The U.S. Justice Department has sentenced the co-founders of Samourai Wallet for laundering over $237 million using the platform’s cryptocurrency-mixing features. The case highlights how criminal actors exploited the platform to mask funds involved in drug trafficking, darknet operations, and various illegal activities. #SamouraiWallet #CryptocurrencyMixing…
Tag: DARK WEB
OSINT converts publicly available data into security insights to identify vulnerabilities and potential attack paths before attackers act. It emphasizes systematic collection, analysis, and interpretation of open information to uncover threats, adversaries, and techniques that could enable breaches.
Hashtags: #OSINT #WizTI…
There are reports of an alleged data breach involving Thailand’s National Telecom Public Company Limited, raising concerns about the security of sensitive national data. This incident highlights ongoing cybersecurity threats targeting government-related organizations in Southeast Asia. #ThailandNationalTelecom #DataBreach #CyberThreats…
A threat actor claims to have compromised the systems of Thailand’s National Telecom Public Company Limited (NT) and is selling the data on the dark web. The breach reportedly involves detailed customer and technical data of over a million records, including personal info and service details. #NTDataBreach #DarkWebSale…
A significant data breach at Italy’s FS Italiane Group and its IT services provider Almaviva led to the leak of 2.3 terabytes of sensitive information. The leaked data includes internal documents, contracts, and technical data, raising concerns about cybersecurity in critical infrastructure sectors. #Almaviva #FSItalianeGroup
The Gentlemen emerged around July 2025 as an advanced Ransomware-as-a-Service group using dual‑extortion to encrypt and exfiltrate data, publishing dozens of victims on a darknet leak site within months. Their cross‑platform lockers (Windows/Linux/ESXi), modular features (self‑restart, run‑on‑boot, WMI/PowerShell propagation), and affiliate support make them a rapidly evolving threat. #TheGentlemen #XChaCha20
Automated threat intelligence enables machine-speed detection, enrichment, and response to indicators of compromise, reducing mean time to detect and respond while freeing analysts from repetitive tasks. Recorded Future’s Intelligence Cloud delivers this capability through continuous data collection, ML-driven risk scoring, and integrations with SIEM, SOAR, and EDR to enable real-time defensive actions. #RecordedFuture #InsiktGroup
An alleged data breach involving the Ministry of Cooperatives of the Republic of Indonesia has raised concerns about the security of sensitive government information. The incident highlights potential vulnerabilities in government data management and confidentiality. #MinistryofCooperatives #IndonesiaDataBreach…
Cybersecurity experts have identified the Tsundere botnet, actively targeting Windows systems since mid-2025, with sophisticated mechanisms including WebSocket communication on the Ethereum blockchain. The malware spreads through fake MSI installers and PowerShell scripts, leveraging gaming-related lures and maintaining persistence via registry modifications. #TsundereBotnet #EthereumBlockchain…
Compromised VPN credentials are the leading initial access point for ransomware attacks, with nearly half of incidents involving VPN abuse. The report highlights the importance of multi-factor authentication (MFA) and dark web monitoring to prevent credential leaks and cyberattacks. #SonicWall #AkiraRansomware…
Acronis TRU tracked a global malvertising and SEO-driven campaign named “TamperedChef” that distributes digitally signed fake installers which persist via scheduled tasks and execute heavily obfuscated JavaScript backdoors with remote code execution and HTTPS-based C2. The operators use U.S.-registered shell companies to acquire and rotate code-signing certificates, short-lived domain registrations, and malvertising/SEO to hide infrastructure and quickly recover after takedowns. #TamperedChef #Obfuscator_io
Recent cybersecurity incidents reveal a rise in international espionage, targeted hacking campaigns, and vulnerabilities in widely used systems and devices. These stories highlight the ongoing efforts of governments, cybercriminals, and security researchers to adapt and respond to new online threats. #LinkedInEspionage #OracleVulnerability…
Cyble and BOCRA have signed an MoU to enhance Botswana’s cybersecurity defenses through advanced threat intelligence and capacity building initiatives. This collaboration aims to improve incident response, reduce cyber risks, and develop a skilled cybersecurity workforce in Botswana. #DarkWebMonitoring #BotswanaCybersecurity…
Kaspersky GReAT discovered the Tsundere botnet in mid-2025, a Node.js-based botnet that installs via MSI or PowerShell, uses npm components (ws, ethers, pm2) for persistence, and retrieves WebSocket C2 addresses from an Ethereum smart contract. The botnet is linked to prior October 2024 typosquatting npm supply-chain activity and to a Russian-speaking actor potentially known as “koneko”, with shared infrastructure tied to the 123 Stealer panel. #Tsundere #123Stealer
The Sinobi ransomware group has claimed to breach two organizations, Croft in the U.S. and Changepond in India, threatening to release sensitive data if demands are not met. The group employs double-extortion tactics, posting countdown timers on their dark web leak site. #SinobiRansomware #Croft #Changepond…