#cybercrime-marketplace
#cybercrime-marketplace

Software development

Internet Bug Bounty program hits pause on payouts

9 hours ago

A single maintainer, a fake company, and a three-hour window: inside the Axios supply chain hijack - Silicon Canals

A single maintainer's vulnerability led to a significant security breach in a widely used JavaScript library, exposing thousands of systems to potential credential theft.

fromInfoWorld

Software development

Internet Bug Bounty program hits pause on payouts

more#open-source

Artificial intelligence

fromFast Company

20 hours ago

It's way too easy to cheat now

Generative AI enables undetectable scams, including fake X-rays that deceive even experienced radiologists.

Germany news

22 hours ago

BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks

Germany's BKA identified Daniil Shchukin and Anatoly Kravchuk as key figures behind the REvil ransomware operation, linked to numerous attacks and significant financial losses.

#north-korea

Remote teams

Watch this video of how a job interviewer exposes a North Korean fake IT worker | TechCrunch

Cryptocurrency

$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation

North Korean Hackers Drain $285 Million From Drift in 10 Seconds

A North Korean threat actor executed a $285 million heist from the Drift DeFi platform using sophisticated techniques and pre-signed transactions.

19 hours ago

North Korean Hackers Target High-Profile Node.js Maintainers

North Korean hackers are targeting Node.js maintainers using social engineering tactics similar to those used in previous campaigns.

fromFortune

I knew about North Korean hackers-they still tricked me and got into my computer | Fortune

North Korean hackers are increasingly targeting individuals in the crypto industry, employing sophisticated deception tactics.

Remote teams

Watch this video of how a job interviewer exposes a North Korean fake IT worker | TechCrunch

Cryptocurrency

$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation

North Korean Hackers Drain $285 Million From Drift in 10 Seconds

A North Korean threat actor executed a $285 million heist from the Drift DeFi platform using sophisticated techniques and pre-signed transactions.

19 hours ago

North Korean Hackers Target High-Profile Node.js Maintainers

North Korean hackers are targeting Node.js maintainers using social engineering tactics similar to those used in previous campaigns.

fromFortune

I knew about North Korean hackers-they still tricked me and got into my computer | Fortune

North Korean hackers are increasingly targeting individuals in the crypto industry, employing sophisticated deception tactics.

Privacy professionals

Breach of FBI Surveillance System Considered a "Major Incident," Security Experts Weigh In

Suspected Chinese breach of FBI system exposed surveillance targets' phone numbers

A breach linked to China exposed phone numbers of FBI surveillance targets, raising concerns about counterintelligence risks.

Breach of FBI Surveillance System Considered a "Major Incident," Security Experts Weigh In

FBI confirms major breach of surveillance system, exposing sensitive data and potentially revealing criminal probes and surveillance targets.

Suspected Chinese breach of FBI system exposed surveillance targets' phone numbers

A breach linked to China exposed phone numbers of FBI surveillance targets, raising concerns about counterintelligence risks.

LinkedIn 'BrowserGate' Investigation Alleges Secret Browser Extension Scanning Within Platform

LinkedIn allegedly collects extensive user data through a hidden system called 'Spectroscopy' without explicit user consent.

CBP facility codes sure seem to have leaked via online flashcards

Immigration offenses and internal systems of CBP are detailed in flashcards, highlighting procedures and responsibilities of agents.

France news

fromAxios

Priceless items are easy to steal. They're increasingly harder to sell.

Thieves stole three valuable paintings from a small Italian museum in a quick smash-and-grab operation.

#cybersecurity

EU data protection

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

2 hours ago

Information security

One maintainer, one compromised laptop: How North Korean hackers hijacked the Axios open source project - Silicon Canals

9 hours ago

Information security

Government official impersonation scam complaints doubled in 2025, FBI report shows

15 hours ago

Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More

Compromised npm packages can rapidly affect numerous systems, highlighting the need for enhanced security in software development processes.

North Korea's hijack of one of the web's most used open source projects was likely weeks in the making | TechCrunch

A North Korean cyberattack compromised the Axios project, highlighting security vulnerabilities in open source software development.

The man who discovered the ILOVEYOU virus is now fighting Russian drones using the same playbook - Silicon Canals

Mikko Hyppönen has transitioned from cybersecurity to anti-drone defense, focusing on systems for law enforcement and military clients.

EU data protection

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

A cybercriminal group known as TeamPCP hacked the EU's executive body, stealing 92 gigabytes of data, including personal information.

2 hours ago

One maintainer, one compromised laptop: How North Korean hackers hijacked the Axios open source project - Silicon Canals

North Korean hackers compromised the Axios HTTP library by socially engineering its maintainer, publishing malicious versions that exposed sensitive data.

9 hours ago

Government official impersonation scam complaints doubled in 2025, FBI report shows

Complaints of government impersonation scams nearly doubled from 2024 to 2025, resulting in approximately $800 million in losses.

15 hours ago

Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More

Compromised npm packages can rapidly affect numerous systems, highlighting the need for enhanced security in software development processes.

North Korea's hijack of one of the web's most used open source projects was likely weeks in the making | TechCrunch

A North Korean cyberattack compromised the Axios project, highlighting security vulnerabilities in open source software development.

The man who discovered the ILOVEYOU virus is now fighting Russian drones using the same playbook - Silicon Canals

Mikko Hyppönen has transitioned from cybersecurity to anti-drone defense, focusing on systems for law enforcement and military clients.

Three Tennessee Men Arrested In Connection With Crypto Heist Near Dolores Park

Three men have been arrested for a series of violent crypto thefts on the West Coast, including a $13 million robbery in San Francisco.

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.

DevOps

fromInfoWorld

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.

'Uncanny Valley': Iran's Threats on US Tech, Trump's Plans for Midterms, and Polymarket's Pop-up Flop

Iran threatens US tech firms amid ongoing tensions and preparations for midterm elections are underway.

2 weeks ago

FBI says Iranian hackers are using Telegram to steal data in malware attacks | TechCrunch

Iranian government hackers exploit Telegram to steal data from dissidents and journalists through malware disguised as legitimate apps.

Podcast

'Uncanny Valley': Iran's Threats on US Tech, Trump's Plans for Midterms, and Polymarket's Pop-up Flop

Iran threatens US tech firms amid ongoing tensions and preparations for midterm elections are underway.

2 weeks ago

FBI says Iranian hackers are using Telegram to steal data in malware attacks | TechCrunch

Iranian government hackers exploit Telegram to steal data from dissidents and journalists through malware disguised as legitimate apps.

North Korean hackers implicated in major supply chain attack

A compromised maintainer account for the Axios npm package led to the publication of malicious software versions targeting various operating systems.

fromFortune

17 hours ago

A quantum threat to Bitcoin has some asking the unthinkable: Is it time to freeze old wallets belonging to Satoshi Nakamoto? | Fortune

Quantum computing poses a significant threat to Bitcoin wallets, particularly those of Satoshi Nakamoto, potentially allowing hackers to access them by 2029.

#meta

fromwww.businessinsider.com

Meta paused its work with AI training startup Mercor after a data breach

Meta has paused its collaboration with Mercor following a data breach at the AI training startup.

Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk

Meta has paused work with Mercor due to a major security breach affecting data used for AI training.

fromwww.businessinsider.com

Meta paused its work with AI training startup Mercor after a data breach

Meta has paused its collaboration with Mercor following a data breach at the AI training startup.

Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk

Meta has paused work with Mercor due to a major security breach affecting data used for AI training.

ICE says it bought Paragon's spyware to use in drug trafficking cases | TechCrunch

ICE has utilized spyware from Paragon Solutions to combat drug trafficking and foreign terrorist organizations' use of encrypted communications.

ICE confirms it deployed Paragon spyware inside the United States for drug trafficking cases - Silicon Canals

ICE is using commercial spyware domestically, raising constitutional concerns about warrantless surveillance and lack of oversight.

ICE says it bought Paragon's spyware to use in drug trafficking cases | TechCrunch

ICE has utilized spyware from Paragon Solutions to combat drug trafficking and foreign terrorist organizations' use of encrypted communications.

ICE confirms it deployed Paragon spyware inside the United States for drug trafficking cases - Silicon Canals

ICE is using commercial spyware domestically, raising constitutional concerns about warrantless surveillance and lack of oversight.

Data Privacy At The Kitchen Table | AdExchanger

Data privacy has become a significant concern for lawmakers and constituents, evolving into a key topic of discussion.

#cybercrime

fromThe Cipher Brief

Information security

New Presidential Executive Order Targets Transnational Cybercrime

Privacy professionals

LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace

Information security

Don't glamorize cybercrims, roast them instead

fromThe Cipher Brief

New Presidential Executive Order Targets Transnational Cybercrime

Transnational cybercrime is escalating, with significant financial losses and a need for enhanced national security measures.

Privacy professionals

LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace

Don't glamorize cybercrims, roast them instead

Cybercrime groups should not be glamorized; they are ordinary individuals using computers for theft, not mythical entities.

Bitgo CEO Proposes Using a Public Blockchain as the Ultimate Solution for Government Fraud

Mike Belshe proposes using a public blockchain to combat state and federal fraud, potentially addressing losses of up to $521 billion annually.

Human Error, Not Hacking, Cited as Top Cause for Crypto Access Loss

Human error is the leading cause of cryptocurrency access loss, affecting 35% of holders, primarily due to forgotten passwords and lost seed phrases.

US Charges Uranium Crypto Exchange Hacker

Jonathan Spalletta was charged with hacking Uranium Finance, stealing over $53 million, and laundering the funds through various transactions.

fromFuturism

World news

Crypto Has Finally Found Its Killer App: Human Trafficking

Human Error, Not Hacking, Cited as Top Cause for Crypto Access Loss

Human error is the leading cause of cryptocurrency access loss, affecting 35% of holders, primarily due to forgotten passwords and lost seed phrases.

US Charges Uranium Crypto Exchange Hacker

Jonathan Spalletta was charged with hacking Uranium Finance, stealing over $53 million, and laundering the funds through various transactions.

fromFuturism

World news

Crypto Has Finally Found Its Killer App: Human Trafficking

more#cryptocurrency

Perplexity's "Incognito Mode" is a "sham," lawsuit says

Perplexity's AI allegedly shares sensitive user chats with Google and Meta without consent, raising significant privacy concerns.

#ai-security

14 hours ago

Information security

Google DeepMind Researchers Map Web Attacks Against AI Agents

Deepmind's 'AI Agent Traps' Paper Maps How Hackers Could Weaponize AI Agents Against Users

Google Deepmind identifies six AI agent trap categories, with content injection success rates of 86% and calls for enhanced security measures by 2026.

fromTNW | Corporates-Innovation

11 hours ago

Information security

Meta Pauses Work With Mercor After LiteLLM-Linked Data Breach - TechRepublic

Information security

Meta freezes AI data work after breach puts training secrets at risk

Information security

Are criminals vibe coding malware? All signs point to yes

14 hours ago

Google DeepMind Researchers Map Web Attacks Against AI Agents

Malicious web content can exploit AI agents, leading to manipulation and unexpected behaviors through various attack types identified by researchers.

Deepmind's 'AI Agent Traps' Paper Maps How Hackers Could Weaponize AI Agents Against Users

Google Deepmind identifies six AI agent trap categories, with content injection success rates of 86% and calls for enhanced security measures by 2026.

11 hours ago

Meta Pauses Work With Mercor After LiteLLM-Linked Data Breach - TechRepublic

Meta has paused work with Mercor due to a security breach linked to the LiteLLM supply chain attack.

fromTNW | Corporates-Innovation

Meta freezes AI data work after breach puts training secrets at risk

Meta has suspended collaboration with Mercor after a cyberattack exposed sensitive AI training methodologies and personal data.

Information security

Are criminals vibe coding malware? All signs point to yes

more#ai-security

#data-breach

Internet Yiff Machine: We hacked 93GB of "anonymous" crime tips

P3's tip database was allegedly hacked, exposing 8.3 million tips and raising security concerns.

AI Startup Mercor, Which Works With Open AI and Anthropic, Confirms Data Breach

Mercor, an AI startup, experienced a data breach involving 4 terabytes of stolen data linked to a supply chain attack by hacking groups.

Information security

Dark Web Forum Breached, Hackers Exposed

Internet Yiff Machine: We hacked 93GB of "anonymous" crime tips

P3's tip database was allegedly hacked, exposing 8.3 million tips and raising security concerns.

AI Startup Mercor, Which Works With Open AI and Anthropic, Confirms Data Breach

Mercor, an AI startup, experienced a data breach involving 4 terabytes of stolen data linked to a supply chain attack by hacking groups.

Information security

Dark Web Forum Breached, Hackers Exposed

How a 'Wrong Number' Message Turned Into a $3.4M Crypto Scam

This $3.4 million scam illustrates the rise of social engineering in crypto fraud, focusing on emotional manipulation over technical exploits.

3 weeks ago

If You Don't Have One, I Recommend a Free Dark Web Monitoring Service

Dark web monitoring services track compromised data across public hacker forums and databases to alert users when their personal information appears in breaches, though most breached data is found on the clear web rather than the dark web itself.

fromComputerworld

3 weeks ago

Cyber criminals too are working from home... your home

The FBI warns that cybercriminals use residential proxies to mask illegal activities by hijacking IoT devices, smartphones, and routers, threatening both consumers and enterprises, particularly older devices.

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

Operation REF1695 uses fake installers to deploy RATs and cryptocurrency miners, monetizing infections through CPA fraud since November 2023.

Information security

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

Information security

Sophisticated CrystalX RAT Emerges

CrystalX RAT is a new malware-as-a-service combining spyware, stealer, and remote access capabilities, promoted on Telegram and YouTube.

Microsoft: Hackers Are Using WhatsApp to Deliver Malware to Windows PCs

WhatsApp messages are being exploited to deliver malware to Windows users, creating significant security risks.

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

Operation REF1695 uses fake installers to deploy RATs and cryptocurrency miners, monetizing infections through CPA fraud since November 2023.

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

A new version of SparkCat malware targets cryptocurrency users on mobile platforms, concealing itself in benign apps and evolving its technical capabilities.

Sophisticated CrystalX RAT Emerges

CrystalX RAT is a new malware-as-a-service combining spyware, stealer, and remote access capabilities, promoted on Telegram and YouTube.

Microsoft: Hackers Are Using WhatsApp to Deliver Malware to Windows PCs

WhatsApp messages are being exploited to deliver malware to Windows users, creating significant security risks.

SEC Warns Fake Officials Exploit Trust With Fraud Tactics Targeting Investors

Impersonation scams using SEC branding are increasing, exploiting investor trust through social media and text messages.

fromwww.independent.co.uk

Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK

Drift decentralized exchange lost $285 million due to a sophisticated attack involving unauthorized access and social engineering.

How your entire identity could be sold for 30 on the dark web

British identity packages, including an ID scan, a selfie, and a dossier of personal data, can be purchased by criminals on the dark web for as little as 30, new research suggests. As identity theft continues to rise, experts have discovered the sale of national identity documents, driving licences, credit card details and 2,000 UK frequent traveller passports. The information can be exploited in multiple ways and used to apply for credit cards, mortgages, car loans, or to open bank accounts.

UK news

US news

An FBI 'Asset' Helped Run a Dark Web Site That Sold Fentanyl-Laced Drugs for Years

An FBI-controlled informant ran a staff role on the Incognito dark web market while allegedly approving fentanyl-tainted pill sales linked to at least one death.

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

Threat actor exploits Next.js vulnerabilities to exfiltrate credentials and compromise systems at scale, affecting over 766 systems and collecting more than 10,000 files.

6 days ago

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

Stolen credentials significantly enhance ransomware attacks, enabling illegitimate access and operational disruption within networks.

Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures

A phishing campaign targets Spanish-speaking users in Latin America and Europe, delivering banking trojans via malware called Horabot.

CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails

A phishing campaign impersonating CERT-UA distributed malware called AGEWHEEZE targeting various organizations in Ukraine.

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

A phishing campaign targets French-speaking corporations with fake resumes, deploying malware for credential theft and cryptocurrency mining.

Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures

A phishing campaign targets Spanish-speaking users in Latin America and Europe, delivering banking trojans via malware called Horabot.

CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails

A phishing campaign impersonating CERT-UA distributed malware called AGEWHEEZE targeting various organizations in Ukraine.

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

A phishing campaign targets French-speaking corporations with fake resumes, deploying malware for credential theft and cryptocurrency mining.

'Incognito' operator sentenced to 30 years for running a dark web drug market

Rui-Siang Lin was sentenced to 30 years for operating Incognito Market, facilitating over $105 million in drug sales and stealing/extorting users.

6 days ago

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.

6 days ago

Chainalysis Deploys AI Agents to Counter Criminal Use of Artificial Intelligence in Crypto

Chainalysis introduces AI agents to enhance fraud detection and compliance without requiring deep technical expertise, ensuring data quality and human oversight.

US Prisons Russian Access Broker for Aiding Ransomware Attacks

Aleksei Volkov was sentenced to 81 months in prison for his role in ransomware attacks causing over $9 million in losses.

Information security

Site catering to online criminals has been seized by the FBI

Information security

From Ransomware to Residency: Inside the Rise of the Digital Parasite

Information security

Ransomware Groups May Pivot Back to Encryption as Data Theft Tactics Falter

US Prisons Russian Access Broker for Aiding Ransomware Attacks

Aleksei Volkov was sentenced to 81 months in prison for his role in ransomware attacks causing over $9 million in losses.

Information security

Site catering to online criminals has been seized by the FBI

Information security

From Ransomware to Residency: Inside the Rise of the Digital Parasite

Information security

Ransomware Groups May Pivot Back to Encryption as Data Theft Tactics Falter

Google unleashes Gemini AI agents on the dark web

Google's Gemini AI agents analyze the dark web for threats, achieving 98% accuracy while processing millions of posts daily.

3 weeks ago

Interpol sinkholes 45,000 IPs linked to global cybercrime

Interpol arrested 94 cybercriminals across multiple countries during Operation Synergia III, seizing 212 devices and sinkholing over 45,000 malicious IP addresses linked to phishing, romance scams, and credit card fraud.

4 weeks ago

Crims hit EV charger firm ELECQ, steal customer contact data

In a notice sent to customers on Monday and seen by The Register, the EV charging outfit said that it detected "unusual activity" on its AWS cloud platform on March 7 and quickly discovered that attackers had launched a ransomware attack against parts of its infrastructure. According to the message, some databases were both encrypted and copied during the intrusion, meaning that the crooks likely walked off with user information before the company pulled the plug.

Information security

fromTechzine Global

How phishing service Tycoon 2FA went under

Tycoon 2FA, a Phishing-as-a-Service (PhaaS) platform, enabled thousands of cybercriminals to steal login credentials and session tokens. Even accounts secured with MFA could be compromised via a single email. The service had been active since at least 2023 and quickly grew to become one of the most widely used phishing platforms in the world.

Information security

fromMashable

Hackers use this tool to bypass fraud detection and weaponize Google ads

The service, referred to as 1Campaign, provides hackers with a one-stop-shop for running malicious ads and enabling fraud "at scale," a recent report by cybersecurity company Varonis uncovered. Using just a single dashboard, hackers can cloak malicious content from security researchers, ad platform reviewers, and automated scanners - who instead see a benign white page - and target general users with phishing or scam attempts.

Information security

#cryptocurrency-theft

fromDataBreaches.Net

Information security

How crypto criminals stole $700 million from people - often using age-old tricks - DataBreaches.Net

fromwww.bbc.com

Information security

How crypto criminals stole $700 million from people - often using age-old tricks

fromDataBreaches.Net

Information security

How crypto criminals stole $700 million from people - often using age-old tricks - DataBreaches.Net

fromwww.bbc.com

more#cryptocurrency-theft

Information security

How crypto criminals stole $700 million from people - often using age-old tricks

#ramp

Information security

Ransomware crims forced to take off-RAMP as FBI seizes forum

fromComputerWeekly.com

Information security

RAMP ransomware forum goes dark in probable FBI sting | Computer Weekly

Information security

Ransomware crims forced to take off-RAMP as FBI seizes forum

fromComputerWeekly.com

Information security

RAMP ransomware forum goes dark in probable FBI sting | Computer Weekly

Security in the Dark: Recognizing the Signs of Hidden Information

Withholding accurate or complete data undermines security decisions and increases organizational risk.

LLMs Hijacked, Monetized in 'Operation Bizarre Bazaar'

Cybercriminals systematically scan, hijack, and monetize exposed self-hosted LLM and MCP endpoints to resell access, exfiltrate data, and move laterally.

fromTechzine Global

Researchers hack malware gang via its own weak spot

An XSS flaw in StealC’s web panel allowed takeover of operator sessions, revealing millions of stolen cookies, passwords, and YouTube-based malware distribution.

For the price of Netflix, crooks can rent AI crime ops

AI tools, including Dark LLMs and deepfakes, have commodified cybercrime into rentable, automated services that enable large-scale impersonation and fraud.

fromDataBreaches.Net