DraftKings has experienced a credential stuffing attack resulting in unauthorized account access for some customers, exposing personal data. The company is implementing security measures like password resets and multi-factor authentication to protect users. #CredentialStuffing #DraftKings
Tag: DARK WEB
Scattered Spider has evolved from public hacks to a professionalized cybercrime network focusing on insider access and data brokerage targeting major companies like Microsoft and Apple. Their shift includes profit-sharing schemes with insiders and extortion based on stolen data, highlighting a strategic move in cyber threat operations. #ScatteredSpider #LAPSUS #insiderthreat #RaaS…
The Akira ransomware group has claimed responsibility for breaching multiple companies and posting their data on the dark web. The stolen data includes sensitive financial, personal, and corporate information, posing significant risks to the affected organizations. #AkiraRansomware #DataLeak…
The KillSec ransomware group claims to have successfully breached Vanan Online Services, exposing sensitive customer data. The leaked files include passports, legal documents, and financial information, indicating a significant data compromise. #VananOnlineServices #KillSec #DataBreach #PII #Ransomware…
The Sinobi ransomware group has claimed to breach multiple US organizations, encrypting and stealing sensitive data. They have publicly posted details of their victims, including law firms and manufacturing companies. #SinobiRansomware #DarkWebLeaks…
Attackers increasingly conduct “malware-less” database ransomware by exploiting exposed or misconfigured Internet-facing databases, using legitimate database commands to steal, delete, or lock data and leave ransom notes without deploying malicious binaries. These campaigns target services like MongoDB, PostgreSQL, MySQL, Redis, and Elasticsearch and often automate scanning, credential testing, data exfiltration, and destructive commands; defenders should restrict exposure, enforce strong authentication/MFA, and maintain isolated backups. #MongoDB #PostgreSQL
A threat actor named ByteToBreach is allegedly selling sensitive data linked to Gujarat Bank. The leak includes unredacted personally identifiable information and emails exchanged with major institutions. #ByteToBreach #GujaratBankDataLeak…
Threat actor KaruHunters is allegedly offering unauthorized access to the UU Slots gambling website, a UK-based online casino platform. They are selling this access for $500, with proof-of-access provided in their sales post. #KaruHunters #UUSlots #onlinecasino #cyberthreat…
A threat actor claims to have hacked PT Surveyor Indonesia and is selling over 50,000 records of sensitive client and company data. The breach includes personal details, contact information, and internal identifiers, posing significant privacy risks. #PTSurveyorIndonesia #DataBreach #DarkWebForum…
The Scattered LAPSUS$ Hunters group has claimed responsibility for several high-profile data breaches, including Red Hat, S&P Global, and the Credit Institute of Vietnam. These attacks involved large-scale exfiltration of sensitive corporate and personal data, with the threat actor setting a ransom deadline for October 10, 2025. #LAPSUS$Hunters #RedHatDataBreach #S&PGlobalHack #VietnamCIC…
A recent report reveals that the cybercriminal alliance “Trinity of Chaos” has evolved into a ransomware group targeting major global corporations, including Google, Cisco, and airlines. They have published a massive leak of sensitive data, highlighting the ongoing threat of sophisticated data extortion campaigns. #Lapsus$ #ScatteredSpider #ShinyHunters…
Scattered Lapsus$ Hunters — an alliance of Scattered Spider, LAPSUS$, and ShinyHunters — carried out coordinated social‑engineering intrusions into Salesforce environments of numerous major companies in mid‑2025, stealing data from at least 91 organizations without exploiting Salesforce vulnerabilities. The group scaled vishing and OAuth abuse (often via trojanized Data Loader apps and credential‑theft malware), leaked extortion demands on Telegram, and targeted high‑value sectors including technology, luxury retail, aviation, and insurance. #ScatteredSpider #ShinyHunters
Oracle investigates a data breach linked to the Clop ransomware gang that involves stolen information from its E-Business Suite. Customers are being extorted through emails demanding payments or threatening to release or sell their data on the dark web. #Clop #OracleEBusinessSuite…
The Scattered LAPSUS$ Hunters threat group has launched a new dark web data leak site, aiming to extort companies by releasing breached data. Their targets include major corporations like Salesforce, Toyota, Disney, and Google, with threats of releasing sensitive information if ransoms are not paid by October 10. #LAPSUS$ #ScatteredSpider #Salesforce…
A threat actor claims to have breached Kiple, a Malaysian digital payment solutions provider, and leaked its source code, affecting various internal and external systems. This incident highlights significant risks to financial technology companies and their sensitive project assets. #Kiple #DigitalPayments #SourceCodeLeak #ThreatActor…