Tag: marketplace
-
Insurance carriers quietly back away from covering AI outputs
Coverage in flux: Phil Karecki, CTO for the insurance sector at managed services provider Ensono, also sees some carriers backing away from covering AI outputs, although he’s not sure whether it’s a major trend. Insurance carriers continuously experiment with how to provide coverage, he notes.Carriers have tried to separate tightly governed AI deployments from more…
-
The Dark Web Explained with John Hammond
The dark web is often misunderstood, but it plays an important role in both privacy technology and cybercrime activity. In this episode, Tom Eston speaks with cybersecurity researcher and educator John Hammond about what the dark web actually is and how it has evolved in recent years. The discussion covers underground marketplaces, ransomware leak sites,……
-
FBI Atlanta and Indonesian National Police Take Down W3LLSTORE Phishing Marketplace
FBI Atlanta and Indonesian National Police dismantle W3LLSTORE phishing market linked to $20M fraud, seizing domains and detaining developer. First seen on hackread.com Jump to article: hackread.com/fbi-atlanta-indonesian-police-w3llstore-phishing-market/
-
6 ways attackers abuse AI services to hack your business
Tags: ai, api, attack, backdoor, breach, business, ceo, china, control, cve, cyber, cybercrime, cybersecurity, data, email, espionage, exploit, framework, group, hacking, injection, leak, LLM, malicious, malware, marketplace, microsoft, monitoring, open-source, openai, service, skills, software, startup, supply-chain, threat, tool, vulnerabilityAbusing AI platforms as covert C2 channels: Cybercriminals are also abusing AI platforms as covert command-and-control (C2) channels by turning AI services into proxies that hide malicious traffic inside the flow of legitimate content.Instead of running a dedicated C2 server, malware is programmed to fetch commands and exfiltrate data through AI services, circumventing traditional security…
-
48 Hours: The Window Between Infostealer Infection and Dark Web Sale
New research maps the full infostealer lifecycle. Your credentials go from an employee’s device to an underground marketplace in less time than it takes your security team to notice anything is wrong. On March 24, 2026, researchers at Whiteintel’s Intelligence Division published a detailed map of the full infostealer lifecycle, tracing the exact sequence from……
-
Cambodia extradites alleged cyber scam linchpin to China as crackdown intensifies
Li Xiong was the head of Huione Group, whose branded entities at one time included an online banking arm, cryptocurrency exchange and online marketplace which has been referred to as an “Amazon for criminals.” First seen on therecord.media Jump to article: therecord.media/cambodia-extradites-alleged-cyber-scam-linchpin-to-china
-
CultureAI Launches on Microsoft Marketplace to Accelerate Secure AI Adoption
This week, CultureAI has announced the availability of its platform on Microsoft Marketplace, marking a step aimed at simplifying how organisations discover, deploy and manage AI usage controls. Microsoft Marketplace, a unified storefront combining Azure Marketplace and AppSource, enables organisations to find, purchase and deploy thousands of cloud and AI solutions within their existing Microsoft…
-
How we made Trail of Bits AI-native (so far)
Tags: access, ai, application-security, attack, automation, blockchain, business, ceo, chatgpt, computer, computing, conference, control, data, email, germany, government, identity, injection, jobs, macOS, marketplace, nvidia, open-source, risk, service, skills, strategy, supply-chain, technology, threat, tool, vulnerabilityThis post is adapted from a talk I gave at [un]prompted, the AI security practitioner conference. Thanks to Gadi Evron for inviting me to speak. You can watch the recorded presentation below or download the slides. Most companies hand out ChatGPT licenses and wait for the productivity numbers to move. We built a system instead.…
-
Open VSX Scanner Vulnerability Lets Malicious Extensions Go Live
Open VSX, the extension marketplace used by VS Code forks such as Cursor and Windsurf, recently fixed a critical vulnerability in its newly introduced pre-publish scanning pipeline that could allow malicious extensions to bypass security checks and go live undetected. The issue, dubbed “Open Sesame,” stemmed from a fail-open condition in the scanning workflow. While…
-
UK Cracks Down on Chinese Crypto Marketplace for Funding Southeast Asia Scam Hubs
The UK government has sanctioned Xinbi, described as “the second-largest illicit online marketplace ever” First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/uk-sanction-chinese-crypto/
-
UK sanctions Xinbi marketplace linked to Asian scam centers
The United Kingdom’s Foreign, Commonwealth and Development Office (FCDO) has sanctioned Xinbi, a Chinese-language cryptocurrency-based online marketplace that sells stolen data and satellite internet equipment to scam networks in Southeast Asia. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/uk-sanctions-xinbi-marketplace-linked-to-asian-scam-centers/
-
A $20 Billion Crypto Scam Market Faces a New Government Crackdown
The Telegram-based Xinbi Guarantee black market sells services that help prop up scam operations. British officials just hit the highly lucrative marketplace with sweeping sanctions. First seen on wired.com Jump to article: www.wired.com/story/20-billion-xinbi-guarantee-uk-sanctions/
-
Leak Bazaar Converts Stolen Corporate Data Into Organized Criminal Marketplace
A new cybercriminal service called “Leak Bazaar” has surfaced on the Russian-speaking TierOne forum, advertised on March 25, 2026, by a user known as Snow of SnowTeam. Unlike traditional data leak sites, Leak Bazaar introduces a more structured approach to monetizing stolen corporate data, focusing on processing and refining information rather than simply publishing it.…
-
Russia detains alleged admin of LeakBase cybercrime forum weeks after global crackdown
Russian authorities have detained a suspected administrator of LeakBase, a major online marketplace for stolen data, weeks after U.S. and European law enforcement agencies carried out a global crackdown on the platform. First seen on therecord.media Jump to article: therecord.media/leakbase-russia-admin-arrest-cyber
-
UK sanctions Chinese crypto marketplace tied to scam compounds
The British government sanctioned Xinbi, a Chinese-language cryptocurrency marketplace accused of enabling large-scale online fraud and human exploitation, in a move targeting the financial infrastructure behind global scam networks. First seen on therecord.media Jump to article: therecord.media/xinbi-crypto-marketplace-sanctioned
-
Russian authorities arrest alleged LeakBase admin behind stolen data marketplace
Russian authorities arrested the alleged LeakBase admin for running a marketplace selling stolen data since 2021. Russian law enforcement has arrested the suspected administrator of LeakBase, a cybercrime forum used to trade stolen personal data. The suspect, from Taganrog, is accused of running the platform since 2021. During a search of his home, authorities seized…
-
An Evolving GlassWorm Malware is Making the Rounds of Code Repositories
Threat researchers with various vendors for the past year have been tracking the efforts of a bad actor dubbed GlassWorm known for dropping malicious extensions in code registries like npm, Open VSX, PyPI, and Microsoft’s Visual Studio Marketplace with the aim of stealing secrets and cryptocurrency. This month, threat researchers wrote about a resurgence in..…
-
LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace
The alleged administrator of the LeakBase cybercrime forum has been arrested by Russian law enforcement authorities, state media reported Thursday.According to TASS and MVD Media, a news website linked to the Russian Interior Ministry, the suspect is a resident of the city of Taganrog. The suspect is said to have been detained for creating and…
-
Try our new dimensional analysis Claude plugin
We’re releasing a new Claude plugin for developing and auditing code that implements dimensional analysis, a technique we explored in our most recent blog post. Most LLM-based security skills ask the model to find bugs. Our new dimensional-analysis plugin for Claude Code takes a different approach: it uses the LLM to annotate your codebase with…
-
New Study Reveals How Infostealer Infections Lead to Dark Web Exposure in Just 48 Hours
New research is shedding light on how infostealer malware turns a single careless click into full-blown credential exposure on dark web marketplaces in less than 48 hours far faster than traditional breach detection timelines. Unlike database breaches that take weeks or months to uncover, infostealer infections move at machine speed. A typical scenario begins when…
-
SOCRadar Launches AI Agent Marketplace and Identity Intelligence at RSAC 2026
SOCRadar launched its AI Agent Marketplace at RSA Conference 2026, introducing a modular hub where organizations can browse, purchase, and deploy specialized autonomous AI agents within the SOCRadar Extended Threat Intelligence Platform. The release also adds Identity and Access Intelligence capabilities designed to address what the company describes as identity >>blind spots<< across third-party SaaS..…
-
Enzoic Expands Protection Against Dark Web Credential Exposure
Credentials exposed in breach data can create risk long after the original incident. Once those passwords circulate through underground marketplaces, they can be reused to target enterprise systems and customer accounts. According to the Verizon Data Breach Investigations Report, stolen credentials play a major role in web application breaches. Attackers frequently automate credential stuffing and……
-
TDL – Defense Before Offense: Leadership, Risk, and the Cost of Bad Decisions – Steven Elliott
From the Battlefield to the Boardroom: Lessons in Defense In the latest episode of The Defender’s Log, host David Redekop sits down with Steven Elliott, CFO of Adam Networks, to explore the surprising parallels between military operations, financial management, and cybersecurity. A Journey of Unpredictable Paths Elliott’s background is anything but linear. From a small…
-
LeakBase marketplace unplugged by cops in 14 countries
Tags: banking, breach, credentials, cybercrime, data, germany, infrastructure, international, Internet, law, marketplace, phishing, service, theftGlobal effort: Thanks to international co-operation, a number of criminal marketplaces have been seized in recent years, including BreachForums and RaidForums.Law enforcement agencies involved in various ways in this week’s takedown came from Australia, Belgium, Canada, Germany, Greece, Kosovo, Malaysia, Netherlands, Poland, Portugal, Romania, Spain, the United Kingdom and the US.News of the seizure comes…
-
Neue Wege für Sicherheitsteams: Armis startet digitalen Marketplace
Tags: marketplaceAnstatt lange zu recherchieren oder Lösungen erst mühsam zu testen, können Teams im Marketplace direkt prüfen, wie eine Lösung mit den eigenen Systemen und Assets zusammenarbeitet und in Rekordzeit von der Evaluierung zur Implementierung übergehen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/neue-wege-fuer-sicherheitsteams-armis-startet-digitalen-marketplace/a43961/
-
Top 10 Best Cybersecurity Marketing Agencies to Watch in 2026
Tags: ciso, cyber, cybersecurity, dark-web, marketplace, monitoring, privacy, software, threat, tool, zero-trustAs the digital threat landscape continues to evolve rapidly, the marketplace for security solutions has become fiercely congested. For B2B vendors, whether you are selling enterprise Zero Trust architecture, dark web monitoring tools, or consumer-grade privacy software, standing out requires more than just a superior technical product. You need to capture the attention of CISOs,…
-
Authorities from 14 countries shut down major cybercrime forum LeakBase
The marketplace was one of the world’s largest hubs for cybercrime with more than 142,000 members. Officials identified and arrested multiple suspects after seizing the site’s database. First seen on cyberscoop.com Jump to article: cyberscoop.com/leakbase-cybercrime-forum-seized/
-
Hackers Exploit Telegram for Initial Access to Corporate VPN, RDP, and Cloud Systems
Tags: access, cloud, corporate, credentials, cyber, data-breach, exploit, hacker, marketplace, network, ransomware, vpnHackers are increasingly abusing Telegram as an initial access marketplace, turning stealer logs and leaked credentials into direct entry points for corporate VPN, RDP, and cloud environments. The platform now acts as a high-speed bridge between compromised credentials and full network compromise, supporting ransomware operators, Initial Access Brokers (IABs), and hacktivist collectives. Telegram hosts popular…