darkweb

Operation FanTrap: Inside the FIFA 2026 Fraud Ecosystem

cyber news, cybersecurity, darkweb, OSINT, phishing /

Operation FanTrap: Inside the FIFA 2026 Fraud Ecosystem 2026-06-18 at 17:05 By Ashish Khaitan Executive Summary  The FIFA World Cup 2026 has become more than a global sporting event. It has evolved into a large-scale cybercrime opportunity exploited by threat actors through a coordinated ecosystem of fraudulent domains, social media channels, messaging platforms, pirated streaming […]

Operation FanTrap: Inside the FIFA 2026 Fraud Ecosystem Read More »

Why Australian Dark Web Data Is Now Being Sold in Bundles — and What It Means for Organizational Exposure in 2026

ANZ, Australia, darkweb, data breach, Ransomware, Threat Intelligence /

Why Australian Dark Web Data Is Now Being Sold in Bundles — and What It Means for Organizational Exposure in 2026 2026-05-14 at 12:48 By Ashish Khaitan In 2026, opportunistic assaults and isolated breaches will no longer characterize Australia’s cyber risk environment. Industrialized data theft, in which stolen data is packaged, repackaged, and marketed on

Why Australian Dark Web Data Is Now Being Sold in Bundles — and What It Means for Organizational Exposure in 2026 Read More »

Why Indian Enterprises Are a Prime Target for Dark Web Credential Markets

cyber news, Dark Web Monitoring, darkweb, Threat Intelligence /

Why Indian Enterprises Are a Prime Target for Dark Web Credential Markets 2026-04-22 at 13:48 By Ashish Khaitan The underground economy of stolen credentials has matured into a structured, high-volume marketplace, and Indian enterprises are at the center. What makes this trend notable is not just the scale of cyber incidents in India, but the

Why Indian Enterprises Are a Prime Target for Dark Web Credential Markets Read More »

China’s APT41 and the Expanding Enterprise Attack Surface: What Security Teams Must Prepare For

attack surface management, cyber news, cybersecurity, darkweb, Ransomware, Threat Actor /

China’s APT41 and the Expanding Enterprise Attack Surface: What Security Teams Must Prepare For 2026-03-27 at 16:01 By Ashish Khaitan The modern enterprise attack surface is no longer confined to corporate networks and endpoints; it now stretches across cloud workloads, supply chains, remote devices, and even operational technology environments. Within this fragmented landscape, the activities

China’s APT41 and the Expanding Enterprise Attack Surface: What Security Teams Must Prepare For Read More »

Inside Russia’s Shift to Credential-Based Intrusions: What CISOs Need to Know in 2026

cyber news, cybersecurity, Dark Web Monitoring, darkweb, EU, Ransomware, Ransomware Insights /

Inside Russia’s Shift to Credential-Based Intrusions: What CISOs Need to Know in 2026 2026-03-19 at 13:32 By Ashish Khaitan Russia-linked hacktivist activity has entered a noticeably different phase. While earlier campaigns leaned heavily on disruption through denial-of-service and opportunistic scanning of exposed systems, the current trajectory shows a stronger dependence on credential-based intrusions and identity-based cyber attacks. For security leaders,

Inside Russia’s Shift to Credential-Based Intrusions: What CISOs Need to Know in 2026 Read More »

The Ultimate Guide to Dark Web Monitoring in 2026: Protect Your Data Before Attackers Strike

darkweb, Hacktivism, Malware, Ransomware, Ransomware Insights, Threat Intelligence /

The Ultimate Guide to Dark Web Monitoring in 2026: Protect Your Data Before Attackers Strike 2026-03-13 at 16:29 By Ashish Khaitan In 2026, cyber threats are originating on the dark web, where stolen credentials, exploit kits, and attack plans are bought and sold before they ever reach corporate networks. Organizations are turning to dark web

The Ultimate Guide to Dark Web Monitoring in 2026: Protect Your Data Before Attackers Strike Read More »

Middle East on the Brink: Iran-US-Israel Hostilities Trigger Cyber-Kinetic Conflict

cyber news, cyberattack, cybersecurity, Cyberwarfare, Dark Web Monitoring, darkweb, Middle East /

Middle East on the Brink: Iran-US-Israel Hostilities Trigger Cyber-Kinetic Conflict 2026-03-03 at 19:46 By Ashish Khaitan The geopolitical landscape of the Middle East has entered one of its most volatile phases in decades. On February 28, 2026, tensions that had been simmering for years erupted into a full‑blown conflict involving the Islamic Republic of Iran,

Middle East on the Brink: Iran-US-Israel Hostilities Trigger Cyber-Kinetic Conflict Read More »

Ransomware Attacks Have Surged 30% Since Q4 2025

darkweb, data breach, Ransomware, Ransomware Insights, Threat Actor /

Ransomware Attacks Have Surged 30% Since Q4 2025 2026-02-04 at 14:51 By Ashish Khaitan Ransomware groups claimed more than 2,000 attacks in the last three months of 2025 – and they’re starting 2026 at the same elevated pace.  Cyble recorded 2,018 claimed attacks by ransomware groups in the fourth quarter of 2025, an average of just under 673 a month. The threat groups maintained that pace in January 2026, claiming 679 ransomware victims.  By comparison, in

Ransomware Attacks Have Surged 30% Since Q4 2025 Read More »

Ransomware and Supply Chain Attacks Neared Records in November 

cyber news, darkweb, Ransomware, Ransomware Insights /

Ransomware and Supply Chain Attacks Neared Records in November  2025-12-10 at 08:52 By Paul Shread Ransomware attacks hit their second-highest levels on record in November, as the number of attacks rose for the seventh consecutive month.  The 640 ransomware attacks recorded by Cyble in November 2025 are second only to February 2025’s record totals (chart below).  Ransomware groups are increasingly targeting software supply chain vulnerabilities, which has contributed to a doubling of supply chain attacks since April

Ransomware and Supply Chain Attacks Neared Records in November  Read More »

IT Vulnerability Report: Fortinet, SonicWall, Grafana Exposures Top 1 Million

darkweb, data breach, exploit, Fortinet, SonicWall, Vulnerabilities, vulnerability /

IT Vulnerability Report: Fortinet, SonicWall, Grafana Exposures Top 1 Million 2024-11-01 at 13:34 By Paul Shread Overview Cyble Research and Intelligence Labs (CRIL) researchers investigated 17 vulnerabilities and nine dark web exploits during the period of Oct. 23-29, and highlighted seven vulnerabilities that merit high-priority attention from security teams. This week’s IT vulnerability report affects

IT Vulnerability Report: Fortinet, SonicWall, Grafana Exposures Top 1 Million Read More »

Weekly IT Vulnerability Report: Cyble Researchers Find Nearly 1 Million Exposed Fortinet, SonicWall Devices

darkweb, Fortra, SonicWall, Threat Intelligence, Traccar, vulnerability /

Weekly IT Vulnerability Report: Cyble Researchers Find Nearly 1 Million Exposed Fortinet, SonicWall Devices 2024-08-30 at 16:31 By dakshsharma16 Key Takeaways Overview Cyble’s weekly vulnerability report for August 21-27 found the highest number of exposed vulnerable assets in nearly three months, since a widespread PHP vulnerability was found in early June. Cyble researchers found more

Weekly IT Vulnerability Report: Cyble Researchers Find Nearly 1 Million Exposed Fortinet, SonicWall Devices Read More »

Exodus Marketplace: A Haven for Exiled Criminals 

darkweb /

Exodus Marketplace: A Haven for Exiled Criminals  2024-08-01 at 16:16 By Cyble Cyble Research & Intelligence Labs’ (CRIL) ongoing monitoring of Dark-web logs and marketplaces indicates that certain emerging shops from this year are trying to gain more traction and customers on their platforms by conducting advertising campaigns promoting their illicit activities on well-known forums. 

Exodus Marketplace: A Haven for Exiled Criminals  Read More »

Incognito Admin Arrest and SuperMarket Wallet Drain: Darknet Marketplaces Plunge into Uncertainty 

cybercrime, darkweb /

Incognito Admin Arrest and SuperMarket Wallet Drain: Darknet Marketplaces Plunge into Uncertainty  2024-05-24 at 14:31 By neetha871ad236bd Unraveling the seedy underbelly of the darknet marketplaces  Executive Summary  The arrest of Riu-Siang Lin, the former administrator of the closed Incognito marketplace, by the US authorities on 18th May is causing a domino effect in the underground

Incognito Admin Arrest and SuperMarket Wallet Drain: Darknet Marketplaces Plunge into Uncertainty  Read More »

New Enchant Android Malware Targeting Chinese Cryptocurrency Users

Bitcoin, Bitpie Wallet, China, Crypto wallet, Cryptocurrency, darkweb, Enchant, imToken, Malware, OKX, Threat Actor, Threat Intelligence, TokenPocket wallet /

New Enchant Android Malware Targeting Chinese Cryptocurrency Users 23/10/2023 at 14:01 By cybleinc Cyble Research and Intelligence Labs analyzes a New Android malware “Enchant” targeting cryptocurrency users in China. The post New Enchant Android Malware Targeting Chinese Cryptocurrency Users appeared first on Cyble. This article is an excerpt from Cyble View Original Source

New Enchant Android Malware Targeting Chinese Cryptocurrency Users Read More »

Mallox Ransomware Implements New Infection Strategy

Automotive, Base64, Batch Script, BATloader, Construction, Consumer Goods, cybercrime, darkweb, data breach, Data leak, education, Energy & Utilities, Entertainment, Food and Beverages, healthcare, Infection chain, IT & ITES, Loader, Mallox, Mallox Ransomware, Malware, Manufacturing, Media, MSBuild.exe, Organization, Payload, PowerShell, Professional Services, Quasar RAT, Ransomware, Real Estate, Retail, Technology, Threat Activity, United States /

Mallox Ransomware Implements New Infection Strategy 22/06/2023 at 14:12 By cybleinc Cyble analyzes Mallox Ransomware’s new infection chain, leveraging BatLoader to execute ransomware payloads. The post Mallox Ransomware Implements New Infection Strategy appeared first on Cyble. This article is an excerpt from Cyble View Original Source

Mallox Ransomware Implements New Infection Strategy Read More »

Unmasking the Critical Risk of Internet-Exposed Assets to Public and Private Organizations

Aria Operations, Cl0P Ransomware, CLOP, Command Injection, CVE-2023-20877, CVE-2023-34362, CVE-2023-35063, CVE-2023-35708, cybercrime, darkweb, data breach, Data leak, Fortinet, Malware, MOVEit, Moveit Transfer, Oil & Gas, OSINT, Shell, SSL-VPN, Threat Intelligence, United States, vulnerability /

Unmasking the Critical Risk of Internet-Exposed Assets to Public and Private Organizations 20/06/2023 at 16:11 By cybleinc Cyble investigates the Current vulnerability Threat landscape and observes distribution of Proof Of Concepts over Darkweb. The post Unmasking the Critical Risk of Internet-Exposed Assets to Public and Private Organizations appeared first on Cyble. This article is an

Unmasking the Critical Risk of Internet-Exposed Assets to Public and Private Organizations Read More »

Malicious Tools in the Underground: Investigating their Propagation

AES, apple, Atomic, Binance, C, Chrome, Chromium, Coinbase, Coinomi, Cryptocurrency, darkweb, DDoS, Delphi, DMG, Exodus, Keplr, Keylogging, Linux, LummaC2 Stealer, MaaS, macOS, Malware, Martian, Meduza, MetaMask, Mozilla, Phantom, PKG, RaaS, RSA, Russian, SaaS, ShadowVault, Telegram, Threat Intelligence, Trigona, Tron Link, Trust, Windows /

Malicious Tools in the Underground: Investigating their Propagation 16/06/2023 at 19:04 By cybleinc Cyble Research & Intelligence Labs investigates the recent promulgation of Malicious Tools in underground forums. The post Malicious Tools in the Underground: Investigating their Propagation appeared first on Cyble. This article is an excerpt from Cyble View Original Source

Malicious Tools in the Underground: Investigating their Propagation Read More »

Cloud Mining Scam Distributes Roamer Banking Trojan

AB Ditizen, ACB One, and NFTS, Android, App store, Banking applications, Banking Trojan, Binance, Cloud Mining, CloudMining.apk, crypto mining, Cryptocurrency, cybercrime, darkweb, data breach, Data leak, ETH, Ethereum, fake app, Google Play, HDFC Bank Mobile Banking App, infostealer, Malware, MB Bank, Monero, MSB mBank, phishing, PV Mobile Banking, Roamer, SCB Mobile Banking, Telegram, Threat Intelligence, VCB Digibank, VietinBank iPay, XMR /

Cloud Mining Scam Distributes Roamer Banking Trojan 14/06/2023 at 16:35 By cybleinc Cyble analyzes a cloud mining scam leveraging phishing to distribute the Roamer banking trojan, targeting Android Crypto wallets and banking applications, aiming to steal sensitive information. The post Cloud Mining Scam Distributes Roamer Banking Trojan appeared first on Cyble. This article is an

Cloud Mining Scam Distributes Roamer Banking Trojan Read More »

Over 45 thousand Users Fell Victim to Malicious PyPI Packages

All, Creal Stealer, Credit card, darkweb, Discord Webhook, Evilpip, GitHub, Google Chrome, Hazard Token Grabber, HTTP GET, infostealer, KEKW, Malware, phishing, PyPI, Python Package Index, Python Packages, Reaquests, Requests, Third party software, Threat Actors, Threat Intelligence, Tikcock Grabber, W4SP Stealer /

Over 45 thousand Users Fell Victim to Malicious PyPI Packages 09/06/2023 at 12:31 By cybleinc Through the analysis of more than 160 malicious Python packages, CRIL reveals insights into the threat landscape associated with Python packages. The post Over 45 thousand Users Fell Victim to Malicious PyPI Packages appeared first on Cyble. This article is

Over 45 thousand Users Fell Victim to Malicious PyPI Packages Read More »

Unmasking the Darkrace Ransomware Gang

cybercrime, cybersecurity, Darkrace, Darkrace Ransomware, darkweb, Data leak, Double extortion, Lockbit 3.0, LockBit Ransomware, Malware, Mutex, Ransomware, Threat Actors, Threat Intelligence, Windows /

Unmasking the Darkrace Ransomware Gang 08/06/2023 at 15:02 By cybleinc New Ransomware Holds Similarities with LockBit Ransomware Ransomware continues to pose the most critical cybersecurity threat to organizations’ infrastructure. This malicious software encrypts victims’ files and extorts payment in return for the decryption key. The consequences of ransomware attacks can be severe, including financial losses,

Unmasking the Darkrace Ransomware Gang Read More »

Scroll to Top