This page collects WhisperX intelligence signals tagged #Cybercrime. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
Research indicates that potential US-built hacking tools have been obtained by foreign spies and cybercriminals. The activity has been described as the 'first known mass iOS attack' campaign of its kind. According to Google, fragments of the exploit first appeared in February of the previous year, with ties to an unnam...
A routine alert for a Remote Desktop Protocol (RDP) brute-force attack led security researchers down an unexpected path, uncovering a sophisticated and geographically distributed infrastructure network suspected of supporting ransomware operations. The investigation, detailed by Huntress Labs, began with a single compr...
Law enforcement agencies from the United States and the European Union have executed a takedown of LeakBase, a website described by authorities as "one of the world’s largest online forums for cybercriminals." The platform was accused of facilitating the sharing and distribution of stolen data and malicious tools. It m...
Law enforcement agencies from the United States and the European Union have executed a coordinated takedown of LeakBase, a website described by authorities as "one of the world’s largest online forums for cybercriminals." The platform was accused of operating as a central hub for sharing stolen data and malicious tools...
Security researchers have identified a highly sophisticated exploit kit targeting Apple iPhones, which leverages 23 distinct iOS vulnerabilities. This toolset is actively being deployed in both espionage campaigns and cryptocurrency-related cybercrime operations. The kit's level of sophistication and the nature of its ...
In early January 2026, KrebsOnSecurity detailed how a disclosed vulnerability was exploited to build Kimwolf, the world's largest and most disruptive botnet. The individual controlling Kimwolf, using the handle 'Dort,' has since coordinated a sustained campaign of distributed denial-of-service (DDoS) attacks, doxing, a...
A new phishing-as-a-service platform named 'Starkiller' is enabling cybercriminals to bypass traditional detection methods by dynamically loading the *real* login pages of target brands and acting as a stealthy relay between victims and legitimate sites. Unlike static phishing kits, Starkiller uses cleverly disguised l...
The cybercriminals controlling the Kimwolf botnet, which has infected over 2 million devices, recently shared a screenshot indicating they had compromised the control panel for Badbox 2.0. Badbox 2.0 is a vast China-based botnet powered by malicious software pre-installed on many Android TV streaming boxes. Both the FB...
A destructive botnet named Kimwolf has infected over two million devices by mass-compromising a vast number of unofficial Android TV streaming boxes. The botnet forces infected devices to participate in distributed denial-of-service (DDoS) attacks and to relay abusive and malicious Internet traffic for 'residential pro...
Data analytics giant LexisNexis has confirmed its Legal & Professional division suffered a data breach, following claims by the Fulcrumsec cybercrime crew. The breach reportedly involved customer records. The cybercriminals claim to have exfiltrated 2 GB of data from an AWS instance using a 'React2Shell' exploit. Lexis...
In Episode 15 of Dark Reading Confidential, the story details how Interpol enlisted the expertise of threat hunter Will Thomas and his team to dismantle a sprawling African cybercrime syndicate. The operation resulted in the arrest of 574 suspects, the recovery of over $3 million in illicit funds, and the successful de...
Cybercriminals have stolen approximately 15.8 million administrative medical records after successfully breaching a software supplier contracted by France's health ministry. The attack targeted the third-party vendor, which provided services to the ministry, leading to the massive data leak. The stolen files contain se...
The Tokyo Metropolitan Police have taken a novel, public-facing step against organized crime by launching a dedicated website that details the operations of anonymous criminal groups. This platform moves beyond generic warnings to publish specific, up-to-date fraud methodologies and, more strikingly, firsthand accounts...
Russian authorities have reportedly arrested the alleged administrator of LeakBase, a significant online forum used by hackers and cybercriminals. The arrest, reported by Russian state-owned media, signals a direct law enforcement action against a key node in the country's cybercrime ecosystem. This move creates immedi...
A hacker behind the $53 million exploit of decentralized finance protocol Uranium Finance now faces decades in a U.S. prison. Federal authorities have unsealed an indictment charging the individual with wire fraud and money laundering, with the combined counts carrying a potential maximum sentence of up to 30 years. Th...
A CEO's personal AI assistant, powered by OpenClaw, was not just compromised—it was put up for sale. The incident, detailed by Cato Networks' VP of Threat Intelligence Etay Maor, reveals a critical security failure where an AI agent's autonomy was exploited, granting a threat actor root access to the executive's entire...
Japanese authorities are preparing a significant tactical shift in their anti-money laundering operations, authorizing police to open online bank accounts under fictitious names. This covert measure is designed to infiltrate and track the financial flows of criminal networks, particularly those run by scammers. The mov...
Europe's central cybersecurity agency has formally attributed a significant breach of the European Commission to specific, high-profile cybercrime groups. In a clear and direct assessment, CERT-EU has identified the cybercrime group TeamPCP as responsible for the initial hack. The subsequent, and often more damaging, a...
The anonymous hacker known as "UNKN," the elusive leader behind the notorious Russian ransomware groups GandCrab and REvil, has been publicly identified. German authorities have named 31-year-old Russian national Daniil Maksimovich Shchukin as the individual who ran both cybercrime syndicates. The German Federal Crimin...
Bryan Fleming, the founder of spyware company pcTattletale, has avoided a custodial sentence in a landmark case, marking the first successful prosecution of a spyware maker in the United States in over a decade. The sentencing outcome spares the convicted developer from jail time, raising immediate questions about the ...