Cybersecurity News

Dark Web News Analysis A threat actor on a known cybercrime forum is advertising the sale of an exploit for CVE-2025-31324, a critical vulnerability in SAP NetWeaver. The seller, who is asking for a starting price of $20,000, is marketing this as a “1-day exploit.” This claim, if true, represents ...

Dark Web News Analysis A threat actor on a known cybercrime forum is advertising the alleged sale of a massive database compilation from Russia’s top job search platforms: SuperJob, HH.ru (HeadHunter), and Trudvsem. This is not a new breach. The seller explicitly dates the data to 2022. My analysis confirms ...

Dark Web News Analysis A threat actor on a known cybercrime forum is advertising the sale of a “1-day” exploit for CVE-2025-59287, a critical (CVSS 9.8) Remote Code Execution (RCE) vulnerability in Microsoft Windows Server Update Services (WSUS). This claim, if true, represents an immediate and catastrophic threat to any ...

Dark Web News Analysis A threat actor on a known cybercrime forum is advertising the sale of unauthorized Remote Desktop Web (RDWeb) access to a Canadian company. This is a classic Initial Access Broker (IAB) listing, representing an immediate and severe threat. The seller is not a ransomware group; they ...

Dark Web News Analysis A threat actor, identified as “@KaruHunters,” claims to have breached the Franklin County Engineer’s Office in Ohio, a government agency responsible for critical infrastructure and civil engineering projects. The group claims to have leaked 2,500 sensitive documents on a hacker forum. This claim, if true, represents ...

Dark Web News Analysis A threat actor on a known cybercrime forum is advertising the alleged leak of a database from Conasems (Conselho Nacional de Secretarias municipais de Saúde), Brazil’s National Council of Municipal Health Secretariats. This claim, if true, represents a critical, active data breach at the heart of ...

Dark Web News Analysis A threat actor on a known cybercrime forum is advertising the alleged sale of the entire GLPI IT system database from Eurofiber, a major European telecommunications and cloud infrastructure provider. This claim, if true, represents one of the most severe supply chain attacks imaginable. My analysis ...

Dark Web News Analysis A threat actor on a known cybercrime forum is advertising the alleged leak of data from “Corse GSM,” the premier independent mobile and fixed-line operator in Corsica, France. The data is reportedly being shared via a “BiteBlob” file link. This claim, if true, represents a critical, ...

Dark Web News Analysis A threat actor on a known cybercrime forum is advertising the alleged sale of a 77 GB database belonging to Iberia Airlines. This claim, if true, represents one of the most severe critical infrastructure breaches of the year, moving far beyond a simple PII leak into ...

Dark Web News Analysis A threat actor on a known cybercrime forum is advertising the alleged sale of a database containing over 158,000 rows of user information from Aiesec Canada. The data is being offered for $500. This claim, if true, represents a critical data breach of a high-profile international ...