bounty-hunters

Operation Bounty Hunter — Predator Squad "If it bleeds, we...

Designing Proportionate Cybersecurity Frameworks for European Micro-Enterprises: Lessons from the Squad 2025 Case

Micro and small enterprises SMEs account for most European businesses yet remain highly vulnerable to cyber threats. This paper analyses the design logic of a recent European policy initiative -- the Squad 2025 Playbook on Cybersecurity Awareness for Micro-SMEs -- to extract general principles fo...

Malicious code in test-mlw2-squad-rafts (npm)

The package test-mlw2-squad-rafts was found to contain malicious code...

MAL-2025-36328 Malicious code in test-mlw2-squad-rafts (npm)

The package test-mlw2-squad-rafts was found to contain malicious code...

KrebsOnSecurity in New ‘Most Wanted’ HBO Max Series

A new documentary series about cybercrime airing next month on HBO Max features interviews with Yours Truly. The four-part series follows the exploits of Julius Kivimäki , a prolific Finnish hacker recently convicted of leaking tens of thousands of patient records from an online psychotherapy...

200+ Trojanized GitHub Repositories Found in Campaign Targeting Gamers and Developers

Cybersecurity researchers have uncovered a new campaign in which the threat actors have published more than 67 GitHub repositories that claim to offer Python-based hacking tools, but deliver trojanized payloads instead. The activity, codenamed Banana Squad by ReversingLabs, is assessed to be a...

What Really Happened in the Aftermath of the Lizard Squad Hacks

On Christmas Day in 2014 hackers knocked out the Xbox and PlayStation gaming networks, impacting how video game companies handled cybersecurity for years...

Analysis of Cyber Anarchy Squad attacks targeting Russian and Belarusian organizations

About C.A.S C.A.S Cyber Anarchy Squad is a hacktivist group that has been attacking organizations in Russia and Belarus since 2022. Besides data theft, its goal is to inflict maximum damage, including reputational. To this end, the group's attacks exploit vulnerabilities in publicly available...

Malicious code in cxfreezepy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 98b9fe0f574ed33e0a4096ba8774936c73969493c1621244334a739ef4f94f5d EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in discord-spammer-webhooks (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 992e658db3addbbf4402e9f8bfb5c3a8af81b96c87e70863df390190f52de66b EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in rawrequest (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx b9c75bf32c6679c49b3a17ee9ce320dfb26411c4fb2a7cf0fa4f06ceea5ae033 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in tpcraftcraftencode (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx d51287043143cc2b77dac9f3dac8fe7c54c6e797cee2425b1a581c4565357235 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in esqccpongcpu (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx c15d17f192fef96f3398bc91fe19bdcbcca1aa284532b9c0db068eefc1160732 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in libguigrandmc (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 6aecdbe6b089ffe59ba97add73503b78ab4c6dc432a5b733ed03687c146effbf EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in tpcvurlpong (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 001eabd8aa23a93db2f17fe69268f9eba2dece879e5cde7dbc93297d6d6279f6 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in esqproofinthydra (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx c0b148ee8917d957ac46b8f1bac8c09d1c45f4cae65b190d419b884935114705 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in esqcvinfogrand (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx c820bd971cc018caa572c8d3e5fbc4c800609499f10309c461ecf7dbc6d3f315 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in esqurlencodead (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 342de92053237bc0e13b75ef2de52d88dc91ed183875f2d171d2c7d1661de3bf EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in py-controlguipost (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 480e1dc18ed2f651bc3cd4dfddefc30c94cf887485d83b3d88432c7a9384cb42 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in selfintstringpong (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 7ae3da8a16e34517abe55eadd3d1cc135e5474877de7bbe3d6d9873c23108496 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...