Tag: marketplace
-
Owner of Incognito dark web drugs market gets 30 years in prison
A Taiwanese man was sentenced to 30 years in prison for operating Incognito Market, one of the world’s largest online narcotics marketplaces that sold over $105 million worth of illegal drugs to customers worldwide. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/taiwanese-man-gets-30-years-for-operating-dark-web-drug-market/
-
Abuse of OpenClaw AI Capabilities Enables Stealthy Malware Campaigns
Tags: ai, attack, automation, backdoor, cyber, malicious, malware, marketplace, skills, supply-chain, threatHundreds of malicious skills are distributed through OpenClaw’s marketplace, transforming the popular AI agent ecosystem into a new supply chain attack vector. Threat actors are weaponizing the platform’s extensibility features to deliver droppers, backdoors, and infostealers disguised as legitimate automation tools.”‹ OpenClaw Skills Become Malware Distribution Channel OpenClaw is a self-hosted AI agent that executes…
-
Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users
A security audit of 2,857 skills on ClawHub has found 341 malicious skills across multiple campaigns, according to new findings from Koi Security, exposing users to new supply chain risks.ClawHub is a marketplace designed to make it easy for OpenClaw users to find and install third-party skills. It’s an extension to the OpenClaw project, a…
-
Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users
A security audit of 2,857 skills on ClawHub has found 341 malicious skills across multiple campaigns, according to new findings from Koi Security, exposing users to new supply chain risks.ClawHub is a marketplace designed to make it easy for OpenClaw users to find and install third-party skills. It’s an extension to the OpenClaw project, a…
-
BreachForums Breach Exposes Names of 324K Cybercriminals, Upends the Threat Intel Game
The BreachForums marketplace has suffered a leak, exposing the identities of nearly 324,000 cybercriminals. This incident highlights a critical shift in cyberattacks, creating opportunities for law enforcement while demonstrating the risks associated with breaches in the cybercriminal ecosystem. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/breachforums-breach-exposes-names-of-324k-cybercriminals-upends-the-threat-intel-game/
-
Empire Market co-founder faces 10 years to life after guilty plea
Empire Market co-founder Raheim Hamilton pleaded guilty to U.S. drug conspiracy charges in Chicago, facing a mandatory 10 years to life in prison. Raheim Hamilton (30) of Virginia, co-creator of the dark web marketplace Empire Market, pleaded guilty in Chicago to a federal drug conspiracy charge. Empire Market allowed users to anonymously buy and sell…
-
Feds get second guilty plea in takedown of dark web Empire Market
Both men charged with co-creating the dark web marketplace Empire Market have now pleaded guilty to federal drug conspiracy charges, closing the book on one of the major cybercrime cases of the early 2020s. First seen on therecord.media Jump to article: therecord.media/feds-second-guilty-plea
-
Crooks are hijacking and reselling AI infrastructure: Report
Tags: access, ai, api, attack, authentication, business, cloud, communications, control, credentials, cybersecurity, data, data-breach, endpoint, exploit, firewall, group, infosec, infrastructure, intelligence, Internet, LLM, malicious, marketplace, risk, service, skills, technology, theft, threat, training, vulnerabilityexposed endpoints on default ports of common LLM inference services;unauthenticated API access without proper access controls;development/staging environments with public IP addresses;MCP servers connecting LLMs to file systems, databases and internal APIs.Common misconfigurations leveraged by these threat actors include:Ollama running on port 11434 without authentication;OpenAI-compatible APIs on port 8000 exposed to the internet;MCP servers accessible without…
-
Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware
Cybersecurity researchers have flagged a new malicious Microsoft Visual Studio Code (VS Code) extension for Moltbot (formerly Clawdbot) on the official Extension Marketplace that claims to be a free artificial intelligence (AI) coding assistant, but stealthily drops a malicious payload on compromised hosts.The extension, named “ClawdBot Agent – AI Coding Assistant” (“clawdbot.clawdbot-agent”) First seen on…
-
Empire cybercrime market owner pleads guilty to drug conspiracy
A Virginia man who co-created Empire Market, one of the largest dark web marketplaces at the time, pleaded guilty to federal drug conspiracy charges for facilitating $430 million in illegal transactions from 2018 to 2020. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/empire-cybercrime-market-owner-pleads-guilty-to-drug-conspiracy/
-
Slovakian man pleads guilty to operating darknet marketplace
A Slovakian national admitted on Tuesday to helping operate a darknet marketplace that sold narcotics, cybercrime tools and services, fake government IDs, and stolen personal information for more than two years. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/slovakian-man-pleads-guilty-to-operating-kingdown-market-cybercrime-marketplace/
-
Researchers Uncover “Haxor” SEO Poisoning Marketplace
Tags: marketplaceFortra researchers have discovered a new SEO poisoning operation known as “HaxorSEO” First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/researchers-haxor-seo-poisoning/
-
Malicious AI extensions on VSCode Marketplace steal developer data
Two malicious extensions in Microsoft’s Visual Studio Code (VSCode) Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/malicious-ai-extensions-on-vscode-marketplace-steal-developer-data/
-
PRTG im Siemens-Industrial-Edge-Marketplace verfügbar
Die Netzwerk-Monitoring-Lösung PRTG von Paessler ist ab sofort auch im Industrial-Edge-Marketplace verfügbar. Die moderne IIoT-Plattform von Siemens ermöglicht die Bereitstellung von Software, die sich in großen Maschinen- und Produktionslinien einfach ausrollen und per Fernzugriff verwalten lässt. Diese Partnerschaft hilft dabei, die Lücke zwischen IT- und OT-Umgebungen mit ganzheitlichem Monitoring zu schließen. So erhalten Unternehmen in…
-
$12B Scam Market Tudou Guarantee Shuts Down
Telegram-Based Marketplace Closes After Prince Group Founder’s Arrest. Telegram marketplace Tudou Guarantee, which processed over $12 billion in fraud transactions, has ceased operations following the arrest of Prince Group chairman Chen Zhi, who was extradited to China in January. Elliptic said it was the third-largest illicit marketplace of all time. First seen on govinfosecurity.com Jump…
-
$12B Scam Market Tudou Guarantee Shuts Down
Telegram-Based Marketplace Closes After Prince Group Founder’s Arrest. Telegram marketplace Tudou Guarantee, which processed over $12 billion in fraud transactions, has ceased operations following the arrest of Prince Group chairman Chen Zhi, who was extradited to China in January. Elliptic said it was the third-largest illicit marketplace of all time. First seen on govinfosecurity.com Jump…
-
Scam Marketplace Tudou Guarantee Shutters Telegram Ops
A notorious marketplace for fraud, Tudou Guarantee, appears to have closed its public Telegram groups First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/scam-market-tudou-guarantee-shut/
-
Telegram-based illicit billionaire marketplace Tudou Guarantee stopped transactions
Major Telegram-based illicit marketplace Tudou Guarantee appears to be shutting down its operations, according to Elliptic. Blockchain cybersecurity firm Elliptic reports that Tudou Guarantee, a major Telegram-based illicit marketplace in Southeast Asia, has stopped transactions in its public groups after handling over $12 billion. The researchers noted that other services still run, so a full…
-
Tudou Guarantee Marketplace Halts Telegram Transactions After Processing Over $12 Billion
A Telegram-based guarantee marketplace known for advertising a broad range of illicit services appears to be winding down its operations, according to new findings from Elliptic.The blockchain intelligence company said Tudou Guarantee has effectively ceased transactions through its public Telegram groups following a period of significant growth. The marketplace is estimated to have processed First…
-
Microsoft seizes RedVDS infrastructure, disrupts fast-growing cybercrime marketplace
Tags: attack, credentials, cybercrime, infrastructure, marketplace, microsoft, phishing, service, theft, toolThe service became a prolific tool for cybercriminals in the past year, as it facilitated thousands of attacks involving credential theft, account takeovers, mass phishing and payment diversion fraud. First seen on cyberscoop.com Jump to article: cyberscoop.com/microsoft-seizes-disrupts-redvds-cybercrime-marketplace/
-
Cloud marketplace Pax8 accidentally exposes data on 1,800 MSP partners
Cloud marketplace and distributor Pax8 has confirmed that it mistakenly sent an email to fewer than 40 UK-based partners containing a spreadsheet with internal business information, including MSP customer and Microsoft licensing data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cloud-marketplace-pax8-accidentally-exposes-data-on-1-800-msp-partners/
-
Cloud marketplace Pax8 accidentally exposes data on 1,800 MSP partners
Cloud marketplace and distributor Pax8 has confirmed that it mistakenly sent an email to fewer than 40 UK-based partners containing a spreadsheet with internal business information, including MSP customer and Microsoft licensing data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cloud-marketplace-pax8-accidentally-exposes-data-on-1-800-msp-partners/
-
GlassWorm Malware Turns VS Code Extensions into an Attack Vector Against macOS
GlassWorm has returned with a dangerous new evolution. The notorious self-propagating malware, which first surfaced in October as an invisible Unicode-based threat in VS Code extensions, has completed a significant platform pivot to macOS with 50,000 downloads and a fully operational infrastructure. Security researchers have identified three malicious extensions on the Open VSX marketplace linked…
-
Bangladeshi Operator of Fake ID Marketplaces Charged in International Fraud Case
A 29-year-old Bangladeshi man has been indicted on federal charges for operating online marketplaces that sold fraudulent identity document templates to customers worldwide, U.S. authorities announced. Zahid Hasan of Dhaka, Bangladesh, faces nine federal counts, including six counts of transferring false identification documents, two counts of false passport use, and one count of social security…
-
FBI Seizes Fake ID Template Domains Operating from Bangladesh
Tags: marketplaceUS authorities have charged Zahid Hasan with running TechTreek, a $2.9 million online marketplace selling fake ID templates. The investigation, involving the FBI and Bangladesh police, uncovered a global scheme selling fraudulent passports and social security cards to over 1,400 customers. First seen on hackread.com Jump to article: hackread.com/fbi-seizes-domains-us-id-templates-bangladesh/
-
Nearly 20 million affected by Prosper, 700Credit data breaches
Fintech company Prosper Marketplace and car dealership services provider 700Credit are the latest financial institutions to report data breaches affecting millions of Americans. First seen on therecord.media Jump to article: therecord.media/data-breaches-affecting-20-million-prosper-700credit