Dutch Server Raids Expose Infrastructure Ties to Russian Operations
Authorities seized 800 servers in a probe targeting individuals accused of facilitating cyberattacks through sanctioned networks.
Data breaches, ransomware payouts, and phishing operations rarely make the news until the damage is already done. This is where Xploitwire tracks the attackers — who they are, how they got in, and what it means for the organizations and people caught in the blast radius.
Authorities seized 800 servers in a probe targeting individuals accused of facilitating cyberattacks through sanctioned networks.
Researchers have identified a new vector where cloud-hosted AI infrastructure is being hijacked for illicit cryptocurrency operations.
Threat actors are weaponizing reservation-themed emails with container files to bypass modern Microsoft Office security protections.
A wide-ranging breakdown of recent cybersecurity disruptions, from intelligence agency offensives to critical enterprise data leaks.
A third-party security failure exposed customer data, forcing the retail giant to warn users about the heightened risk of phishing attacks.
An unnamed county allegedly bypassed federal guidance, paying a $1 million ransom to digital extortionists without any proof of data deletion.
International authorities and private tech firms have dismantled critical infrastructure fueling the Amadey and StealC malware networks.
Threat actors are weaponizing years-old accounts to map organizational structures and probe sensitive repositories via the GitHub API.
A flaw in Meta’s automated support system allowed attackers to hijack accounts by manipulating conversational AI workflows.
A key operative in the Ryuk ransomware syndicate faces serious prison time following a guilty plea in a Portland federal court.
A severe data exfiltration event at a New Jersey diagnostics firm highlights the evolving extortion tactics of the WorldLeaks group.
After a brief period of decline, ransomware activity has spiked as the dissolution of the Conti group fuels a new wave of attacks.
A credible security threat targeting ShareFile Storage Zone Controllers has prompted emergency shutdowns and ongoing investigations.
A professional ransomware negotiator faces a 70-month prison sentence after secretly colluding with attackers to extort his own clients.
A breach at Nelnet Servicing has compromised the personal information of millions, creating a prime target for future phishing.
UK authorities charge five individuals as they reveal the inner workings of a massive, sophisticated global spoofing operation.
Researchers identify over 130 firms compromised in a sprawling campaign that successfully bypassed traditional MFA protections.
A new subscription-based phishing service leverages device code theft and AI to bypass traditional security defenses.
A security incident at an IT service provider has resulted in the exposure of personal data for Lidl online shoppers across three countries.
A single exposed directory reveals how multiple threat actors leverage AiTM tools and OAuth abuse to compromise corporate accounts.
A decade-long developer's device, infected nearly a year ago, likely provided the gateway for a breach of the Argentine Football Association.
Threat actors are leveraging AI to refine and accelerate traditional attack chains, lowering the barrier to entry for complex operations.
New sanctions signal a firm shift in European policy as officials target the infrastructure-focused espionage activities of Moscow.
A recent security breach at the Miinto platform has left shoppers facing an increased risk of targeted phishing attacks.
Two British teenagers plead guilty, exposing the massive operational and financial toll of the notorious Scattered Spider hacking syndicate.
An Armenian hacker faces 15 years in prison after admitting to his role in the devastating Ryuk ransomware attacks on American targets.
GodDamn ransomware now exploits PoisonX, a Microsoft-signed kernel driver, to disable endpoint security, marking a critical escalation in evasion tactics.
Recent reports reveal a vast landscape of cyber threats, from international law enforcement combating social engineering at scale to sophisticated tactics undermining software integrity and user trust.
Forg365, a sophisticated phishing-as-a-service platform, now combines AI-assisted lure generation with advanced AiTM and device code methods to compromise Microsoft 365 accounts and maintain persistent access.
A sophisticated new group named Helix leverages identity-based phishing and MFA abuse to infiltrate corporate SharePoint environments, exfiltrating sensitive data for extortion or sale.