Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsTraining
StudyProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Training
Study
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1941+ Articles
150+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
All tags
178 articles

#Cybercrime

All CosmicBytez Labs articles tagged #Cybercrime, across news, security advisories, how-to guides, and projects.

  • NewsJul 17, 2026

    In Other News: Iran Tracks US Military Phones, CrashStealer macOS Malware, CVD Blueprint

    This week's security roundup covers Iranian threat actors tracking US military personnel's phones, the newly discovered CrashStealer macOS infostealer, a coordinated vulnerability disclosure blueprint, ransomware targeting naval defense firm TKMS, and more.

  • NewsJul 17, 2026

    US Charges Two New Yorkers for Laundering $43 Million in Pig Butchering Investment Fraud

    Federal prosecutors charged Zhuoying Chen and Haojie Zhang with conspiracy to commit money laundering after the pair allegedly moved $43 million in pig butchering fraud proceeds through 140 bank accounts under 45 shell companies.

  • NewsJul 16, 2026

    Coca-Cola Fairlife Ransomware Attack Halts All US Dairy Production

    The Coca-Cola Company filed an SEC 8-K disclosure after a ransomware attack on its Fairlife dairy subsidiary temporarily suspended all US production of Ultra-Filtered Milk, Core Power Protein Shakes, and Nutrition Plan beverages.

  • NewsJul 16, 2026

    Identity Attacks Overtake Exploits as Top Ransomware Cause

    Sophos 2026: 79% of ransomware attacks start with stolen identities. MFA was present in 97% of credential-based cases yet failed to stop every one of them.

  • NewsJul 16, 2026

    New Spirals Ransomware Encrypts Victim Network in Under 24 Hours

    A newly identified ransomware group called Spirals has demonstrated alarming operational speed, completing the full attack lifecycle — initial access, lateral movement, data theft, and network-wide encryption — in less than 24 hours.

  • NewsJul 16, 2026

    Two Scattered Spider Hackers Get 5.5 Years Each for £29 Million TfL Hack

    Owen Flowers, 18, and Thalha Jubair, 20, were each sentenced to five and a half years at Woolwich Crown Court for their roles in the 2024 cyberattack on Transport for London that downed 148 systems and disrupted 27,000 employees.

  • NewsJul 15, 2026

    Dutch Police Bust Investment Fraud Ring Stealing Over €100 Million

    Dutch Police have announced the arrest of multiple suspects believed to be part of an international investment fraud ring that stole over €100 million from tens of thousands of victims. The operation dismantled fake investment platforms operated by the criminal network across multiple countries.

  • NewsJul 15, 2026

    US Charges Three Russians for Operating Bulletproof Hosting Behind $62M Ransomware Campaign

    Federal prosecutors unsealed a 2024 indictment against three Russian nationals who ran Medialand LLC and ML.Cloud LLC — bulletproof hosting services used by LockBit, BlackSuit, and Play ransomware gangs to victimize 44 organizations across 21 US states.

  • NewsJul 14, 2026

    Spanish Police Take Down €140 Million Cyber Fraud Ring, Arrest Four

    Spanish National Police, coordinating with Europol, Interpol, Portugal, and Panama, have dismantled a sophisticated cybercriminal organization responsible for €140 million in fraud losses across Europe. Four individuals were arrested after raids across Spain, Portugal, and Panama. The ring operated fraudulent investment platforms, CEO impersonation scams, BEC attacks, and fake invoice fraud — laundering proceeds through 120 shell companies and 800+ bank accounts.

  • NewsJul 14, 2026

    U.S. Sanctions First VPN Service and Malware Cryptor Seller Over Ransomware Support

    The U.S. Treasury's OFAC has designated two individuals and a VPN service provider for enabling ransomware actors and other cybercriminals — marking a significant escalation in targeting the infrastructure that makes ransomware operations possible.

  • NewsJul 13, 2026

    US Treasury Sanctions 1VPNS: The VPN Service Favored by Ransomware Groups

    The US Treasury's OFAC sanctioned First VPN Service (1VPNS) and its Ukrainian administrator for providing anonymization cover to ransomware groups attacking US critical infrastructure, causing billions in losses. Action is coordinated with the UK and follows a May 2026 European infrastructure takedown.

  • NewsJul 12, 2026

    Dutch Police Trace Odido Telecom Breach to Suspected Local Accomplice

    Dutch police have identified evidence implicating a local Dutch suspect as an accomplice in the cyberattack on telecom provider Odido, which exposed the personal data of more than 6 million customers earlier this year.

  • NewsJul 12, 2026

    Ransomware Negotiator Gets 70 Months in Prison for Aiding BlackCat Attacks

    A 41-year-old former cybersecurity professional has been sentenced to 70 months in federal prison for conspiring with the now-defunct BlackCat ransomware group to extort victims and coordinating additional attacks alongside two other cybersecurity professionals.

  • NewsJul 11, 2026

    Ryuk Operator Pleads Guilty; BlackCat/AlphV Conspirator Gets Nearly 6-Year Sentence

    A Ryuk ransomware operator pleaded guilty in Oregon federal court while a BlackCat/AlphV conspirator received a 70-month prison sentence in Florida,...

  • NewsJul 11, 2026

    Third US Security Expert Sentenced to Prison for Helping Ransomware Gang

    Angelo Martino, a former ransomware negotiator turned insider threat, was sentenced to 70 months in federal prison for actively assisting the...

  • NewsJul 10, 2026

    Armenian National Pleads Guilty to Ryuk Ransomware Attacks

    Karen Vardanyan, an Armenian national, has pleaded guilty to federal charges related to Ryuk ransomware attacks and faces up to 15 years in prison with...

  • NewsJul 10, 2026

    In Other News: DHS Database Hacked, Adobe Boosts Patch Cadence, Canada Disrupts Ransomware Ops

    A weekly cybersecurity roundup covering the DHS database breach, Adobe accelerating its patch release schedule, Canada's law enforcement disruption of...

  • NewsJul 10, 2026

    Money Launderer Accused of Stealing $290K in Seized Crypto While Serving Prison Sentence

    A Bulgarian national already serving over 10 years for laundering millions stolen from American fraud victims now faces new charges after allegedly...

  • NewsJul 10, 2026

    Police Suspects Dutch Hackers Were Involved in Odido Breach

    The Dutch National Police has found strong indications that Dutch nationals were behind the February 2026 data breach at Odido, one of the Netherlands'...

  • NewsJul 9, 2026

    Former DigitalMint Ransomware Negotiator Sentenced to 70 Months for Defrauding Clients

    Angelo Martino, a former cyber recovery specialist at DigitalMint, was sentenced to nearly six years in federal prison after secretly feeding confidential...

  • NewsJul 9, 2026

    'GodDamn' Ransomware Uses BYOVD Technique to Kill Security Software at US Companies

    A new ransomware strain dubbed 'GodDamn' is leveraging a Microsoft-signed malicious kernel driver through the Bring Your Own Vulnerable Driver technique...

  • NewsJul 9, 2026

    GodDamn Ransomware Uses PoisonX Kernel Driver to Neutralize Endpoint Security

    Symantec's Threat Hunter Team has flagged GodDamn, a new ransomware family that deploys the PoisonX kernel driver to disable endpoint detection and...

  • NewsJul 9, 2026

    GigaWiper: New Windows Backdoor Bundles Disk Wiping, Fake Ransomware, and Spyware

    Microsoft has dissected GigaWiper, a destructive Windows backdoor that combines three distinct destructive capabilities — full disk wiping, fake...

  • NewsJul 9, 2026

    INTERPOL Arrests 5,800 Suspects in Operation First Light 2026 Global Fraud Bust

    A 3.5-month INTERPOL-led operation spanning 97 countries resulted in 5,811 arrests, $293 million seized, and 142,000 victims identified — targeting...

  • NewsJul 9, 2026

    Police Arrest 5,800 Suspects and Seize $293M in Global Anti-Fraud Crackdown

    A sweeping international law enforcement operation spanning 97 countries resulted in the arrest of 5,811 suspects and the seizure of $293 million in...

  • NewsJul 6, 2026

    Canada's Spy Agency Reports Hacking Three Criminal Groups in 2025

    Canada's Communications Security Establishment publicly disclosed offensive cyber operations against a ransomware-as-a-service gang, a foreign online...

  • NewsJul 6, 2026

    JadePuffer: The First Fully Autonomous LLM-Driven Ransomware Attack

    Security researchers at Sysdig have documented JadePuffer — an agentic threat actor powered entirely by a large language model that independently...

  • NewsJul 6, 2026

    Weekly Recap: Proxy Botnets, Browser Ransomware, AI Agent Tricks, Fake PoC Malware

    This week's threat roundup covers residential proxy botnets hiding in streaming boxes, browser-based ransomware campaigns, AI agent abuse techniques, and...

  • NewsJul 5, 2026

    Teen Suspect in Scattered Spider Hacks Is Extradited to US

    Peter Stokes, 19, has been extradited from Finland to face federal charges tied to Scattered Spider's hundred-million-dollar cybercrime spree — the latest...

  • NewsJul 4, 2026

    Agentic AI Used to Conduct Ransomware Attack via Langflow Vulnerability

    Threat group JadePuffer leveraged an LLM agent to autonomously execute a multi-stage ransomware-style attack through a critical Langflow vulnerability,...

  • NewsJul 4, 2026

    Alleged Scattered Spider Hacker Peter Stokes Extradited to the United States

    Peter Stokes, 19, a dual US-Estonian citizen known online as 'Bouquet,' has been extradited from Finland to face federal charges for his alleged role in...

  • NewsJul 4, 2026

    JadePuffer Ransomware Used an AI Agent to Automate the Entire Attack

    Security researchers have documented what appears to be the first ransomware operation conducted entirely by a large language model agent — JadePuffer...

  • NewsJul 3, 2026

    In Other News: Canadian Hacker Jailed, Open Source Zero-Days, Two Sentenced for ATM Jackpotting

    A roundup of security stories you may have missed: an Anonymous-linked Canadian hacker receives a prison sentence, a researcher drops zero-days in open...

  • NewsJul 2, 2026

    AI Agent Exploits Langflow RCE to Automate Database Ransomware Attack

    Sysdig researchers documented the first fully autonomous AI-driven ransomware campaign, where threat actor JADEPUFFER used an AI agent to chain Langflow...

  • NewsJul 2, 2026

    FortiBleed Credential Theft Linked to INC and Lynx Ransomware Operations

    SOCRadar uncovered FortiBleed — a large-scale credential-harvesting campaign targeting 11,250 FortiGate portals across 150+ countries, resulting in 110...

  • NewsJul 2, 2026

    Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials

    Anubis ransomware affiliates are exploiting CVE-2025-5777 (Citrix Bleed 2) for initial access while pairing BYOVD techniques and stolen supply chain...

  • NewsJul 2, 2026

    Ransomware Thugs Masquerade as Interpol to Entice Small Biz

    A ransomware campaign is impersonating Interpol to pressure small and medium-sized businesses into paying extortion demands, using law enforcement...

  • NewsJul 2, 2026

    ThreatsDay: AI Compute Hijacking, Apple Email Flaw, BlueHammer Ransomware + 14 Stories

    This week's security roundup covers AI compute theft, a newly discovered Apple Mail vulnerability, the emerging BlueHammer ransomware group, and 14...

  • NewsJul 1, 2026

    FortiBleed Credential-Theft Campaign Linked to Lynx Ransomware Group

    Researchers have connected the massive FortiBleed credential-theft operation — which harvested credentials from over 86,000 FortiGate firewalls — directly...

  • NewsJun 30, 2026

    Blackfield Ransomware Demands $2 Million from Nidec Corporation

    The Blackfield ransomware gang is demanding a $2 million ransom from Nidec Corporation after attacking its Taiwanese subsidiary, Nidec Chaun Choung...

  • NewsJun 30, 2026

    How Ransomware Syndicates Weaponize Corporate-Style Organization

    From outsourced labor to tiered pricing models, today's top ransomware groups operate less like rogue hackers and more like Fortune 500 companies — with...

  • NewsJun 27, 2026

    Third-Party Breaches Teach Education Sector a Costly Lesson in Vendor Risk

    Rising third-party breach incidents are forcing schools and universities to play defense as ransomware gangs and supply chain attackers increasingly...

  • NewsJun 26, 2026

    Minnesota Man Known as 'Snoopy' Sentenced in DraftKings Hack

    Nathan Austad of Minnesota, who operated under the alias 'Snoopy,' has been sentenced for his role in the 2022 DraftKings data breach, becoming the third...

  • NewsJun 25, 2026

    Europe Evolves Into Ransomware's Favorite Region

    New research from Black Kite shows ransomware attacks against European organizations surged 55% in the first four months of 2026 compared to the same...

  • NewsJun 25, 2026

    Local Police Collusion Hampers Crackdown on Asian Scam Centers

    With tens of billions of dollars flowing into regional economies from cybercrime, scam centers across Southeast Asia continue to flourish despite...

  • NewsJun 25, 2026

    Malicious Edge Extension "Edgecution" Abuses Native Messaging to Deploy Ransomware Backdoor

    Zscaler researchers exposed 'Edgecution', a rogue Microsoft Edge extension that exploits Chrome's Native Messaging protocol to escape the browser sandbox...

  • NewsJun 25, 2026

    Poland Busts SIM-Swapping Gang Tied to Millions in Crypto Theft

    Polish authorities, working alongside the FBI and HSI, have arrested four members of a cybercrime gang that used SIM-swapping attacks to hijack...

  • NewsJun 24, 2026

    Amadey and StealC Malware Operations Disrupted in Operation Endgame Action

    Microsoft, Europol, and international law enforcement partners have dismantled infrastructure supporting the Amadey malware loader and StealC infostealer...

  • NewsJun 24, 2026

    Stealthy Mistic Backdoor Linked to Ransomware Access Broker KongTuke

    Security researchers have identified a new backdoor malware named Mistic being deployed by KongTuke, a ransomware initial access broker, in financially...

  • NewsJun 22, 2026

    INTERPOL Warns Phishing, Ransomware, and AI Scams Are Rising Across Asia-Pacific

    A new INTERPOL report reveals a dramatic surge in Asia-Pacific cybercrime, with phishing rates nearly double the global average, ransomware attacks...

  • NewsJun 22, 2026

    Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More

    This week's threat roundup covers the Usbliter8 iPhone boot exploit, NarwhalRAT spread via fake Microsoft alerts, The Gentlemen ransomware's GentleKiller...

  • NewsJun 21, 2026

    New Prinz Eugen Ransomware Prioritizes Recent Files for Encryption

    A new Go-based ransomware operation named Prinz Eugen targets recently modified files first, uses ChaCha20-Poly1305 encryption, and communicates with...

  • NewsJun 19, 2026

    The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes

    The Gentlemen ransomware-as-a-service operation distributes a sophisticated EDR-killing toolkit called GentleKiller to affiliates, capable of terminating...

  • NewsJun 18, 2026

    Australian Sugar Producer Works to Restore Operations After Ransomware Attack

    Mackay Sugar, one of Australia's largest sugar producers, is working urgently to restore harvesting and milling operations after The Gentlemen ransomware...

  • NewsJun 18, 2026

    Gentlemen Ransomware Uses Multiple EDR Killers to Disable Defenses

    The Gentlemen ransomware-as-a-service operation is actively developing and maintaining a suite of EDR killer tools to help affiliates evade detection and...

  • NewsJun 18, 2026

    INC Ransomware Emerges as Major RaaS Threat in 2026 with 830+ Victims Since 2023

    Cybersecurity researchers have charted the evolution of INC ransomware from a nascent RaaS operation to one of the most prolific cybercrime groups in...

  • NewsJun 17, 2026

    INC Ransomware Thrives by Mastering the Basics

    The INC ransomware group has risen to prominence not through exotic exploits but by relentlessly targeting sectors — particularly healthcare — where...

  • NewsJun 17, 2026

    Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack

    Security researchers have uncovered a DragonForce ransomware attack deploying a new Go-based backdoor that uses Microsoft Teams relay infrastructure for...

  • NewsJun 16, 2026

    'Lorem Ipsum' Malware Pivots to ClickFix Delivery via WordPress

    New analysis reveals the 'Lorem Ipsum' malware campaign has adopted ClickFix social engineering as its primary delivery mechanism, leveraging compromised...

  • NewsJun 16, 2026

    DragonForce Ransomware Hides C2 Traffic Inside Microsoft Teams Relays

    DragonForce ransomware operators deployed a custom implant called Backdoor.Turn to camouflage command-and-control communications inside legitimate...

  • NewsJun 15, 2026

    FBI and Google Dismantle 'Outsider Enterprise' Phishing Service

    A joint FBI and Google operation took down the Outsider Enterprise phishing platform — responsible for over 9,000 fake sites, nearly 4 million stolen...

  • NewsJun 14, 2026

    Conti Ransomware Member Pleads Guilty, Faces Up to 20 Years in Prison

    Oleksii Lytvynenko, a 44-year-old Ukrainian national, has pleaded guilty to participating in the prolific Conti ransomware group after being arrested in...

  • NewsJun 14, 2026

    FBI Dismantles Massive AI-Powered Chinese Phishing-as-a-Service Operation

    The FBI, Google, and Black Lotus Labs jointly dismantled Outsider Enterprise, a massive Chinese phishing-as-a-service platform that operated over one...

  • NewsJun 13, 2026

    Ex-School District IT Employee Sentenced to 21 Months for Cyberattacks on Former Employer

    A former IT worker at an Iowa school district was sentenced to 21 months in federal prison after conducting a sustained cyberattack campaign against his...

  • NewsJun 12, 2026

    Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs

    Europol has dismantled AudiA6, a cryptocurrency laundering service described as a key financial pipeline for ransomware gangs and cybercriminal networks...

  • NewsJun 12, 2026

    Ukrainian National Pleads Guilty to Role in Conti Ransomware Operation

    A Ukrainian national extradited from Ireland to the United States has pleaded guilty to conspiracy charges tied to the Conti ransomware operation, which...

  • NewsJun 11, 2026

    Authorities Dismantle 'AudiA6' Ransomware Crypto-Laundering Service

    Law enforcement has dismantled the AudiA6 cryptocurrency laundering service used by ransomware actors and cybercriminals to clean more than $380 million...

  • NewsJun 11, 2026

    The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a Worm

    A new analysis of The Gentlemen ransomware operation reveals the financially motivated group has claimed 478 victims and evolved a worm-like...

  • NewsJun 10, 2026

    Infostealers Turn Millions of Devices Into Credential Theft Machines

    Attackers increasingly favor stolen credentials over exploits, and infostealers have become the primary access broker feeding ransomware and cybercrime...

  • NewsJun 10, 2026

    Who Runs the Ransomware Group 'The Gentlemen'?

    KrebsOnSecurity investigates the identity and structure behind The Gentlemen, the second most active ransomware gang of 2026, known for offering...

  • NewsJun 7, 2026

    Dark Web Nemesis Market Vendor Gets 26 Years for Selling Drugs

    A California man was sentenced to over 26 years in federal prison for trafficking fentanyl and meth through Nemesis Market, a major dark web drug marketplace.

  • NewsJun 4, 2026

    Over 1.4 Million Accounts Disrupted in Cybercrime Crackdown

    Law enforcement agencies and major technology companies have jointly dismantled infrastructure tied to Southeast Asia-based scammers, disrupting more than 1.4…

  • NewsJun 3, 2026

    Police Dismantles 9 Crime Groups in Illegal Streaming Crackdown

    A coordinated international law enforcement operation has dismantled nine organized crime groups and arrested 29 suspects in a major crackdown targeting…

  • NewsJun 3, 2026

    The U.S. Sanctions Nobitex Crypto Exchange Used by Ransomware

    The U.S. Treasury's OFAC has sanctioned Nobitex, Iran's largest cryptocurrency exchange, for facilitating payments linked to terrorist activities and…

  • NewsJun 2, 2026

    AI-Built Ransomware Toolkit Automates EDR Evasion and AD Discovery

    A threat actor has deployed an AI-generated ransomware attack toolkit that automates Active Directory discovery and helps evade endpoint detection and…

  • NewsJun 1, 2026

    Dutch Police Dismantle Massive 17-Million-Device Botnet

    Dutch authorities seized command-and-control servers tied to a botnet of 17 million infected computers, smartphones, and tablets that was allegedly used to…

  • NewsMay 28, 2026

    Canadian Man Gets 33 Years for Using Social Media to Coerce US Children

    A Canadian man received a 33-year US federal sentence after using fake online identities on social media to manipulate children into sending sexually...

  • NewsMay 28, 2026

    Latin American Cybercriminals Hoover Up Government Data

    A reported breach of 5.8M Uruguayan records is the latest in a growing pattern of attackers monetizing Latin American government citizen data.

  • NewsMay 27, 2026

    Ransomware Actors Show Up In Person to Steal Law Firm Data

    FBI warns the Silent Ransom Group is targeting law firms by physically arriving on-site and social-engineering access to sensitive client databases.

  • NewsMay 26, 2026

    7-Eleven Data Breach Exposes Personal Information of 185,000 People

    The ShinyHunters extortion gang stole the personal information of over 185,000 customers after breaching convenience store giant 7-Eleven in April 2026, with.

  • NewsMay 23, 2026

    Former US Execs Plead Guilty to Aiding Tech Support Scammers

    Two former executives of a call-tracking and analytics company have pleaded guilty to concealing a years-long tech support fraud scheme that victimized...

  • NewsMay 23, 2026

    Netherlands Seizes 800 Servers of Hosting Firm Enabling

    Dutch financial crime investigators (FIOD) arrested two men and seized 800 servers from a hosting company that provided bulletproof infrastructure...

  • NewsMay 22, 2026

    ''First VPN'' Cybercrime Service Disrupted, Administrator

    The FBI and international partners have disrupted First VPN, a criminal VPN service used by dozens of ransomware groups for network reconnaissance and...

  • NewsMay 22, 2026

    Alleged Kimwolf Botmaster ''Dort'' Arrested, Charged in U.S. and Canada

    Canadian authorities arrested a 23-year-old Ottawa man suspected of building and operating Kimwolf, an IoT botnet that enslaved millions of devices for...

  • NewsMay 22, 2026

    Canadian Man Arrested and Charged for Running KimWolf DDoS

    Jacob Butler, a Canadian national, has been arrested and charged in the United States and Canada for running the KimWolf DDoS-for-hire botnet, which...

  • NewsMay 22, 2026

    First VPN Dismantled in Global Takedown Over Use by 25

    International authorities have disrupted a criminal VPN service called First VPN that was used by more than 25 ransomware groups to conceal network...

  • NewsMay 22, 2026

    US and Canada Arrest and Charge Suspected Kimwolf Botnet

    U.S. and Canadian authorities arrested and charged a Canadian man with operating the Kimwolf DDoS botnet, which infected nearly two million devices...

  • NewsMay 22, 2026

    Verizon DBIR 2026: Healthcare Fends Off Rising Social

    The 2026 Verizon Data Breach Investigations Report highlights how evolving social engineering tactics are making the healthcare sector more vulnerable,...

  • NewsMay 21, 2026

    Europe Dismantles VPN Service Used by Cybercriminals to Hide Ransomware Attacks

    European law enforcement has taken down First VPN, a privacy service that had been openly advertised on Russian-language cybercrime forums as a tool for...

  • NewsMay 21, 2026

    Police Seize 'First VPN' Service Used in Ransomware and Data Theft Attacks

    International law enforcement has dismantled 'First VPN,' a criminal VPN service marketed on Russian-speaking cybercrime forums and used to facilitate...

  • NewsMay 20, 2026

    GitHub Confirms Being Hacked by TeamPCP, Says Customer Data

    GitHub has officially confirmed it was breached by the TeamPCP threat actor after the group advertised stolen internal source code on a cybercrime forum....

  • NewsMay 20, 2026

    GitHub Investigating TeamPCP Claimed Breach of ~4,000

    GitHub is investigating unauthorized access to its internal repositories after the TeamPCP threat actor listed approximately 4,000 GitHub internal repos...

  • NewsMay 20, 2026

    Ukraine Identifies Infostealer Operator Tied to 28,000

    Ukrainian cyberpolice, working with US law enforcement, identified an 18-year-old from Odesa suspected of running an infostealer malware operation that...

  • NewsMay 19, 2026

    Cybercrime Service Disrupted for Abusing Microsoft Platform

    Microsoft has disrupted a malware-signing-as-a-service operation that exploited the company's Artifact Signing service to produce fraudulent code-signing...

  • NewsMay 19, 2026

    Verizon DBIR 2026: Vulnerability Exploitation Overtakes

    Verizon's 2026 Data Breach Investigations Report reveals a landmark shift: vulnerability exploitation has surpassed credential abuse as the leading breach...

  • NewsMay 17, 2026

    Foxconn Attack Highlights Manufacturing's Cyber Crisis

    A Nitrogen ransomware attack on Foxconn's North American facilities is one of more than 600 hits on manufacturers so far in 2026, as ransomware gangs...

  • NewsMay 16, 2026

    Colorado Governor Commutes Prison Sentence for Election

    Colorado Governor Jared Polis has commuted the nine-year prison sentence of Tina Peters, the election denier convicted of stealing voting system data,...

  • NewsMay 15, 2026

    American Lending Center Data Breach Affects 123,000

    The non-bank lender discovered a ransomware attack nearly one year ago but only recently completed its investigation, notifying over 123,000 individuals...

  • NewsMay 15, 2026

    More Than $10 Million Stolen from Crypto Platform THORChain

    THORChain officials confirmed that one of their six vaults was compromised in a security incident, leading to a loss of approximately $10.7 million. The...

  • NewsMay 13, 2026

    Foxconn Confirms Cyberattack Claimed by Nitrogen Ransomware

    Foxconn, the world's largest electronics manufacturer, confirmed a cyberattack on its North American factories claimed by the Nitrogen ransomware gang,...

  • NewsMay 13, 2026

    Foxconn Confirms North American Factories Hit by Cyberattack

    Electronics manufacturing giant Foxconn has confirmed a cyberattack on its North American operations after the Nitrogen ransomware group claimed...

  • NewsMay 13, 2026

    Tables Turn on 'The Gentlemen' RaaS Gang With Data Leak

    An OPSEC failure provides a rare window into the inner workings of The Gentlemen ransomware-as-a-service group, exposing their affiliate model, TTPs, and...

  • NewsMay 12, 2026

    West Pharmaceutical Services Hit by Disruptive Ransomware

    West Pharmaceutical Services, a global manufacturer of drug delivery systems and packaging, has taken systems offline worldwide after hackers exfiltrated...

  • NewsMay 12, 2026

    West Pharmaceutical Warns of Ransomware Attack Impacting

    West Pharmaceutical Services filed an SEC disclosure warning that hackers breached the company on May 4, stole data, and encrypted systems — forcing a...

  • NewsMay 12, 2026

    Worm Redux: Fresh Mini Shai-Hulud Infections Bite npm

    Hundreds of npm packages in the TanStack open source ecosystem have been infected by a fresh wave of Mini Shai-Hulud worm activity from TeamPCP — the same...

  • NewsMay 11, 2026

    Hackers Used AI to Develop First Known Zero-Day 2FA Bypass

    Google has disclosed a landmark discovery: an unknown threat actor used an AI system to develop a zero-day exploit in the wild — the first confirmed...

  • NewsMay 11, 2026

    UK Water Utility Fined £963,900 After Cl0p Lurked

    The UK's Information Commissioner's Office fined South Staffordshire Water nearly £1 million after the Cl0p ransomware group maintained undetected access...

  • NewsMay 10, 2026

    Multiple Universities Forced to Reschedule Final Exams

    Dozens of universities were forced to reschedule final examinations after a cybercriminal group displayed threatening messages through Canvas, the widely...

  • NewsMay 3, 2026

    New Bluekit Phishing Kit Features AI Assistant and Automated Domain Registration

    A newly discovered phishing-as-a-service toolkit called Bluekit is emerging on underground forums, offering threat actors an AI assistant for campaign...

  • NewsMay 2, 2026

    Critical cPanel Flaw Mass-Exploited in 'Sorry' Ransomware

    A newly disclosed critical vulnerability in cPanel and WHM tracked as CVE-2026-41940 is being mass-exploited by ransomware actors to breach web hosting...

  • NewsMay 1, 2026

    Cyber Incident Responders Sentenced to 4 Years for Carrying

    Two cybersecurity incident responders who abused their trusted positions to secretly carry out ransomware attacks against the organizations they were...

  • NewsMay 1, 2026

    US Ransomware Negotiators Get 4 Years in Prison Over

    Two former cybersecurity incident responders from Sygnia and DigitalMint were each sentenced to four years in federal prison for leveraging their trusted...

  • NewsApr 30, 2026

    FBI Links Cybercriminals to Sharp Surge in Cargo Theft

    The FBI has issued a warning to the transportation and logistics industry about a sharp rise in cyber-enabled cargo theft, with estimated losses reaching...

  • NewsApr 30, 2026

    Former Incident Responders Sentenced to 4 Years for Ransomware Attacks on Clients

    Ryan Goldberg and Kevin Martin, who worked as incident responders, were sentenced to four years in federal prison after using their trusted access to...

  • NewsApr 30, 2026

    Hackers Earning Millions from Hijacked Cargo, FBI Says

    The FBI's new advisory reveals that cyber actors have spent the last two years systematically breaching freight broker and carrier systems, then posing as...

  • NewsApr 30, 2026

    Sandhills Medical Says Ransomware Breach Affects 170,000

    Healthcare organization took nearly one year to publicly disclose a data breach after being targeted by Inc Ransom ransomware, with approximately 170,000...

  • NewsApr 29, 2026

    European Police Dismantles €50 Million Crypto Investment

    Austrian and Albanian law enforcement jointly dismantled a large-scale cryptocurrency investment fraud operation estimated to have caused over €50 million...

  • NewsApr 29, 2026

    Swiss Police Arrest 10 Suspected Members of Nigeria-Linked

    Swiss and German law enforcement arrested 10 suspected members of the Nigerian criminal network Black Axe, including a regional leader believed to oversee...

  • NewsApr 29, 2026

    Vect 2.0 Ransomware Acts as Wiper Thanks to Design Error

    The emerging Vect 2.0 ransomware — deployed against TeamPCP supply chain attack victims — permanently destroys files larger than 131KB due to a critical...

  • NewsApr 29, 2026

    VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB

    Threat hunters warn that VECT 2.0 ransomware contains a critical flaw in its encryption implementation that acts more like a wiper for files over 131KB...

  • NewsApr 28, 2026

    Broken VECT 2.0 Ransomware Acts as a Data Wiper for Large

    Researchers have found that VECT 2.0 ransomware contains a critical flaw in its nonce handling that causes encryption to permanently destroy large files...

  • NewsApr 28, 2026

    Feuding Ransomware Groups Leak Each Other's Data

    When rival ransomware groups 0APT and KryBit turned on each other, they exposed infrastructure details, operational data, victim lists, and internal...

  • NewsApr 27, 2026

    Money Launderer for Crypto Thieves Given 5-Year Prison

    A California man has been sentenced to more than five years in federal prison for his role in laundering proceeds for a cybercriminal organization that...

  • NewsApr 27, 2026

    Money Launderer Linked to $230M Crypto Heist Gets 70 Months

    Evan Tangeman, 22, of Newport Beach, California, was sentenced to 70 months in federal prison for laundering funds stolen in a $230 million cryptocurrency...

  • NewsApr 25, 2026

    ADT Says Customer Data Stolen in Cyber Intrusion

    Home security giant ADT confirmed that cybercriminals breached its systems and stole a limited set of customer and prospective customer information. The...

  • NewsApr 24, 2026

    ADT Confirms Data Breach After ShinyHunters Leak Threat

    Home security giant ADT has confirmed a data breach after the ShinyHunters extortion group threatened to publish stolen data unless a ransom is paid,...

  • NewsApr 23, 2026

    Trigona Ransomware Deploys Custom CLI Exfiltration Tool in Active Attacks

    Recently observed Trigona ransomware attacks are using a bespoke command-line exfiltration tool to steal data from compromised environments faster and...

  • NewsApr 22, 2026

    Former Ransomware Negotiator Pleads Guilty to BlackCat

    Angelo Martino, 41, a former employee of cybersecurity incident response firm DigitalMint, has pleaded guilty to targeting U.S. companies with BlackCat...

  • NewsApr 22, 2026

    Kyber Ransomware Gang Uses Post-Quantum Encryption to Target Windows and ESXi

    A new ransomware operation called Kyber is targeting Windows systems and VMware ESXi endpoints, with one variant implementing Kyber1024 post-quantum...

  • NewsApr 22, 2026

    Spain Dismantles Major $4.7M Manga Piracy Platform, Arrests

    Spanish police have shut down the largest Spanish-language manga piracy platform, which had operated since 2014 and served millions of monthly users...

  • NewsApr 21, 2026

    Former DigitalMint Ransomware Negotiator Pleads Guilty to $75.3M Extortion Scheme

    Angelo Martino, a former ransomware payment negotiator for DigitalMint, has pleaded guilty to helping accomplish extort $75.3 million in ransom from five...

  • NewsApr 21, 2026

    Surge in Bomgar RMM Exploitation Demonstrates Supply Chain

    A critical RCE flaw in BeyondTrust Bomgar remote monitoring and management software is being actively exploited to spread ransomware and compromise...

  • NewsApr 20, 2026

    The Backup Myth That Is Putting Businesses at Risk

    Backups protect your data, but they don't keep your business running during downtime. Understanding the difference between backup and BCDR is critical as...

  • NewsApr 20, 2026

    The Gentlemen Ransomware Now Uses SystemBC for Bot-Powered

    Researchers have discovered a SystemBC proxy botnet of over 1,570 compromised hosts linked to Gentlemen ransomware operations. The gang's affiliate is...

  • NewsApr 19, 2026

    6-Year Ransomware Campaign Targets Turkish Homes and SMBs

    A ransomware campaign operating since at least 2019 has persistently targeted Turkish home users and small-to-medium businesses, largely evading major...

  • NewsApr 18, 2026

    New Jersey Men Sentenced to Combined 17 Years for Running

    Two New Jersey men received prison sentences of nine and nearly eight years respectively for operating IT laptop farms that funneled over $5 million to...

  • NewsApr 17, 2026

    Grinex Exchange Blames Western Intelligence for $13.7M

    Kyrgyzstan-based cryptocurrency exchange Grinex has suspended all operations after a $13.7 million hack, with the platform controversially attributing the...

  • NewsApr 17, 2026

    Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3

    An international law enforcement operation has dismantled 53 DDoS-for-hire domains, arrested four individuals, and exposed over 3 million criminal...

  • NewsApr 17, 2026

    Payouts King Ransomware Uses QEMU Virtual Machines to Bypass Endpoint Security

    The Payouts King ransomware group is deploying the QEMU open-source emulator as a covert reverse SSH backdoor, spinning up hidden virtual machines on...

  • NewsApr 17, 2026

    Ransomware Attack Still Disrupting London Healthcare Nearly

    More than 18 months after a ransomware attack crippled hospitals in South East London, at least one NHS trust is still operating without fully restored...

  • NewsApr 10, 2026

    Dutch Hospitals Disrupted After Ransomware Hits Healthcare

    A ransomware attack on Dutch healthcare software vendor ChipSoft has forced hospitals and patients across the Netherlands offline, disrupting the HiX...

  • NewsApr 10, 2026

    'It Reads Like a Spy Novel': $280M Drift Theft Linked to North Korean Fake Companies

    A post-mortem of the $280 million Drift Protocol crypto theft reveals a sophisticated six-month North Korean social engineering operation involving fake...

  • NewsApr 9, 2026

    Cybercriminals Target Accountants to Drain Russian Firms'

    Cybercriminals are stealing millions from Russian companies by compromising accountants' computers and disguising fraudulent transfers as routine salary...

  • NewsApr 9, 2026

    Healthcare IT Provider ChipSoft Hit by Ransomware Attack

    Dutch healthcare software vendor ChipSoft has been struck by a ransomware attack, forcing the company to take its website and digital patient services...

  • NewsApr 8, 2026

    FBI: Cybercrime Losses Neared $21 Billion in 2025

    The FBI received over 1 million complaints of malicious activity in 2025, with investment scams, business email compromise, and tech support fraud causing...

  • NewsApr 7, 2026

    FBI: Americans Lost a Record $21 Billion to Cybercrime Last

    The FBI's Internet Crime Complaint Center reports that U.S. victims lost nearly $21 billion to cyber-enabled crimes in 2025 — an all-time record — driven...

  • NewsletterApr 7, 2026

    Apr 7 Digest: Medusa Ransomware Surge, FBI $21B Record

    Storm-1175 runs sub-24-hour Medusa ransomware campaigns using zero-days; the FBI IC3 reports a record $21 billion in US cybercrime losses for 2025; North...

  • NewsApr 6, 2026

    BKA Identifies REvil Leaders Behind 130 German Ransomware

    Germany's Federal Criminal Police Office has publicly unmasked the real identity of "UNKN," the primary operator behind the now-defunct REvil and GandCrab...

  • NewsApr 6, 2026

    German Authorities Identify REvil and GandCrab Ransomware

    Germany's Federal Police have publicly named two Russian nationals as the leaders of the GandCrab and REvil ransomware operations, linking them to at...

  • NewsApr 5, 2026

    Feds Disrupt IoT Botnets Behind Huge DDoS Attacks

    A joint operation by the US Department of Justice, Canada, and Germany has dismantled the infrastructure behind four highly disruptive IoT botnets that...

  • NewsApr 5, 2026

    Germany Doxes "UNKN," Head of RU Ransomware Gangs REvil

    German authorities have publicly identified the elusive "UNKN," the operator behind the GandCrab and REvil ransomware groups, as 31-year-old Russian...

  • NewsApr 4, 2026

    Evolution of Ransomware: Multi-Extortion Ransomware Attacks

    Modern ransomware has evolved far beyond simple file encryption. Multi-extortion tactics — combining encryption, data theft, and public leak threats —...

  • NewsApr 3, 2026

    Die Linke German Political Party Confirms Data Stolen by Qilin Ransomware

    The Qilin ransomware group has claimed responsibility for an attack against German political party Die Linke, forcing an IT systems outage and threatening...

  • NewsApr 3, 2026

    In Other News: ChatGPT Data Leak, Android Rootkit, Water

    This week's security stories you may have missed: a ChatGPT conversation data leak, a new Android rootkit on Google Play, a municipal water facility taken...

  • NewsMar 31, 2026

    Hacker Charged with Stealing $53 Million from Uranium

    U.S. prosecutors have charged a Maryland man with hacking DeFi protocol Uranium Finance twice and laundering over $53 million through cryptocurrency mixers.

  • NewsMar 31, 2026

    Iran Deploys 'Pseudo-Ransomware,' Revives Pay2Key Operations

    Iranian APT groups are increasingly blurring the lines between state-sponsored cyber espionage and financially motivated cybercrime, deploying destructive...

  • NewsMar 31, 2026

    Leak Bazaar: New Criminal Service Plans to Monetize Data

    A new underground platform called Leak Bazaar positions itself as a data-processing business, offering to monetize stolen records on behalf of ransomware...

  • NewsMar 31, 2026

    Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

    A new report reveals how industrialized credential theft has become the common thread connecting ransomware campaigns, SaaS platform breaches, and...

  • NewsMar 28, 2026

    Bearlyfy Hits Russian Firms with Custom GenieLocker

    Pro-Ukrainian hacktivist group Bearlyfy has conducted over 70 cyberattacks against Russian companies since January 2025, recently deploying a custom...

  • NewsMar 26, 2026

    Pro-Ukraine Hacker Group Bearlyfy Targets Russian Companies

    The pro-Ukrainian hacktivist group Bearlyfy has conducted over 70 cyberattacks against Russian businesses in the past year and is escalating operations...

  • NewsMar 26, 2026

    Russia Detains Alleged Admin of LeakBase Cybercrime Forum

    Russian authorities have detained a suspected administrator of LeakBase, a major stolen-data marketplace with over 147,000 subscribers, just weeks after...

  • NewsMar 25, 2026

    LeakBase Admin Arrested in Russia Over Massive Stolen

    Russian law enforcement has arrested the alleged administrator of LeakBase — a credential marketplace operating since 2021 with 142,000 members and...

  • NewsMar 25, 2026

    Manager of Botnet Used in Ransomware Attacks Gets 2 Years

    Ilya Angelov, co-leader of the TA551/Mario Kart cybercrime group, was sentenced to two years in prison for operating a phishing botnet that sent 700,000...

  • NewsMar 25, 2026

    Paid AI Accounts Are Now a Hot Underground Commodity

    New research from Flare Systems reveals that premium AI platform access — including ChatGPT Plus, Claude Pro, and raw API keys — has been systematically...

  • NewsletterMar 25, 2026

    Mar 25 Digest: DarkSword Leaks iPhone Zero-Days

    This week: the DarkSword iOS exploit chain published on GitHub threatens to democratize nation-state-grade iPhone hacking; CanisterWorm turns the Trivy...

  • NewsMar 24, 2026

    Russian Hacker Who Helped Yanluowang Ransomware Gang Gets

    Aleksei Volkov, a Russian initial access broker who sold unauthorized access to U.S. companies for the Yanluowang ransomware group, has been sentenced to...

  • NewsMar 21, 2026

    Two US Cybersecurity Professionals Plead Guilty to BlackCat

    Former incident responder Ryan Goldberg and ransomware negotiator Kevin Martin admitted to running ALPHV/BlackCat ransomware operations against five US...

  • NewsMar 20, 2026

    DoJ Disrupts 3 Million-Device IoT Botnets Behind Record

    The U.S. Department of Justice, in coordination with Germany and Canada, has dismantled the C2 infrastructure of four major IoT botnets — AISURU, Kimwolf,...

  • NewsMar 17, 2026

    LeakNet Ransomware Weaponizes ClickFix and Deno Runtime for Stealthy Corporate Attacks

    The LeakNet ransomware gang is using ClickFix social engineering for initial access and a Deno-based malware loader to execute fileless payloads from...

  • NewsMar 13, 2026

    England Hockey Investigating Data Breach After AiLock

    England Hockey, the national governing body for field hockey in England, is investigating a potential data breach after the AiLock ransomware group listed...

  • NewsMar 8, 2026

    Termite Ransomware Operator Velvet Tempest Chains ClickFix

    Microsoft-tracked threat actor Velvet Tempest is deploying Termite ransomware via a ClickFix social-engineering chain that loads DonutLoader and installs...

  • NewsMar 6, 2026

    Spanish-Ukrainian Police Bust Gambling Ring That Exploited

    Spanish and Ukrainian law enforcement dismantled a criminal organization that recruited war-displaced Ukrainian women to open bank accounts used to...

  • NewsMar 5, 2026

    Phobos Ransomware Admin Pleads Guilty — 1,000+ Victims

    Evgenii Ptitsyn, 43, a Russian national who administered the Phobos ransomware-as-a-service operation, pleaded guilty to wire fraud conspiracy in the U.S....

  • NewsMar 4, 2026

    Europol-Coordinated Action Dismantles Tycoon2FA — 330

    An international coalition led by Europol and Microsoft has taken down Tycoon2FA, a phishing-as-a-service platform responsible for 87.5 million phishing...

  • NewsFeb 20, 2026

    WormGPT Hacked: 19,000 Cybercriminal AI Platform Users

    A threat actor has published a database allegedly containing 19,000 user records from WormGPT, the underground AI platform marketed for offensive hacking...

  • NewsFeb 11, 2026

    Ransomware Costs Projected to Hit $74 Billion in 2026, 30%

    Cybersecurity Ventures forecasts ransomware damage costs will surge to $74 billion globally in 2026, up from $57 billion in 2025, as attacks grow more...

  • NewsFeb 4, 2026

    The Rise of Ransomware-as-a-Service: 14 Active Platforms

    Security researchers identify 14 active RaaS platforms operating sophisticated affiliate programs, with entry costs as low as $40 per month lowering the...

  • NewsFeb 4, 2026

    Ransomware Attacks Surge in Early 2026 with 26 Claims in One Day

    Threat intelligence reports show 8 active ransomware groups claimed 26 victims on February 2nd alone, with major corporations including BASF and Honeywell...