Tag: cybercrime
-
Leak Bazaar Converts Stolen Corporate Data Into Organized Criminal Marketplace
A new cybercriminal service called “Leak Bazaar” has surfaced on the Russian-speaking TierOne forum, advertised on March 25, 2026, by a user known as Snow of SnowTeam. Unlike traditional data leak sites, Leak Bazaar introduces a more structured approach to monetizing stolen corporate data, focusing on processing and refining information rather than simply publishing it.…
-
Russia detains alleged admin of LeakBase cybercrime forum weeks after global crackdown
Russian authorities have detained a suspected administrator of LeakBase, a major online marketplace for stolen data, weeks after U.S. and European law enforcement agencies carried out a global crackdown on the platform. First seen on therecord.media Jump to article: therecord.media/leakbase-russia-admin-arrest-cyber
-
Russia arrests suspected owner of LeakBase cybercrime forum
Russian police arrested a Taganrog resident believed to be the owner of LeakBase, a major online forum used by cybercriminals to buy and sell stolen data and hacking tools. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russia-arrests-suspected-owner-and-admin-of-leakbase-cybercrime-forum/
-
Silver Fox Tax Audit Phishing Campaign Shifts from RATs to Python Stealers
Tags: apt, backdoor, china, cyber, cybercrime, exploit, group, intelligence, monitoring, phishing, rat, threat, vulnerabilityThreat intelligence teams have tracked Silver Fox (also known as Void Arachne), a China-based intrusion set that sits at the intersection of financially motivated cybercrime and APT-style espionage. Originally associated with large-scale, profit-driven campaigns, the group has steadily adopted more advanced tradecraft, including modular backdoors, rootkits, and the exploitation of vulnerable drivers. TDR’s monitoring between…
-
Russian authorities arrest alleged LeakBase admin behind stolen data marketplace
Russian authorities arrested the alleged LeakBase admin for running a marketplace selling stolen data since 2021. Russian law enforcement has arrested the suspected administrator of LeakBase, a cybercrime forum used to trade stolen personal data. The suspect, from Taganrog, is accused of running the platform since 2021. During a search of his home, authorities seized…
-
LeakBase Forum Admin Arrested by Russian Authorities in Global Cybercrime Operation
Russian law enforcement agencies have successfully apprehended the suspected administrator of LeakBase, a prominent international cybercrime forum. The arrest, executed by officers from the Russian Ministry of Internal Affairs (MVD) alongside regional security services in Rostov, marks a significant disruption to the global underground trade of stolen data. The suspect, a resident of Taganrog, is…
-
Cybercrime Disruption Demands Global Trust and Coordination
UK Cyber Official Paul Foster on Cross-Border Takedowns, New Disruption Playbook. Dismantling cybercrime groups requires more than technical capability. It demands trust, coordinated strategy and cross-border collaboration, says Paul Foster, head of the National Cyber Crime Unit at the U.K.’s National Crime Agency. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cybercrime-disruption-demands-global-trust-coordination-a-31172
-
LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace
The alleged administrator of the LeakBase cybercrime forum has been arrested by Russian law enforcement authorities, state media reported Thursday.According to TASS and MVD Media, a news website linked to the Russian Interior Ministry, the suspect is a resident of the city of Taganrog. The suspect is said to have been detained for creating and…
-
Russia arrests alleged owner of cybercrime forum LeakBase, report says
Russian state-owned media reported that police in Russia arrested the administrator of LeakBase, a large hacking forum. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/25/russia-arrests-alleged-owner-of-cybercrime-forum-leakbase-report-says/
-
Russia arrests alleged owner of cybercrime forum LeakBase, report says
Russian state-owned media reported that police in Russia arrested the administrator of LeakBase, a large hacking forum. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/25/russia-arrests-alleged-owner-of-cybercrime-forum-leakbase-report-says/
-
Russian botnet operator linked to major ransomware attacks sentenced in US
Ilya Angelov, 40, of Tolyatti, Russia, pleaded guilty to managing a botnet that other cybercriminals used to break into corporate systems and deploy ransomware. First seen on therecord.media Jump to article: therecord.media/russian-botnet-operator-sentenced-ransomware
-
Browser entwickeln sich zum Hauptziel der Cyberkriminalität
Tags: cybercrimeEine neue Studie von Omdia zeigt, dass browserbasierte Bedrohungen mittlerweile einen wachsenden Anteil der Vorfälle ausmachen. Dies beeinflusst IT-Budgets und und Sicherheitsprioritäten im Zeitalter von KI. Parallels gab die Ergebnisse einer neuen Studie von Omdia über Browser-Management und Sicherheit bekannt, die teilweise von Parallels gesponsert wurde. Der daraus resultierende Bericht ‘Browser Management and Security: Emerging…
-
Paid AI Accounts Are Now a Hot Underground Commodity
AI accounts are becoming part of the cybercrime supply chain, sold like email accounts or VPS access. Flare Systems shows how underground markets bundle and resell premium AI access at scale. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/paid-ai-accounts-are-now-a-hot-underground-commodity/
-
KI-gestützte Malware ist fester Bestandteil im Werkzeugkasten von Cyberkriminellen
KI verändert aktuell nicht nur die Qualität von Malware, sondern auch ihre Verfügbarkeit: Neue Analysen von Arctic Wolf zeigen, dass sich KI-gestützte Malware von einem Experiment zu einem festen Bestandteil im Werkzeugkasten von Angreifern entwickelt hat und dass dadurch die Hürde für Cyberkriminalität deutlich sinkt. Im Fokus steht dabei ein struktureller Wandel: Angreifer nutzen KI,…
-
LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks
A slew of supply chain attacks against popular open source tools and packages appears to have been orchestrated by TeamPCP, a cybercriminal group that rose to prominence in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/25/teampcp-supply-chain-attacks/
-
LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks
A slew of supply chain attacks against popular open source tools and packages appears to have been orchestrated by TeamPCP, a cybercriminal group that rose to prominence in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/25/teampcp-supply-chain-attacks/
-
Mirai Botnets Evolve Into Major DDoS and Proxy Abuse Threats
Mirai-based botnets have evolved from simple IoT malware into large-scale DDoS and proxy abuse platforms that now underpin record-breaking attacks and stealthy cybercrime operations. In total, over 21,000 C2 servers were observed between July and December 2025, with a notable shift towards abusing bots as residential proxies in addition to classic DDoS use. This growth…
-
Russian Hacker Sentenced to 2 Years for TA551 Botnet-Driven Ransomware Attacks
The U.S. Department of Justice (DoJ) said a Russian national has been sentenced to two years in prison for managing a botnet that was used to launch ransomware attacks against U.S. companies.Ilya Angelov, 40, of Tolyatti, Russia, was also fined $100,000. Angelov, who went by the online aliases “milan” and “okart,” is said to have…
-
Cybercrime group Lapsus$ claims the hack of pharma giant AstraZeneca
Cybercrime group Lapsus$ claims it hacked AstraZeneca, stealing 3GB of data including credentials, code, and employee information. The Lapsus$ group claims it breached AstraZeneca, stealing about 3GB of sensitive data. The alleged leak includes credentials, tokens, internal code repositories (Java, Angular, Python), and employee information, though the company has not yet confirmed the breach. Even…
-
Russian access broker sentenced to over 6 years in prison for ransomware schemes
A federal court in Indiana sentenced a Russian cybercriminal to 81 months in prison on charges related to his role as an initial access broker for ransomware groups. Aleksei Volkov, 26, of St. Petersburg, Russia, pleaded guilty in November 2025 to six federal charges stemming from his work with the Yanluowang ransomware group and other…
-
Russian access broker sentenced to over 6 years in prison for ransomware schemes
A federal court in Indiana sentenced a Russian cybercriminal to 81 months in prison on charges related to his role as an initial access broker for ransomware groups. Aleksei Volkov, 26, of St. Petersburg, Russia, pleaded guilty in November 2025 to six federal charges stemming from his work with the Yanluowang ransomware group and other…
-
TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials
Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor known as TeamPCP, the cloud-native cybercriminal operation also behind the Trivy supply chain attack.The workflows, both maintained by the supply chain security company Checkmarx, are listed below -checkmarx/ast-github-actioncheckmarx/kics-github-actionCloud security First seen on thehackernews.com Jump to article:…
-
Russian Initial Access Broker Handed 81-Month Sentence
Russian cybercriminal Aleksei Volkov has received close to seven years behind bars for role in Yanluowang ransomware First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russian-initial-access-broker/
-
Russian Access Broker Jailed for Facilitating Ransomware Attacks Targeting U.S. Companies
A United States federal court has sentenced Aleksei Volkov, a 26-year-old Russian national, to 81 months in prison for operating as an initial access broker. Volkov played a critical part in enabling major cybercrime syndicates, including the Yanluowang ransomware group, to breach corporate networks across the country. His illicit activities resulted in more than $9…
-
Why CISOs should embrace AI honeypots
Tags: access, ai, api, attack, breach, business, ciso, credentials, cyberattack, cybercrime, cybersecurity, data, defense, detection, exploit, hacker, LLM, mitigation, open-source, RedTeam, risk, service, threat, tool, vulnerabilityWhy CISOs should consider honeypots: Another player in the AI honeypot space is Deutsche Telekom (DT). The firm is both a user and purveyor of AI-powered honeypots through its free, open-source platform ‘T-Pot.’ The most obvious advantage to their use, explains Marco Ochse, DT’s lead for threat analytics and mitigation, lies in how little these…
-
U.S. Sentences Russian Hacker to 6.75 Years for Role in $9M Ransomware Damage
A 26-year-old Russian citizen has been sentenced in the U.S. to 6.75 years (81 months) in prison for his role in assisting major cybercrime groups, including the Yanluowang ransomware crew, in conducting numerous attacks against U.S. companies and other organizations.According to the U.S. Department of Justice (DoJ), Aleksei Olegovich Volkov facilitated dozens of ransomware attacks…
-
Absurde Geschichten aus der Cybercrime Welt
Cyberkriminalität ist in der Regel ernst finanzielle Schäden, Reputationsverluste und Betriebsunterbrechungen sind reale Risiken. Doch Sophos ist in den letzten Jahren auch auf die kuriosesten und bizarrsten Cybercrime-Vorfälle gestoßen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/geschichten-cybercrime
-
Someone has publicly leaked an exploit kit that can hack millions of iPhones
Leaked “DarkSword” exploits published to GitHub allow hackers and cybercriminals to target iPhone users running old versions of iOS with spyware, according to cybersecurity researchers. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/23/someone-has-publicly-leaked-an-exploit-kit-that-can-hack-millions-of-iphones/
-
Pro-Iranian Nasir Security is targeting energy companies in the Gulf
Resecurity tracks Iran-linked Nasir Security targeting Middle East energy firms amid ongoing regional cyber and military threats. Resecurity (USA) is tracking a relatively new cybercriminal group called Nasir Security, presumably associated with Iran, that is targeting energy organizations in the Middle East. The energy sector is one of the most impacted areas because of the…