APT28 is a long-running, GRU-linked espionage group that prioritizes stealthy credential access, targeted phishing, and long-term intelligence collection across Europe, North America, and Ukraine. Recent reporting through 2025 highlights new tooling like the LAMEHUG AI-assisted malware and sustained credential/token harvesting campaigns against services such as UKR[.]net. #APT28 #LAMEHUG
Tag: DARK WEB
Ransomware and supply chain attacks reached record levels in 2025, with significant increases indicating increasing cyber threats for 2026. The rise in attack sophistication and new threat groups highlights the need for enhanced cybersecurity measures. #Qilin #SupplyChainAttacks…
A hacker group claiming to be TEAM DARK 07X has reportedly compromised Inter Partner Assistance Algeria, exposing sensitive internal systems and user data. The breach involves access to insurance documents, ID scans, and internal portals, raising concerns about data security in the insurance sector in Algeria. #TEAM DARK 07X #InterPartnerAssistanceAlgeria…
A database containing 1.4GB of patient and clinical data from Guangdong Medical University Affiliated Hospital was allegedly sold by the threat actor “aming”. This breach exposes sensitive medical information from a major hospital in China, with data spanning nearly seven months. #GuangdongMedicalUniversity #DataBreach…
MecMatica, an Italian industrial monitoring and automation company, has been targeted by the Sarcoma ransomware group, resulting in a data breach involving 74 GB of sensitive information. The leak includes company databases, customer lists, personal identification documents, and internal files. #Sarcoma #MecMatica…
A database leak involving Fascist Forge, a defunct neo-Nazi forum, has exposed over 2.3 million records from August 2023. The leaked data includes personal information, communications, and passwords, highlighting ongoing security risks for affected individuals and organizations. #FascistForge #NeoNazi #DataBreach #0BITS…
A threat actor named Solonik claims to have released a comprehensive database from Illinois-based Acuity Insurance, exposing over 9 million customer records. The compromised data includes detailed personal and demographic information used for malicious profiling and targeted scams. #AcuityInsurance #DataLeak…
A ransomware attack on Ingram Micro in July 2025 led to a significant data breach affecting over 42,000 individuals, including personal and employment information. The SafePay ransomware group claimed responsibility, exposing sensitive data and causing a major system outage. #SafePay #IngramMicro #DataBreach
A Jordanian national pleaded guilty in a US court for selling unauthorized access to over 50 enterprise networks on an underground forum. The individual used cryptocurrency for transactions and faces potential sentences up to 10 years in prison. #FerasKhalilAhmadAlbashiti #undergroundforum #enterpriseNetworkAccess…
A threat actor claims to have compromised Mastertech International Co., Ltd., a Thailand-based attendance system provider, and posted sensitive data on the dark web. The dataset includes personal details such as full names, national IDs, and user logs, raising concerns over data privacy and security breaches. #DarkWeb #DataLeakage…
Proactive threat hunting focuses on understanding attacker behaviors, patterns, and evidence left behind, rather than relying solely on reactive measures. The integration of AI and automation allows threat hunters to prioritize and respond to threats more effectively, emphasizing long-term defense strategies. #Log4Shell #MarathonCVEs…
The Canadian Investment Regulatory Organization (CIRO) experienced a data breach affecting approximately 750,000 investors, compromising personal financial information. Despite the incident, no evidence of misuse has been found, and affected individuals will receive free credit monitoring services. #CIRO #DataBreach #CanadaFinancialSecurity
Recurpay, an Indian e-commerce SaaS platform, was breached again by the threat actor “aiyewumi,” exposing sensitive order and payment data. The breach involves personal identifiable information, order details, and subscription statuses, highlighting ongoing security issues. #Recurpay #DataBreach…
A cybersecurity researcher exploited a cross-site scripting (XSS) vulnerability in the StealC malware control panel to observe attacker activity and gather intelligence. The flaw enabled session hijacking and operator profiling, potentially disrupting the malware’s operations. #StealC #XSSvulnerability
The Genesis group has claimed responsibility for breaching multiple organizations and leaking substantial amounts of sensitive data on their darknet site. The victims include a UK-based real estate firm and a US municipal organization, with data like financial records and personal information exfiltrated. #GenesisGroup #DarkWebLeaks…