The INC Ransom group has claimed a breach of NAFFCO, a major firefighting equipment manufacturer based in Dubai, by leaking 1TB of sensitive data on their dark web site. This attack underscores the group’s focus on targeting industrial and manufacturing sectors in 2025. #NAFFCO #INC Ransom #darkweb…
Tag: DARK WEB
The Qilin ransomware group has claimed to breach two organizations, IGT and Marine Foods Express LTD, and published their data on the dark web. These incidents highlight ongoing threats to the gaming and food distribution sectors. #QilinRansomware #IGT #MarineFoodsExpress…
Recent reports suggest that RevolutionParts’ data may have been sold on the dark web, raising concerns about data security. The leaked information potentially includes personally identifiable information (PII), highlighting ongoing cyber threats targeting e-commerce platforms. #RevolutionParts #DarkWeb #PII #DataLeak #CyberThreats…
A nationwide hacking operation in India compromised over 50,000 CCTV systems, including hospital, residential, and commercial feeds, exposing sensitive footage. This case highlights critical vulnerabilities in surveillance security protocols and raises concerns about privacy, especially for women. #GujaratHacking #CCTVBreach…
Cybercrime has evolved into a subscription-based economy where services like phishing, OTP bots, infostealer data feeds, initial access, and advanced malware are rented on pay-as-you-go models, lowering the barrier to entry for low-skill attackers. Notable named services and tools in the article include SpamGPT, MatrixPDF, Atroposia, and Telegram-based OTP bots. #SpamGPT…
Sarcoma is a fast-emerging ransomware group (late 2024) that combines data theft with encryption and aggressive double-extortion tactics, targeting mid-market and larger organizations—especially in manufacturing, technology and construction—primarily in the United States, Italy and Canada. The group operates a controlled RaaS-style model, targets Windows, Linux and ESXi environments, and uses techniques including credential theft, zero-day exploits, anti-recovery steps and public leak pressure. #Sarcoma #ChaCha20
The Medusa Ransomware group has claimed responsibility for hacking multiple organizations worldwide, threatening to leak sensitive data unless their demands are met. The affected firms span various sectors, including legal, construction, interior design, and distribution. #MedusaRansomware #DarkWebLeaks #CyberThreats…
The Rhysida ransomware group has claimed to breach the accounting firm Smoll & Banning, exposing sensitive client and internal data. They are demanding 3 BTC to stop the sale of stolen information within a week. #Rhysida #SmollAndBanning #DataLeak…
The Everest ransomware gang claims to have stolen 343 GB of sensitive data from Under Armour, including customer, employee, and product information. This breach could put millions of users’ personal and business data at risk, prompting security warnings for affected customers. #EverestRansomware #UnderArmourDataLeak…
The intrusion began with valid Remote Desktop Protocol (RDP) logons using compromised credentials and progressed through rapid lateral movement, domain account creation, discovery with SoftPerfect NetScan and NetExec, data collection and exfiltration to temp.sh, and culminated in deletion of backups and deployment of Lynx ransomware across backup and file servers. The activity used paid/licensed tooling and bulletproof-hosted infrastructure (Railnet/Virtualine) with a Time to Ransomware of ~178 hours. #Lynx #temp.sh
The Pennsylvania Office of the Attorney General experienced a significant ransomware attack in August 2025, resulting in the theft of sensitive personal and medical data. The INC Ransom gang claimed responsibility, highlighting ongoing threats to government agencies from ransomware-as-a-service operations. #INC Ransom #Citrix Bleed2
Logitech International confirmed a data breach involving the exfiltration of some employee and customer data, linked to a zero-day vulnerability exploited by the CL0P ransomware group. The company has emphasized that its products and operations remain unaffected and that cybersecurity insurance will cover related costs. #CL0P #OracleEBSVulnerability…
The NightSpire ransomware group claims to have compromised Indian electrical control systems manufacturer Lotus Powergear Pvt. Ltd., exfiltrating 43GB of sensitive data. The group threatens to release the stolen information unless their demands are met by November 18, 2025. #NightSpire #LotusPowergear #DataLeak #Bangalore #Ransomware…
Fortinet warns of a critical vulnerability in FortiWeb (CVE-2025-64446) that attackers are actively exploiting to gain remote administrative access. Cybersecurity agencies and firms urge immediate patching to prevent widespread compromise. #FortiWeb #CVE202564446…
The Washington Post confirmed it was breached through a cyberattack exploiting Oracle E-Business Suite vulnerability CVE-2025-61884, affecting nearly 10,000 individuals. The CL0P ransomware group has claimed over 40 victims in a broader campaign targeting Oracle E-Business Suite vulnerabilities. #CVE-2025-61884 #CL0P #OracleEBS #DataBreach…