marketplace
-
Supply Chain Compromises: TeamPCP’s Latest Jenkins AST Plugin Takedown Targets Checkmarx Users
The software supply chain continues to be a high-value attack surface, and TeamPCP is proving it knows exactly how to…
Read More » -
Operational Takedown: Law Enforcement Dismantles Relaunched ‘Crimenetwork’ Darknet Marketplace
In a decisive blow against the resilience of darknet ecosystems, international law enforcement agencies have successfully neutralized the relaunched iteration…
Read More » -
The Rise of “Darkhub”: Analyzing a New Multi-Vector Hacking-for-Hire Marketplace
A sophisticated new player has emerged within the dark web ecosystem: Darkhub. This platform, operating via the Tor network, functions…
Read More » -
Exploiting the Trust Gap: How Phantom Devices Bypass Microsoft Entra ID Conditional Access
In a recent high-fidelity red team engagement conducted by Howler Cell, security researchers uncovered a sophisticated attack vector capable of…
Read More » -
The Evolution of Deception: Unmasking North Korean ‘Laptop Farms’ and Remote Work Infiltration
North Korean threat actors are refining a high-stakes social engineering playbook, leveraging the global shift toward remote work to bypass…
Read More » -
Stealth by Design: Unpacking the Sophisticated ‘Stealtok’ Malicious Extension Campaign
In a sobering reminder of how easily trust can be exploited, security researchers at LayerX have exposed a highly coordinated…
Read More » -
Massive WordPress Supply Chain Attack: 30+ Plugins Compromised in Silent Backdoor Operation
A sophisticated supply chain attack targeting WordPress users lay dormant for nearly eight months before activating, ultimately compromising core configuration…
Read More » -
Masjesu Botnet Targets Routers in Commercial DDoS Attacks
Hackers are abusing the Masjesu botnet to run high-volume DDoS-for-hire attacks against routers, gateways, and other exposed IoT infrastructure, turning…
Read More » -
Leak Bazaar Converts Stolen Corporate Data Into Organized Criminal Marketplace
A new cybercriminal service named “Leak Bazaar” has emerged on the Russian-speaking TierOne forum, advertised by user Snow of SnowTeam…
Read More » -
SurxRAT Android Malware Uses LLMs for Phishing and Data Theft
A new Android Remote Access Trojan (RAT) named SurxRAT, which is being sold as a commercial malware platform through a…
Read More » -
Sprocket Security Earns Repeat Recognition in G2’s Winter 2025 Penetration Testing Index
Madison, United States, December 5th, 2025, CyberNewsWire Sprocket Security is proud to announce that it has once again been recognized…
Read More » -
Hackers Use Salesforce Gainsight Breach to Access Data from More Than 200 Companies
Salesforce has disclosed a significant security incident involving unauthorized access to customer data through compromised Gainsight-published applications. The breach, detected…
Read More » -
Open VSX Registry Responds to Leaked Tokens and Malicious Extension Incident
The Open VSX team and Eclipse Foundation have addressed a significant security incident involving leaked authentication tokens and malicious extensions…
Read More » -
Authorities Shut Down Cybercrime-as-a-Service, Seize 40,000 SIM Cards
Law enforcement authorities across Europe have dismantled a sophisticated cybercrime-as-a-service operation that enabled criminals to commit widespread fraud and other…
Read More »