As predicted a few days ago, BreachForums was seized. The splash page is now up. It does not have any cute avatars with characters in handcuffs and no text about all the entities that cooperated. It simply says, “This Domain Has Been Seized,” and shows four shields: Department of Justice, FBI, BL2C, and JUNALCO. The latter...

Source

The ITRC provides free assistance for victims of identity theft, fraud or scams Oct. 1, 2025 — The Identity Theft Resource Center® (ITRC), a nationally recognized nonprofit organization established to support victims of identity crime, is available to assist victims during the Federal Government shutdown. The ITRC, a trusted nonprofit partner of the Federal Trade Commission and the Internal...

Source

David Hollingworth reports: The Legal Practice Board of Western Australia (LPBWA) has said it has begun notifying individuals whose data was compromised following a cyber attack performed by the Dire Wolf ransomware gang in May. “Following a comprehensive investigation, the Legal Practice Board of Western Australia (the board) has commenced notifying individuals whose data was...

Source

Lawrence Abrams reports: An extortion group calling itself the Crimson Collective claims to have stolen nearly 570GB of compressed data across 28,000 internal development respositories, with the company confirming it was a breach of one of its GitLab instances. This data allegedly includes approximately 800 Customer Engagement Reports (CERs), which can contain sensitive information about a...

Source

How much money enticed these teens to do something that may have just wrecked their future? Did they see it as just quick and easy money and no big deal?  Alexander Martin reports: Two teenagers have been arrested in the Netherlands on suspicion of espionage, reportedly on behalf of pro-Russian hackers. The boys, both aged...

Source

This page contains a web-friendly version of the Cybersecurity and Infrastructure Security Agency’s Emergency Directive 25-03: Identify and Mitigate Potential Compromise of Cisco Devices. CISA is aware of an ongoing exploitation campaign by an advanced threat actor targeting Cisco Adaptive Security Appliances (ASA). The campaign is widespread and involves exploiting zero-day vulnerabilities to gain unauthenticated...

Source

Margi Murphy reports: Between the money bag and clown emojis, the lmfaos and the loooools, a pixelated thumbnail of a teenager covered in blood appeared in a Telegram group chat on a September afternoon in 2022. Noah Urban, then an 18-year-old living in Palm Coast, Florida, clicked play. He watched as the kid in the video begged him...

Source

Luke James reports: Chinese censorship sprang a major leak on September 11, when researchers confirmed that more than 500GB of internal documents, source code, work logs, and internal communications from the so-called Great Firewall were dumped online, including packaging repos and operational runbooks used to build and maintain China’s national traffic filtering system. The files appear to...

Source

On September 8, the “scattered LAPSUS$ hunters 4.0” Telegram channel posted: FBI and French LE, great job for the third time arresting the wrong person in France once again. DOJ please stop wasting your budget by flying your agents to France every time to make the WRONG arrest, as it’s almost the end of the...

Source

The Helsinki Times reports: Aleksanteri Kivimäki, convicted of thousands of cybercrimes linked to the Vastaamo data breach, has been released from custody by the Helsinki Court of Appeal. The decision followed two days of testimony from Kivimäki, who denied all charges. The court cited his prolonged pretrial detention as the reason for release. He has...

Source

There’s an update on a previously reported case: Tampa, Florida – United States Attorney Gregory W. Kehoe announces that Liridon Masurica (33, Gjilan, Kosovo), also known as “@blackdb,” has pleaded guilty to conspiracy to commit access device fraud. Masurica faces a maximum penalty of 10 years in federal prison. A sentencing date has not yet been...

Source

Reading this, I kept hoping that we’d find out it’s just a hoax. But alas… Kevin Collier reports: A hacker has exploited a leading artificial intelligence chatbot to conduct the most comprehensive and lucrative AI cybercriminal operation known to date, using it to do everything from find targets to write ransom notes. In a report...

Source

INTERPOL-coordinated operation leads to 1,209 arrests LYON, France – In a sweeping INTERPOL-coordinated operation, authorities across Africa have arrested 1,209 cybercriminals targeting nearly 88,000 victims. The crackdown recovered USD 97.4 million and dismantled 11,432 malicious infrastructures, underscoring the global reach of cybercrime and the urgent need for cross-border cooperation. Operation Serengeti 2.0 (June to August...

Source

In April, Noah Michael Urban pleaded guilty in a Florida courtroom to charges he had faced in two separate federal cases. Yesterday, he was sentenced in a Florida courtroom to ten years in prison and $13 million in restitution. In the Florida case, Urban, known online as “King Bob,” “Sosa,”  “Elijah,” “Anthony Ramirez” and “Gustavo...

Source

Coindoo reports: Physical attacks on cryptocurrency holders are rising sharply this year, with security experts warning that 2025 could become the most dangerous year yet for investors. At the Baltic Honeybadger conference in Riga, SatoshiLabs founder Alena Vranova described a wave of “wrench attacks” — kidnappings, assaults, and extortion aimed at forcing victims to surrender...

Source

Lee Gyu-lee reports: Korean white hat hacker team Maple Mallard Magistrates (MMM) won the Capture the Flag (CTF) hacking competition at this year’s DEF CON conference, held in Las Vegas from Thursday through Sunday (local time). The final round of CTF, the largest open computer security hacking competition, was held during the security conference, with...

Source

Divya reports: A security vulnerability has been discovered in the popular 7-Zip file compression utility that could allow attackers to write arbitrary files to victim systems and potentially execute malicious code. The flaw, tracked as CVE-2025-55188, affects all versions of 7-Zip prior to the recently released version 25.01 and stems from improper handling of symbolic links...

Source

On July 30,  Keonne Rodriguez and William Lonergan Hill, the co-founders of Samourai Wallet (“Samourai”), a cryptocurrency mixer that facilitated more than $200 million in illegal transactions, pleaded guilty before U.S. District Judge Denise L. Cote in New York. Rodriguez, the Chief Executive Officer of Samourai, and Hill, the Chief Technology Officer, pled guilty to...

Source