In a recent post on a dark web forum, a threat actor has claimed to be selling an exploit for a zero-day vulnerability in Magento 2, a widely used e-commerce platform. The vulnerability, identified as CVE-2024-34102, reportedly allows for remote code execution (RCE) and the establishment of an SSH shell on…
Category: Cyber Attack
The Cactus Ransomware group has announced new breaches on their website, targeting companies in various industries. These allegations include a firearms distributor, an engineering consultancy, and an industrial manufacturing firm. Sensitive corporate and personal data are reportedly at risk. AmChar Wholesale, Inc. (USA) AmChar Wholesale, Inc., a firearms distributor with over…
A threat actor group, UserSec, recently announced the creation of a new division called the UserSec Control Department (USCD). According to posts published on their Telegram channel, this new department claims to focus on combating internal issues within Russia, specifically targeting drug-related activities and pedophilia. The USCD has been organized into…
A threat actor on a dark web forum claims to be selling access to a MySQL server belonging to a Pakistani company that develops CRM software for the US market. The data allegedly includes 1,000 active US credit card details and 1.4 million lines of personal information. The seller is withholding…
A threat actor claims to have breached data Harel Insurance Israel, compromising the data of over 1.8 million customers. The data includes sensitive information such as full names, ID numbers, and phone number claim details. The threat actor is allegedly selling the data for 1 BTC. According to the threat actor,…
Cyber group KillSec allegedly hacked MediCheck.io, a Belgian company offering medical control and absenteeism management services. The hack reportedly exposed sensitive data, including patient names, locations, accident details, medical conditions, and certifications of incapacity for work. These claims raise concerns about MediCheck’s ability to secure personal information. The company’s digital processes,…
In a post on a dark web forum, a threat actor has alleged they possess full access to the entire server network of CardCom, a leading credit clearing company based in Israel. The post offers unrestricted access to the company’s servers, databases, and sensitive financial information. According to the listing, the…
Telegram has rolled out new measures to enhance platform safety. While its search feature is known for helping users discover public channels and bots, it has also been exploited for illegal activities, including the sale of illicit goods. In response, Telegram is now stepping up efforts to tackle these issues. Moderation…
In a post on a dark web forum, a threat actor claimed to be selling full network access to a prominent telecommunications company in the Arabian Gulf. The post details the sale of access to a company in the information services and telecommunications sector. According to the threat actor, the access…
In a recent revelation that raises concerns over data security, a threat actor known as @grep has announced the compromise of Twilio’s call records. The breach, disclosed in a post on the dark web forum, affects an American call interpretation service, resulting in the exposure of 11,802 individual call records. The…
Threat Actor: 888 | 888 Victim: Oracle Corporation | Oracle Corporation Price: Not disclosed Exfiltrated Data Type: Employee information (full names, job titles, company names, email addresses, physical addresses) Key Points : The breach allegedly occurred in September 2024, exposing 4,002 rows of e…
In September 2024, an alarming claim surfaced regarding Raaga.com, a popular Indian music streaming service, alleging that the personal information of approximately 9.8 million users had been compromised. According to the report, the exposed data includes usernames, names, email addresses, dates of birth, gender, profile images, and country information. Additionally, device-related…
In a series of revelations, several Chinese companies and institutions have fallen victim to significant data breaches, with millions of user records now circulating on dark web forums. These leaks span from financial institutions to online education platforms. China Natural Gas Group Data Breach One of the largest breaches involves the…
In a concerning development for cryptocurrency users, a threat actor on a dark web forum has claimed responsibility for leaking sensitive information belonging to millions of Binance customers. The alleged breach, disclosed in August 2024, reportedly impacts 12.8 million user records from the world’s largest virtual currency exchange. According to the…
Le conseil municipal de Suva a été victime d’une cyberattaque avec ransomware qui a entraîné une perte de données et a perturbé ses opérations. Une équipe d’experts en cybersécurité a été assemblée pour restaurer le système et améliorer les mesures de sécurité. Le conseil a réussi à récupérer ses systèmes financiers et de paie, et travaille à récupérer les données restantes et à rétablir ses opérations à plein régime.