A threat actor named Cargo claimed to be selling unauthorized access to Euskal Herria Bildu’s email system. The listing, found on a dark web marketplace, involved at least two verified EH Bildu email accounts, posing potential security risks. #EH_Bildu #DarkWebLeak…
Tag: DARK WEB
A threat actor named Ranssi claimed to sell administrator-level access to the Superior Audit Office of the State of Nayarit on a dark web forum. The listing included proof-of-access screenshots and credentials for the government’s official web domain, raising concerns about potential security breaches. #Ranssi #NayaritAuditOffice…
A threat actor named aisdata has listed a database containing over 5.6 million U.S. cryptocurrency user records for sale on the dark web. The dataset includes sensitive personal information and poses a serious risk to individual privacy and financial security. #aisdata #CryptoVerifiedDatabase…
A recent report by CTM360 uncovers a widespread scam operation using fake news websites called Baiting News Sites (BNS) to conduct online investment fraud across 50 countries. These fake sites mimic legitimate media outlets, deceive users through targeted ads, and manipulate victims into investing money, often collecting sensitive data in the…
A sophisticated phishing campaign impersonates Hungary’s HunCERT and other organizations by hosting credential-harvesting pages on Amazon S3 and using Cloudflare Turnstile for legitimacy. The campaign employs the Logokit phishing kit to automate branding and targets banking, logistics, and charitable institutions globally, with ongoing operations using the C&C domain mettcoint[.]com. #HunCERT #Logokit #mettcoint
Cisco has issued urgent patches for a critical vulnerability (CVE-2025-20309) in Unified Communications Manager that allows root access via hard-coded credentials. Several advanced threat actors, including APT28 and MuddyWater, are likely to exploit this flaw on over a thousand exposed devices worldwide. #CVE-2025-20309 #UnifiedCommunicationsManager #APT28 #MuddyWater
A threat actor named _Sentap claimed to sell a 9GB dataset allegedly stolen from Schrödinger GmbH, exposing sensitive company information. The leak includes data spanning seven years and involves high-profile clients like Merck KGaA. #SchrödingerDataBreach #CyberThreat…
This weekly cybersecurity news roundup highlights recent high-profile attacks, vulnerabilities, and legal developments affecting the global security landscape. Notable stories include cartel hacking crimes, a critical Linux sudo flaw, and international sanctions on malware infrastructure. #ElChapo #Crylock #LinuxVulnerability…
A data breach at Tenacious Marketing USA has led to the sale of over 414,000 user records containing personal and sensitive information. The exposed data includes PII such as names, addresses, and accident details, posing significant risks for identity theft and targeted attacks. #DarkWebForum #DataBreach…
![Cybersecurity News | Daily Recap [03 Jul 2025]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [03 Jul 2025]")
This cybersecurity recap highlights recent ransomware incidents, data breaches affecting millions, and the emergence of North Korean malware targeting macOS and crypto sectors. It also underscores ongoing geopolitical cyber cooperation and critical vulnerabilities in enterprise software, emphasizing the importance of timely patching and global collaboration. #HuntersInternational #KellyBenefits #Qantas #NimDoor #ITArmyOfRussia #Forminator #TeleMessage #CyberDome
Resecurity uncovered a major leak involving a notorious underground data broker, “888,” who published sensitive personal data stolen from CIEE, a Brazilian organization. The breach was caused by a misconfigured Google Cloud Storage bucket, exposing over 364,000 files containing PII, medical records, and media. #UndergroundDataBroker #CIEEBreach…
A ransomware attack on Gloucester County in Virginia led to the theft of sensitive data from over 3,500 government employees, including Social Security and bank details. The BlackSuit gang claimed responsibility for the breach, which is part of a broader pattern of cyber assaults on U.S. local governments. #BlackSuit #GloucesterCounty…
A threat actor named “data block” claimed to have stolen and is selling over 16 terabytes of data from doValue S.p.A. and its subsidiaries. The breach involves compromised Active Directory database and file servers, risking sensitive financial and organizational information. #doValue #DataTheft…
IdeaLab experienced a significant data breach in October 2024, with hackers claiming responsibility and leaking data on the dark web. The incident involved the theft of sensitive information from employees and contractors, linked to the Hunters International ransomware group. #HuntersInternational #IdeaLab #darkweb
The logistics industry is increasingly adopting AI and automation to enhance efficiency, but this growth also introduces significant cybersecurity risks, including API vulnerabilities and IoT device compromises. Experts emphasize integrating security into automation processes and adopting region-specific strategies to protect sensitive data and ensure business continuity. #Maersk #BlueYonder…