206 matches found
Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites
Dutch law enforcement authorities, along with counterparts from Canada , Germany, and the U.S., have disrupted malicious infrastructure associated with SocGholish and cleaned up nearly 15,000 infected WordPress websites. "With these actions we deprive cybercriminals of access to infected computer...
Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs
Authorities in Europe have disrupted AudiA6 , a cryptocurrency laundering service used by ransomware gangs and cybercriminal networks. Europol, in a statement issued Thursday, said the dismantling of AudiA6 cut off a "key financial pipeline used to wash hundreds of millions in illicit profits." T...
LNTest: A Testbed for Evaluating Bitcoin Lightning Network-Based Botnets
Bitcoin's Lightning Network LN can be exploited as a covert, low-cost command-and-control C&C channel for botnets, as demonstrated by the LNBot and D-LNBot designs. However, both remain proof-of-concept prototypes evaluated only through simulation, leaving key questions about real-world topology...
You Can Get Some of Your Nudes Removed From the Internet Under a New Law
Starting May 19, tech platforms in the US will have to comply with the Take It Down Act. Here’s how more than a dozen major platforms are handling takedown demands for your nonconsensual nudes...
Omnistealer uses the blockchain to steal everything it can
A new infostealer dubbed Omnistealer is turning the blockchain into a permanent malware hosting platform, which is bad news for both companies and everyday users. It’s pretty common for malware to store its payload on a public platform, ideally one that adds some trustworthiness to the download...
Meta Disables 150K Accounts Linked to Southeast Asia Scam Centers in Global Crackdown
Meta on Wednesday said it disabled over 150,000 accounts associated with scam centers in Southeast Asia as part of a coordinated effort in partnership with authorities from Thailand, the U.S., the U.K., Canada, Korea, Japan, Singapore, the Philippines, Australia, New Zealand, and Indonesia. The...
Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks
Tycoon 2FA , one of the prominent phishing-as-a-service PhaaS toolkits that allowed cybercriminals to stage adversary-in-the-middle AitM credential harvesting attacks at scale, was dismantled by a coalition of law enforcement agencies and security companies. The subscription-based phishing kit,...
Fake Zoom and Google Meet scams install Teramind: A technical deep dive
UPDATE February 27, 2026 : We have added more clarity around the abuse of legitimate commercial products, and of Teramind's stealth mode. Important note: Teramind, the software vendor referenced in this article, has stated they are not affiliated with the threat actors described, did not deploy t...
New Aeternum C2 Botnet Evades Takedowns via Polygon Blockchain
Qrator Research Lab has identified Aeternum C2, a botnet that uses the Polygon blockchain for commands, making it nearly impossible to shut down...
Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade Takedown
Cybersecurity researchers have disclosed details of a new botnet loader called Aeternum C2 that uses a blockchain-based command-and-control C2 infrastructure to make it resilient to takedown efforts. "Instead of relying on traditional servers or domains for command-and-control, Aeternum stores it...
Kimwolf Botnet Swamps Anonymity Network I2P
For the past week, the massive "Internet of Things" IoT botnet known as Kimwolf has been disrupting The Invisible Internet Project I2P, a decentralized, encrypted communications network designed to anonymize and secure online communications. I2P users started reporting disruptions in the network...
ThreatsDay Bulletin: New RCEs, Darknet Busts, Kernel Bugs & 25+ More Stories
This week's updates show how small changes can create real problems. Not loud incidents, but quiet shifts that are easy to miss until they add up. The kind that affects systems people rely on every day. Many of the stories point to the same trend: familiar tools being used in unexpected ways...
Google Disrupts IPIDEA — One of the World's Largest Residential Proxy Networks
Google on Wednesday announced that it worked together with other partners to disrupt IPIDEA, which it described as one of the largest residential proxy networks in the world. To that end, the company said it took legal action to take down dozens of domains used to control devices and proxy traffi...
lab-exploit_windows-kernel
HAK CIPTA C 2026 Team bgblose. SELURUH HAK DILINDUNGI UNDANG-U...
SUSE CVE-2025-68749
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix race condition when unbinding BOs Fix 'Memory manager not clean during takedown' warning that occurs when ivpugembofree removes the BO from the BOs list before it gets unmapped. Then fileprivunbind triggers a...
EUVD-2025-205213
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix race condition when unbinding BOs Fix 'Memory manager not clean during takedown' warning that occurs when ivpugembofree removes the BO from the BOs list before it gets unmapped. Then fileprivunbind triggers a...
CVE-2025-68749
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix race condition when unbinding BOs Fix 'Memory manager not clean during takedown' warning that occurs when ivpugembofree removes the BO from the BOs list before it gets unmapped. Then fileprivunbind triggers a...
CVE-2025-68749
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix race condition when unbinding BOs Fix 'Memory manager not clean during takedown' warning that occurs when ivpugembofree removes the BO from the BOs list before it gets unmapped. Then fileprivunbind triggers a...
CVE-2025-68749
CVE-2025-68749 (Linux kernel) relates to a race in the ivpu accelerator driver when unbinding BOs. The fix adds bo_list_lock protection around the unmapping sequence, ensuring a BO is fully unmapped either during context teardown or when still on the BOs list. This prevents the Memory manager war...
INTERPOL Arrests 574 in Africa; Ukrainian Ransomware Affiliate Pleads Guilty
A law enforcement operation coordinated by INTERPOL has led to the recovery of $3 million and the arrest of 574 suspects by authorities from 19 countries, amidst a continued crackdown on cybercrime networks in Africa. The coordinated effort, named Operation Sentinel, took place between October 27...