Detecting Data Exfiltration through I2P Anonymity Networks: A Two-Phase Machine Learning Approach

The Invisible Internet Project I2P provides strong anonymity through garlic routing and distributed network architecture, making it attractive for legitimate privacy needs. Nevertheless, the same properties can be exploited by malicious actors to steal sensitive information from corporate network...

Characterizing AI-Assisted Bot Traffic in Darknet Data: Implications for ICS and IIoT Security

The rise of automated scanning tools and AI assisted reconnaissance agents has significantly altered internet background traffic patterns, threatening the baseline assumptions underlying intrusion detection systems IDS deployed in critical infrastructure networks. This paper characterizes the...

US Seizes $400 Million Linked to Helix Dark Web Crypto Mixer

US authorities take control of over $400 million in crypto, cash, and property tied to Helix, a major darknet bitcoin mixing service used by drug markets...

Malicious Package

Overview darknet-dispatches-internal is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

Malicious code in darknet-dispatches-internal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 56bca60f1c0743747f152e1bb34d4c1242fc24bc3500bbc44d7dc2c5235e06e1 The package darknet-dispatches-internal was found to contain malicious code. Source: ghsa-malware...

MAL-2026-153 Malicious code in darknet-dispatches-internal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 56bca60f1c0743747f152e1bb34d4c1242fc24bc3500bbc44d7dc2c5235e06e1 The package darknet-dispatches-internal was found to contain malicious code. Source: ghsa-malware...

EUVD-2026-1651

Malicious code in darknet-dispatches-internal npm...

Telegram Hosting World’s Largest Darknet Market

Wired is reporting on Chinese darknet markets on Telegram. The ecosystem of marketplaces for Chinese-speaking crypto scammers hosted on the messaging service Telegram have now grown to be bigger than ever before, according to a new analysis from the crypto tracing firm Elliptic. Despite a brief...

Chinese Crypto Scammers on Telegram Are Fueling the Biggest Darknet Markets Ever

Online black markets once lurked in the shadows of the dark web. Today, they’ve moved onto public platforms like Telegram—and are racking up historic illicit fortunes...

Insider Threat: Hackers Paying Company Insiders to Bypass Security

A new report from Check Point Research reveals a growing trend of cyber criminals recruiting employees at banks, telecoms, and tech giants. Learn how hackers use the darknet and Telegram to offer payouts up to $15,000 for internal access to companies like Apple, Coinbase, and the Federal Reserve...

Hackers threaten parents: Get nursery to pay ransom or we leak your child’s data

Just when you think extortionists can’t sink any lower, along comes a lowlife that manages to surprise you. The BBC reported that a group calling itself "Radiant" claims to have stolen sensitive data related to around 8,000 children from nursery chain Kido, which operates in the UK, US, China, an...

The Dark Side of the Web: Towards Understanding Various Data Sources in Cyber Threat Intelligence

Cyber threats have become increasingly prevalent and sophisticated. Prior work has extracted actionable cyber threat intelligence CTI, such as indicators of compromise, tactics, techniques, and procedures TTPs, or threat feeds from various sources: open source data e.g., social networks, internal...

New episode “In the Trend of VM” (#12): 8 February CVEs & Why the Darknet Matters for VM Specialists

New episode "In the Trend of VM" 12: 8 February CVEs & Why the Darknet Matters for VM Specialists. Now with a new design and new video editing. Video on YouTube and LinkedIn Post on Habr rus Digest on the PT website Content: 00:00 Greetings 00:23 Remote Code Execution - Windows Lightweight...

Should a VM specialist be aware of what is happening in the Darknet?

Should a VM specialist be aware of what is happening in the Darknet? Of course. At least roughly. Otherwise, he'll fall for the "nobody’s attacking us" myth. The reality is that every organization is under attack all the time. It's like commercial fishing with trawlers. Anything that gets caught ...

U.S. Secret Service Seizes Russian Garantex Crypto Exchange Website

A coalition of international law enforcement agencies has seized the website associated with the cryptocurrency exchange Garantex "garantex.org", nearly three years after the service was sanctioned by the U.S. Treasury Department in April 2022. "The domain for Garantex has been seized by the Unit...

Bitcoin Fog Founder Sentenced to 12 Years for Cryptocurrency Money Laundering

The 36-year-old founder of the Bitcoin Fog cryptocurrency mixer has been sentenced to 12 years and six months in prison for facilitating money laundering activities between 2011 and 2021. Roman Sterlingov, a dual Russian-Swedish national, pleaded guilty to charges of money laundering and operatin...

U.S. Charges Two Sudanese Brothers for Record 35,000 DDoS Attacks

Federal prosecutors in the U.S. have charged two Sudanese brothers with running a distributed denial-of-service DDoS botnet for hire that conducted a record 35,000 DDoS attacks in a single year, including those that targeted Microsoft's services in June 2023. The attacks, which were facilitated b...

German Police Seize 'Nemesis Market' in Major International Darknet Raid

German authorities have announced the takedown of an illicit underground marketplace called Nemesis Market that peddled narcotics, stolen data, and various cybercrime services. The Federal Criminal Police Office aka Bundeskriminalamt or BKA said it seized the digital infrastructure associated wit...

Incognito Darknet Market Mass-Extorts Buyers, Sellers

Borrowing from the playbook of ransomware purveyors, the darknet narcotics bazaar Incognito Market has begun extorting all of its vendors and buyers, threatening to publish cryptocurrency transaction and chat records of users who refuse to pay a fee ranging from $100 to $20,000. The bold mass...

Exit Scam: BlackCat Ransomware Group Vanishes After $22 Million Payout

The threat actors behind the BlackCat ransomware have shut down their darknet website and likely pulled an exit scam after uploading a bogus law enforcement seizure banner. "ALPHV/BlackCat did not get seized. They are exit scamming their affiliates," security researcher Fabian Wosar said. "It is...