FBI BreachForums Takedown Halts Salesforce Extortion Campaign
The FBI BreachForums takedown marks another major win in the ongoing fight against cyber extortion. U.S. and international law enforcement seized the notorious BreachForums portal, a hub used to leak and sell data stolen from Salesforce and several global companies. The move aims to cripple the infrastructure of a criminal group linked to large-scale data theft and ransom operations. The
DarkBit Ransomware Cracked, Allowing Free Data Recovery
In a rare victory against cyber extortion, security researchers have managed to break the encryption used by DarkBit ransomware, offering victims a chance to regain access to their files at no cost. The malicious campaign, attributed to the Iranian state-sponsored group MuddyWater, had been targeting VMware ESXi servers, crippling operations for businesses and institutions alike. Ransomware attacks often leave victims
BlackSuit Ransomware Dismantled in a Global Operation
BlackSuit ransomware dismantled! That’s the headline echoing across cybersecurity circles after a sweeping international effort shut down one of the most prolific ransomware groups in recent years. The operation, called “Operation Checkmate,” was led by Homeland Security Investigations (HSI), with support from the FBI, Europol, and multiple global law enforcement partners. A Ruthless Successor to Royal BlackSuit first emerged in
SatanLock Ransomware Group Abruptly Shuts Down, Leaks Stolen Data
The notorious SatanLock ransomware gang has unexpectedly announced its shutdown. The announcement raises fresh questions about the shifting dynamics within the cybercriminal ecosystem. The gang revealed this on July 9, 2025, via the group’s dark web site and Telegram channel. It turns out they not only end their operations but also the decide to leak all victim files. A Short-Lived
Hunters International Ransomware Gang Announces Shutdown
The notorious ransomware-as-a-service (RaaS) operation Hunters International has officially announced its closure. They removed its data leak site and offered free decryptors to previous victims. However, cybersecurity experts warn that this may not be the end of the group. It might rather be a strategic rebranding under the new name "World Leaks." Hunters International Calls It Quits In a message
Operation Secure by Interpol Seizes Malicious 20,000 IPs
From January to April 2025, INTERPOL coordinated “Operation Secure,” a concerted strike on the technical backbone that fuels the global trade in stolen credentials. Working with cyber‑crime units from 26 Asia‑Pacific countries and telemetry from Group‑IB, Kaspersky and Trend Micro, investigators mapped more than 20,000 IP addresses and domains that funnelled loot from 69 different infostealer strains. By April’s end,
ViLE Members Sentenced for Breaching DEA Portal and Doxxing
In a chilling reminder of how digital tools can be weaponized for harassment and extortion, two members of the cybercrime group "ViLE" have been sentenced to federal prison after breaching a U.S. law enforcement portal and using stolen data to terrorize victims. Sagar Steven Singh, a 21-year-old from Rhode Island who operated under the alias “Weep,” and Nicholas Ceraolo, a
Operation Endgame: Europol Strikes a Blow to Ransomware
In a coordinated international crackdown, Europol, alongside law enforcement agencies from around the globe, has executed a sweeping operation that disrupted some of the world's most notorious ransomware operations. “Operation Endgame”, this large-scale effort resulted in the takedown of 300 servers, the neutralization of 650 domains, and the seizure of €3.5 million in cryptocurrency between May 19 and May 22,
