Iran’s Digital Surveillance Machine Is Almost Complete

After more than 15 years of draconian measures, culminating in an ongoing internet shutdown, the Iranian regime seems to be staggering toward its digital surveillance endgame...

Operation Endgame: Dutch Police Arrest Alleged AVCheck Operator

Dutch police arrest the alleged AVCheck operator at Schiphol as part of Operation Endgame, a global effort targeting malware services and cybercrime...

Operation Endgame Hits Rhadamanthys, VenomRAT, Elysium Malware, seize 1025 servers

Europol-led Operation Endgame seizes 1,025 servers and arrests a key suspect in Greece, disrupting three major global malware and hacking tools, including Rhadamanthys, VenomRAT and Elysium botnet...

MAL-2025-19647 Malicious code in endgame-ui-input-text (npm)

The package endgame-ui-input-text was found to contain malicious code...

Malicious code in endgame-ui-input-text (npm)

The package endgame-ui-input-text was found to contain malicious code...

Operation Endgame Takes Down DanaBot Malware, Neutralizes 300 Servers

Operation Endgame takes down DanaBot malware network; 300 servers neutralized, €21.2M in crypto seized, 16 charged, 20 international warrants...

300 Servers and €3.5M Seized as Europol Strikes Ransomware Networks Worldwide

As part of the latest "season" of Operation Endgame, a coalition of law enforcement agencies have taken down about 300 servers worldwide, neutralized 650 domains, and issued arrest warrants against 20 targets. Operation Endgame, first launched in May 2024, is an ongoing law enforcement operation...

Smokeloader Users Identified and Arrested in Operation Endgame

Authorities arrest 5 Smokeloader botnet customers after Operation Endgame; evidence from seized data links customers to malware, ransomware, and more...

Europol Arrests Five SmokeLoader Clients Linked by Seized Database Evidence

Law enforcement authorities have announced that they tracked down the customers of the SmokeLoader malware and detained at least five individuals. "In a coordinated series of actions, customers of the Smokeloader pay-per-install botnet, operated by the actor known as 'Superstar,' faced consequenc...

Malicious code in my-account-end-game (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware affc2e67711261a8284c0193acc1a7c7afa56ee2693d1c6ca1d5cde32ca11376 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

U.S. Sanctions Two Crypto Exchanges for Facilitating Cybercrime and Money Laundering

The U.S. government on Thursday sanctioned two cryptocurrency exchanges and unsealed an indictment against a Russian national for his alleged involvement in the operation of several money laundering services that were offered to cybercriminals. The virtual currency exchanges, Cryptex and PM2BTC,...

Ukraine Arrests Cryptor Specialist Aiding Conti and LockBit Ransomware

Ukrainian Police have arrested a ransomware cryptor developer in connection with the notorious Conti and LockBit groups. This arrest was the result of Operation Endgame, a major operation that aims to dismantle key elements of these cybercriminal organizations...

Authorities Ramp Up Efforts to Capture the Mastermind Behind Emotet

Law enforcement authorities behind Operation Endgame are seeking information related to an individual who goes by the name Odd and is allegedly the mastermind behind the Emotet malware. Odd is also said to go by the nicknames Aron, C700, Cbd748, Ivanov Odd, Mors, Morse, and Veron over the past fe...

A week in security (May 27 – June 2)

Last week on Malwarebytes Labs: Data leak site BreachForums is back, boasting Live Nation/Ticketmaster user data. But is it a trap? The Ticketmaster "breach"—what you need to know Ticketmaster confirms customer data breach How to tell if a VPN app added your Windows device to a botnet Beware of...

Mysterious Hack Destroyed 600,000 Internet Routers

Plus: A whistleblower claims the Biden administration falsified a report on Gaza, “Operation Endgame” disrupts the botnet ecosystem, and more...

‘Operation Endgame’ Hits Malware Delivery Platforms

Law enforcement agencies in the United States and Europe today announced Operation Endgame, a coordinated action against some of the most popular cybercrime platforms for delivering ransomware and data-stealing malware. Dubbed "the largest ever operation against botnets," the international effort...

Elastic 7.17.9, 8.5.0 and 8.6.1 Security Update

Kibana authenticated Denial of Service issue ESA-2023-02 A flawCVE-2022-38900 was discovered in one of Kibana’s third party dependencies, that could allow an authenticated user to to perform a request that crashes the Kibana server process. Affected Versions: Kibana Versions 7.0.0 through 7.17.8...

CVE-2022-38774

An issue was discovered in the quarantine feature of Elastic Endpoint Security and Elastic Endgame for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account...

Design/Logic Flaw

An issue was discovered in the quarantine feature of Elastic Endpoint Security and Elastic Endgame for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account...

Elastic Endpoint Security 安全漏洞

Elastic Endpoint Security is a suite of endpoint security solutions from Elastic. A security vulnerability exists in Elastic Endpoint Security and Elastic Endgame that stems from an issue in the isolation feature that could allow an unprivileged user to elevate their privileges to the privileges ...