The value of cryptocurrency received by wallets used by HuiOne Guarantee and its vendors surpassed $4 billion in the fourth quarter of 2024 alone. In contrast, the Hydra marketplace received approximately $5.2 billion during its six-year lifespan.

A hacking group linked to Russian intelligence has been observed leveraging seemingly legitimate documents from the Kazakhstan government as phishing lures to infect and spy on government officials in Central Asia.

The BI.ZONE Threat Intelligence team has recorded a surge in the activity of the Paper Werewolf cluster (aka GOFFEE), which has conducted at least seven campaigns since 2022. Victims include government, energy, financial, media, and other sectors.

Security researchers have urged customer-facing businesses to improve their verification checks after discovering a large-scale identity farming operation on the dark web.

Holy League employs a blend of DDoS attacks, website defacements, and data breaches to incite fear and attract attention. Their propaganda combines dystopian visuals and religious themes.

On December 19, LockBitSupp, the persona allegedly run by the ransom-as-s-service (RaaS) group admins, announced on its website the group would launch a new version of its ransomware, LockBit 4.0.

Cybercriminals are selling hundreds of thousands of credential sets stolen with the help of a cracked version of Acunetix, a powerful commercial web app vulnerability scanner, new research finds.

As part of the operation, the hackers create fraudulent websites that mimic the official page of a Ukrainian military app, Army+, tricking users into downloading an executable file disguised as an app installation package.

The Russia-linked APT29 threat actor has been observed repurposing a legitimate red teaming attack methodology as part of cyber attacks leveraging malicious Remote Desktop Protocol (RDP) configuration files.

Known for its focus on Taiwanese defense and drone industries, TIDRONE has now extended its operations to South Korea, exploiting Enterprise Resource Planning (ERP) software to deploy the CLNTEND backdoor malware.