a stealthy malware used by APT24 to infiltrate over 1,000 organizations in the US and Taiwan, exposing new levels of cyber-espionage.
Phishing attacks continue to bypass even the most advanced security systems. Explore why these age-old scams still work, who’s most at risk, and how companies can fight back.
Chinese hackers quietly infiltrated Russian IT contractors using cloud services as cover, exposing the thin line between friend and foe in today’s cyber-espionage arena.
Ransomfeed exemplifies the new wave of ransomware leak sites, centralizing stolen data and pressuring victims, while fueling a global cybercrime marketplace and raising the stakes for all.
A major leak exposes APT35’s disciplined, state-sponsored hacking operations. Discover how Iran’s cyber-espionage group targets governments and corporations with military efficiency.
Dropping Elephant hackers used MSBuild and a custom Python backdoor to infiltrate Pakistan’s defense sector, showcasing advanced evasion tactics and the growing risks of weaponized trusted tools.
Hackers weaponize WhatsApp Web with automation and memory-based malware, spreading banking trojans through trusted contacts to target Brazilian users and financial institutions.
Delta Dental of Virginia suffered a breach exposing personal and health data of nearly 146,000 patients, highlighting the growing cyber risks facing healthcare providers today.
ShadowPad malware exploited a critical flaw in Microsoft WSUS, turning trusted updates into a weapon. Learn how this attack unfolded and what it means for cyber defense.
40,000 users of an Italian health and beauty e-commerce site have had their data listed for sale on the dark web, raising major security and privacy concerns.
APT24’s BadAudio malware evaded detection for three years, stealing secrets from global organizations via phishing, supply chain hacks, and advanced evasion techniques.
A ransomware attack on Capp-Shupak highlights the evolution of digital extortion, leak sites, and the global web of cybercrime threatening business data and operations.
APT31, a Chinese hacking group, breached Russian IT firms by hiding in cloud services and social media—revealing how cyber spies exploit everyday digital tools for espionage.
APT24’s BADAUDIO malware infiltrated 1,000+ Taiwanese websites through a supply chain attack, exposing new levels of cyber-espionage and the risks of trusted digital infrastructure.
The dark web job market is evolving, mirroring legitimate hiring practices and drawing in desperate, skilled workers. Explore how cybercrime recruitment is becoming disturbingly professional.
Thousands of outdated Asus routers have been hijacked by suspected China-state hackers, turning ordinary devices into covert assets for cyber espionage. Find out if your router is at risk.
Alma Realty, a major New York real estate firm, was hit by ransomware. We investigate how hackers breached their systems and what it means for the industry.
Curious hobbyists are reviving the spinthariscope, a device that lets you safely witness radioactive decay at home using simple materials and a dash of ingenuity.
ASGARD, a cybercriminal group, is selling access to Italian and EU bank accounts on the dark web, putting victims at risk of fraud, identity theft, and legal trouble.
Enterprises now manage thousands of apps, but only half are securely integrated with identity systems. The resulting gaps and shadow IT expose organizations to growing cyber threats.
Kraken ransomware studies its victims before striking, adapting its tactics for maximum impact. Discover why this new cyberthreat is alarming experts and businesses worldwide.
Ransomfeed, a dark web leak site, showcases stolen data to pressure ransomware victims. Explore how these platforms intensify cyber extortion and reshape the digital crime underworld.
Google launches new tools to combat review-based extortion on Maps, as digital scams—from fake reviews to malvertising—threaten businesses and platforms worldwide.
A cunning cybercrime campaign is targeting hotels and their guests via Booking.com, using malware and phishing to steal payment details. Discover how the scam unfolds and how to avoid it.
Israeli spyware is quietly redrawing the global order. From Pegasus to Cellebrite, surveillance tools are reshaping diplomacy, security, and the balance between freedom and control.
Sendmarc hires veteran Dan Levinson as Customer Success Director to enhance DMARC-driven email security and customer support across North America’s high-risk cyber landscape.
A Ukrainian man linked to the notorious Conti ransomware gang is extradited to the US, revealing how global cybercrime syndicates operate and how authorities fight back.
Handala ransomware group targets organizations in a weekend data breach, exposing new victims in 'The Saturday Files' and demonstrating the growing threat of off-hours cyberattacks.
Play ransomware has struck Tavo Packaging Inc, revealing vulnerabilities in the packaging industry’s digital defenses and the wider supply chain. Here’s how this attack unfolded and why it matters.
Encore Repair Services has been listed as a victim of the Play ransomware group, underscoring the persistent threat of cyber extortion against service providers.
A zero-day flaw in Gladinet’s CentreStack let hackers steal sensitive files and seize control. Discover the exploit's mechanics, the emergency patch, and why vigilance matters.
Hackers used a Cisco SNMP vulnerability to plant rootkits on older switches in a stealthy campaign called Zero Disco. Legacy hardware remains a top cybercrime target.
A severe ICTBroadcast flaw lets hackers hijack call center servers using a simple cookie exploit for remote shell access. Over 200 systems are exposed, with no patch in sight.
A botched over-the-air update left Jeep 4xe hybrids immobilized, raising questions about the safety and reliability of connected cars in an increasingly digital world.
Sweet Security is named both Cloud Security Leader and CADR Leader in Latio's 2025 report, spotlighting its AI-driven, real-time defense for today’s complex cloud threats.
Ransomware criminals targeted Colombian dairy giant Alqueria, disrupting operations and exposing the food industry's vulnerability to cyberattacks across Latin America.
Spanish police have dismantled the GXC Team, a cybercrime syndicate selling phishing kits and malware, exposing the industrial scale of crime-as-a-service operations.
A newly discovered Oracle E-Business Suite flaw lets attackers access sensitive data without login. Explore the risks, recent attack trends, and why urgent patching matters.
Italy’s legal education is lagging behind the digital age, leaving future lawyers unprepared for cybercrime and digital evidence. Can law schools bridge the tech skills gap?
While AI promises to transform work, it’s the skilled trades—electricians, plumbers, technicians—who are in highest demand, building the infrastructure that powers the digital revolution.
DragonForce unveils a new registration panel for cybercriminals, fueling concerns about rising ransomware attacks and the evolving threat landscape for businesses worldwide.
Cemtrex, a leader in industrial tech, faces a ransomware attack that exposes sensitive data and industry-wide vulnerabilities. Discover how hackers target manufacturers and why it matters.
ShinyHunters ransomware gang has breached CIC Vietnam, highlighting growing cyber risks for consultancies in Southeast Asia and the urgent need for stronger digital defenses.
Nova ransomware gang targets DNC, leaking 130GB of sensitive client data. The breach exposes billing, plans, and personal info, raising questions about GDPR compliance and digital security.
The FTC has sued Sendit for allegedly collecting children’s data without consent and misleading users with fake messages and costly subscriptions. The outcome could reshape online privacy rules.
Imgur has cut off UK users after a data watchdog threatened a fine, leaving embedded images blank and raising urgent questions about internet regulation and access.
Klopatra, a new Android Trojan disguised as a streaming app, empties bank accounts while users sleep. Discover how it works, who it targets, and how to protect yourself.
A basic Chrome extension shows how easy it is to defeat the EU's Chat Control law, using open-source encryption to protect private messages from mass surveillance and automated scanning.
Western intelligence agencies publicly accuse China of orchestrating cyberattacks on critical infrastructure. This united front marks a new era in global digital conflict and deterrence.
A Chinese fraudster dubbed the 'Bitcoin Queen' is convicted in London, after UK police seize £5.5 billion in Bitcoin—the largest crypto confiscation in history.
BAM ransomware is turning up the heat on victims with aggressive threats and public data leaks. Discover how their tactics are reshaping the digital extortion game.
Hackers exploited a severe zero-day flaw in Fortra GoAnywhere MFT days before public disclosure, creating secret accounts and deploying malware. Discover how the breach happened and why it matters.
Dragonforce ransomware has struck Memphis Millwork, exposing sensitive client and business data. The attack highlights rising cyber risks facing industry suppliers and small businesses.
A new malware called YiBackdoor has emerged, sharing code with IcedID and Latrodectus. Experts believe it's being tested as a precursor for future ransomware attacks.
A critical zero-day in Chrome is under active attack, prompting urgent warnings from CISA and Google. Here’s why updating your browser now is crucial.
A cyberattack crippled check-in at major European airports, leading to a UK arrest and exposing aviation's digital vulnerabilities. The incident highlights rising threats to critical infrastructure.
WhatsApp’s new translation feature promises seamless multilingual messaging and greater privacy, but also raises fresh questions about security and the risks of frictionless global communication.
A stealthy Chinese SEO poisoning campaign is hijacking trusted websites to lure Asian users into scam traps, using advanced malware and search manipulation for financial gain.
Foreign hackers target America’s ports and power grids. Legacy tech, policy gaps, and supply chain risks leave US critical infrastructure vulnerable. Experts call for urgent action and collaboration.
New flaws in Supermicro BMC firmware let attackers bypass Root of Trust security, raising alarms for data centers and cloud providers worldwide. Experts call for urgent reforms.
A ransomware attack on Collins Aerospace paralyzes major European airports, exposing critical digital vulnerabilities and raising alarms about aviation’s growing cyber risks.
Washington Prime Group, a major US mall operator, is the latest victim named by ransomware gang Worldleaks. The breach exposes growing cyber risks in commercial real estate.
Phishing attacks are no longer confined to email. Criminals now use social media, ads, and messaging apps, targeting both personal and corporate accounts with alarming success.
Mathematics is the invisible fortress defending our digital world. Learn how cryptography, hashing, and number theory keep hackers out and secure the internet for everyone.
Klingelnberg India, a key player in precision engineering, has been hit by Blackshrantac ransomware. The attack highlights rising threats to India’s industrial sector and global supply chains.
A major ransomware attack on Miami Management exposes 2.4TB of sensitive files, highlighting cyber risks for Florida’s property sector and raising questions about industry preparedness.
Despite a US takeover, TikTok's core data and algorithm risks for organizations persist. Experts warn that ownership changes alone won't solve privacy or influence threats.
A high-stakes legal battle unfolds as the US and Portugal vie to extradite RaidForums’ admin, Omnipotent, highlighting the complexities of prosecuting global cybercrime.
As Bitcoin's dominance declines, institutional investors are pivoting to altcoins, fueling a new wave of innovation and diversification across the digital asset market.
Akira ransomware has targeted law firm Cook Brown LLP, threatening to leak 160GB of sensitive legal, personal, and financial data. The attack highlights rising cyber risks for the legal sector.
Syteca 7.21 introduces real-time sensitive data masking, agentless remote access, and full-motion session recording, raising the bar for insider threat protection and compliance.
North Korean hackers are using ChatGPT to create fake military IDs for phishing attacks. Discover how AI is reshaping cyber espionage and raising new security concerns.
The Qilin ransomware gang has targeted multiple Korean asset management firms, exposing cybersecurity gaps and raising concerns across South Korea's financial sector.
Coinbasecartel claims Desjardins Group as its latest victim, highlighting rising cyber threats to financial institutions and the critical need for robust digital defenses.
Coinbasecartel has reportedly targeted SK Telecom in a fresh ransomware attack, highlighting mounting cyber risks for Asia’s telecom giants and the growing audacity of digital extortion gangs.
WhiteCobra hackers unleashed malicious extensions in the VSCode ecosystem, draining crypto wallets and exploiting trust in developer marketplaces. Discover how the attack worked—and how to avoid it.
China launches mandatory labels for AI-generated content, setting a global benchmark for transparency and digital security. Explore how this historic move reshapes tech regulation and public trust.
Microsoft ends support for Windows 11 23H2 Home and Pro in November 2025. Users must upgrade to stay protected, as unsupported systems become prime targets for cyber threats.
Cloud-native security is undergoing a revolution. Learn how runtime visibility, AI, and unified platforms are redefining how enterprises defend against real-world threats.
Emanuela Ciardi’s reappointment at Italy’s National Cybersecurity Agency marks a pivotal moment for the nation’s digital defense amid rising cyber threats and political intrigue.
Vidar infostealer is back, using advanced stealth to steal credentials and financial data. Discover how this malware adapts, evades defenses, and what you can do to stay protected.
A major ransomware gang claims to have stolen 62GB of sensitive legal and client data from Molod Spitz & DeSantis, threatening to leak files unless paid.
Akira ransomware hackers are exploiting a critical SonicWall VPN flaw and misconfigurations to breach corporate networks. Here’s how the attacks work—and what organizations must do to defend themselves.
Cybercriminals are abusing iCloud Calendar invites to send phishing emails that evade spam filters, posing as Apple and luring users into costly remote access scams.
A cybercriminal claims to be selling Canegrate’s municipal data and system access on an underground forum, raising alarms about public sector cybersecurity and citizen privacy.
A cyberattack by Anonymous Russia on the Veneto Regional Council was swiftly contained, prompting the region to launch a dedicated cyber defense team to protect digital democracy.
US investors are rapidly increasing their backing of spyware firms in 2024, fueling global expansion despite regulatory crackdowns. Explore the implications, key players, and new security countermeasures.
Spectra Logic, a data protection giant, faces a ransomware breach. The incident highlights growing cyber risks—even for companies entrusted to guard the world’s most sensitive data.
A ransomware attack on Gagosian exposes the art world’s digital vulnerabilities. Learn how cybercriminals target galleries, the risks involved, and what it means for global art security.
Infamous Play ransomware gang has breached JIT Energy Services, spotlighting the growing risk to energy infrastructure and critical industries worldwide. Here’s what you need to know.
SwissBorg lost $41 million in a partner wallet breach, affecting 1% of users. The platform pledges full reimbursement as crypto thefts surge in 2025.
Browsers have become a top target for hackers, storing sensitive data and credentials. This feature unpacks the risks and how organizations are fighting back.
Ransomware attacks in Italy are evolving. IT managers are adopting cyberstorage—storage with built-in security—to protect data, meet strict laws, and outsmart hackers.
As cyber attacks surge, U.S. government cyber job cuts spark alarm. Are budget slashes leaving America vulnerable on the digital frontlines? Experts and lawmakers clash over the risks.
SentinelOne’s move to acquire Observo AI aims to solve security’s data crisis, promising real-time, AI-powered pipelines and a break from slow, legacy SIEM systems.
Stealerium and Phantom, once 'educational' malware, are now fueling a global wave of data theft and blackmail. Discover how open-source infostealers are reshaping cybercrime.
Cephalus ransomware exploits trusted security tools with DLL side-loading and cloud data theft, combining old tricks with new tactics in a double extortion scheme.
OpenAI has launched free Projects and chat branching in ChatGPT, promising smarter workspaces and better conversation control—but raising new questions about privacy and data safety.
Attackers exploited a compromised GitHub account and stolen OAuth tokens to access Salesforce data at major firms, revealing new risks in cloud app integrations and digital trust.
A critical Argo CD vulnerability let even basic users access sensitive code repository credentials, putting major enterprises at risk of theft and supply chain attacks.
Scammers are using X’s Grok AI to sneak malware links past platform defenses, reaching millions. This exposé reveals how 'grokking' works—and why it’s a wake-up call for AI security.
GhostRedirector, a China-linked group, compromised 65 Windows servers with backdoors and IIS modules to secretly boost gambling sites in a global SEO fraud campaign.
VirusTotal uncovers a phishing campaign using undetectable SVG files to mimic Colombia’s judicial system, delivering malware through convincing portals and password-protected archives.
Cybercriminals have exploited X’s Grok AI, turning it into a mass distributor of malware by bypassing ad protections and leveraging the AI’s trusted status to fool millions.