TeleHunt: A Framework and Tool for Efficient Cybercriminal Community Discovery on Telegram

This paper presents TeleHunt, a framework and tool for evaluating the effectiveness of different strategies to discover cybercriminal communities on Telegram. TeleHunt employs a set of reference-driven snowballing strategies, integrating message-level classification, contextual filtering, and...

Cybercrime Crew Claims It Hacked Mike Lindell’s MyPillow

Plus: A ransomware group is now stealing data in person, BusPatrol wants to hand its license plate surveillance data to the cops, and more...

New Russia-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks

A previously undocumented threat actor dubbed GREYVIBE has been attributed to ongoing and persistent attacks targeting Ukraine and Ukraine-related entities since at least August 2025. GREYVIBE, per WithSecure, is assessed to be a Russian-speaking group operating broadly in the Russian time zone,...

Pirates in the crosshairs: how one cybercrime gang has been infecting book, movie, and TV show fans for years

Introduction In late April 2026, a client reached out to us for incident response support after discovering a miner running on users' computers. We later discovered that the malware was being distributed via illegal movie and TV show streaming sites. The infection chain leveraged a fake update fo...

Netherlands Busts Bulletproof Hosting Network Linked to Disinformation and Cybercrime

Dutch authorities arrested two suspects after dismantling a bulletproof hosting network linked to cybercrime, disinfo, and Russian sanctions evasion...

First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups

Authorities in Europe and North America have announced the dismantling of a criminal virtual private network VPN service used by criminal actors to obscure the origins of ransomware attacks, data theft, scanning, and denial-of-service attacks. Codenamed Operation Saffron, the disruption of First...

Kimwolf DDoS Botnet Operator Arrested in Canada Over DDoS-for-Hire Attacks

The U.S. Department of Justice DoJ on Thursday announced the arrest of a Canadian man in connection with allegedly operating a distributed denial-of-service DDoS botnet known as Kimwolf. In tandem, Jacob Butler aka Dort, 23, Ottawa, Canada, has been charged with offenses related to the developmen...

STRIKE: A Structured Taxonomy of Cybercrime for Risk, Impact, Knowledge, and Evolution

Cybercrime has grown exponentially in both scale and sophistication, posing significant threats. As attack methods evolve rapidly, traditional classification schemes often fail to capture the complexity and diversity of modern threats. To address this gap, we introduce STRIKE,a Structured Taxonom...

Deepfake sextortion forces schools to remove student photos from websites

Schools love a good photo, whether it's from a trip to a castle, a science prize ceremony, or sports day shot from three angles. For two decades, celebratory images like these have gone straight onto school websites, captioned with a name and a grade. But those days are gone, because it's the...

Topical Shifts in the Dark Web: A Longitudinal Analysis of Content from the Cybercrime Ecosystem

The dark web hosts a dynamic ecosystem of cybercrime forums and marketplaces that adapt to law enforcement pressure, technological change, and economic incentives. Prior research has extracted cyber threat intelligence from these platforms using static snapshots, with limited attention to how...

Slovakian Admin of Dark Web Kingdom Market Jailed for 16 Years in US

A Slovakian administrator tied to the dark web Kingdom Market received a 16 year US prison sentence for drug trafficking and cybercrime activity...

45,000 Attacks, 5,300+ Backdoors Tied to China-Linked Cybercrime Operation

SOCRadar researchers have uncovered a massive Chinese cybercrime operation using the OpenClaw and Paperclip systems to automate global attacks...

US-Estonian Suspect Arrested Over Alleged Scattered Spider Cyberattacks

US-Estonian suspect Peter Stokes arrested in Finland over alleged ties to Scattered Spider, facing US charges for cyberattacks, fraud, and data breaches...

How cyberattacks on companies affect everyone

If you use the internet, you’ve likely been affected by cybercrime in some way. Even when an attack is aimed at a company, the fallout usually lands on ordinary people. The most obvious harm is stolen data. When attackers break into a business, it is usually customer information that ends up in...

Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts

An international law enforcement operation has taken down 53 domains and arrested four people in connection with commercial distributed denial-of-service DDoS operations that were used by more than 75,000 cybercriminals. The ongoing effort, dubbed Operation PowerOFF , disrupted access to the...

How Hackers Are Thinking About AI

Interesting paper: "What hackers talk about when they talk about AI: Early-stage diffusion of a cybercrime innovation." Abstract: The rapid expansion of artificial intelligence AI is raising concerns about its potential to transform cybercrime. Beyond empowering novice offenders, AI stands to...

Alleged German DDoS-for-Hire Kingpin Behind Fluxstress Caught in Thailand

Alleged German cybercrime figure behind Fluxstress and Neldowner arrested in Thailand after years running global DDoS-for-hire services across countries...

30,000 private Facebook images allegedly downloaded by Meta employee

Every tech company tells you your data is safe. They've hopefully got encryption, access controls, and zero-trust architectures—the whole glossy security brochure. And then someone on the inside writes a script to steal your private photos anyway. That's what a former Meta employee based in Londo...

Threat actor abuse of AI accelerates from tool to cyberattack surface

For the last year, one word has represented the conversation living at the intersection of AI and cybersecurity: speed. Speed matters, but it’s not the most important shift we are observing across the threat landscape today. Now, threat actors from nation states to cybercrime groups are embedding...

Threat actor abuse of AI accelerates from tool to cyberattack surface

For the last year, one word has represented the conversation living at the intersection of AI and cybersecurity: speed. Speed matters, but it’s not the most important shift we are observing across the threat landscape today. Now, threat actors from nation states to cybercrime groups are embedding...