X-Industry

Hackers are increasingly exploiting trusted artificial intelligence (AI) platforms like ChatGPT and Claude to turn them against their own users.  Recently, Hackread.com reported a flaw called ClaudeBleed, discovered by LayerX, which allowed unauthorized browser extensions to hijack Anthropic Claude’s interface.  Now, hackers are reportedly abusing official features of these AI tools to spread malware while easily evading web filters and security checks.[1]

The Fake Outage Trick - These observati

Artificial intelligence has become integral to contemporary cyber-attack planning and execution.  Recent research demonstrates how embedded AI systems now operate across organized cybercrime activities, fundamentally altering attack methodologies through increased speed and targeting precision.  Europol's 2026 threat assessment identifies the integration of automation and AI as a defining characteristic of modern cybercrime. Industry reporting indicates that AI vulnerabilities and AI-enabled fra

A new report from Google Threat Intelligence Group (GTIG) reveals a coordinated campaign exploiting an AI-generated zero-day vulnerability.  The attack targets an unnamed open-source web administration tool, using the flaw to bypass two-factor authentication (2FA).  The researchers say they identified an active threat actor utilizing large language models (LLMs) to actively discover and weaponize software vulnerabilities in the wild.

As the targeted flaw involves a high-level semantic logic bug

A Florida man who worked as a ransomware negotiator at a US cyber incident response firm has pleaded guilty to conspiring with the BlackCat/ALPHV ransomware group, feeding the attackers confidential information about his own clients while simultaneously negotiating on their behalf.  Angelo Martino, 41, of Land O'Lakes, Florida, admitted to providing BlackCat operators with clients' insurance policy limits and internal negotiation strategies without his employer's or clients' knowledge.  The oper

Hewlett Packard Enterprise (HPE) has released its inaugural cyber threat report, titled 'In the Wild', revealing a significant shift in the operational strategies of modern cyber adversaries.  Released on 17 March 2026, the research indicates that cybercrime groups are increasingly mirroring legitimate enterprise business models to maximize financial gain.  The report, based on an analysis of 1,186 active threat campaigns observed globally throughout 2025, suggests that the threat landscape has

A new report from blockchain data platform Chainalysis has revealed a significant rise in the use of cryptocurrency for illicit activities related to human trafficking.  The research indicates that cryptocurrency payments to suspected human trafficking services increased by 85% year-on-year in 2025, with the total value reaching hundreds of millions of dollars across the identified services.  The findings shed light on how criminal networks are adapting their financial operations, using digital

Social media has overtaken email as the primary channel for online scams in the UK, accounting for 34% of reported incidents according to recent research.  This shift highlights growing concerns over fraudulent content on platforms such as Facebook and Instagram, particularly in finance-related advertising.  A new analysis by BrokerChooser examined over 1,200 active finance-related ads in the Meta Ads Library to assess exposure to high-risk promotions across multiple countries.  The study classi

In 2025, the cybersecurity landscape revealed a pattern of opportunistic attacks exploiting familiar weaknesses, from unpatched devices to misconfigured cloud services. Criminal groups fragmented under pressure from law enforcement, while state actors amplified their reach through emerging tools.  Geopolitical tensions fueled targeted operations, with Russia focusing on Europe and Ukraine, and China expanding influence in Africa and South America.  Overall, the year saw a shift towards data thef

Europol has taken down the illegal cryptocurrency mixing service ‘Cryptomixer’, which is suspected of facilitating cybercrime and money laundering.  During the operation, which was conducted in conjunction with Swiss and German law enforcement, €25m ($30m) worth of the cryptocurrency Bitcoin was seized.  Action took place between 24-28 November 2025 in Zurich, Switzerland.

Three servers were seized, along with the cryptomixer.io domain.  The operation resulted in the confiscation of over 12 tera

The Russian government's relationship with its cybercriminal ecosystem has transitioned from passive tolerance to active state management, marking a strategic shift. This report, covering 2024–2025, details the "Dark Covenant 3.0," characterized by selective enforcement, choreographed arrests, and direct coordination between criminal leaders and Russian intelligence intermediaries.

Insikt Group found that Russia leverages these criminal groups as geopolitical tools, with detentions and releases

Cybercriminals are targeting trucking and logistics companies with remote monitoring tools to hijack cargo freight, researchers at cybersecurity company Proofpoint have found.  The hackers are collaborating with organized crime groups to compromise companies involved in the freight supply chain, the report stated, further fueling a significant increase in cargo theft in recent years.  The theft of goods in transit in the US increased by 27% in 2024 and is expected to rise by another 22% this yea

The FBI warned that attackers are spoofing the official Crime Complaint Center (IC3) website to steal personal data and commit financial fraud, targeting users who report cybercrimes.

The fake websites mimic the real IC3 domain by making slight changes in spelling or top-level domains, tricking users into submitting sensitive details such as names, addresses, emails, and banking information.  Victims may unknowingly land on these sites while trying to file cybercrime complaints, exposing them to

Cybersecurity researchers are warning of a "significant spike" in brute-force traffic aimed at Fortinet SSL VPN devices.  The coordinated activity, per threat intelligence firm GreyNoise, was observed on 03 August 2025, with over 780 unique IP addresses participating in the effort.  As many as 56 unique IP addresses have been detected over the past 24 hours.  All the IP addresses have been classified as malicious, with the IPs originating from the United States, Canada, Russia, and the Netherlan

Why hack when hackers are willing to sell guaranteed access to breached networks?  Increasingly, cybercrooks agree they would rather outsource than bother with the tedium of actual network penetration, leading to a flourishing initial access market.  Remote access to a victim's network now retails for an average price of $2,700, although about 40% of what's being sold goes for much less $500 to $1,000, noted in a report from cybersecurity firm Rapid7.   Research is based on listings posted over

Homeland Security Investigations (HSI), in partnership with US and international law enforcement agencies, has dismantled the infrastructure behind BlackSuit ransomware, a major cybercriminal group and successor to Royal ransomware, in a coordinated global operation.  The action targeted the backbone of the group's operations, including servers, domains, and digital assets used to deploy ransomware, extort victims, and launder proceeds.  According to US Immigration and Customs Enforcement (ICE),

The  Fortinet team recently investigated a cluster of virtual private servers (VPS) used for Monero mining.  The identified samples are associated with prior H2miner campaigns that researchers documented in 2020 and have since been updated with new configurations.  H2Miner is a Crypto mining botnet that has been active since late 2019.

Analysts also identified a new variant of the Lcryx ransomware, called Lcrypt0rx. Lcryx is a relatively new VBScript-based ransomware strain first observed in Nov

The Cybersecurity Team at SafetyDetectives has uncovered a post on a clear web forum where a threat actor claimed to be selling a database containing 61 million records allegedly belonging to Verizon customers.  The data, packaged in a 3.1 GB CSV/JSON file and dated as “2025,” was offered for purchase on a platform known for hosting discussions on database leaks, cracks, and downloads.  Clear web forums, accessible to anyone with an internet connection, are popular among hackers for sharing and

US insurance giant Allianz Life announced on July 26 that hackers had stolen the personal information of many of its customers, financial professionals, and select Allianz Life employees in the United States.  The insurance giant's filing with Maine's attorney general did not immediately provide the number of customers affected.  According to the filing, the data breach, which the company described as a hack, occurred on July 16 and was discovered on July 17. 

TechCrunch first reported the data

Attackers continue to exploit insecure DNS configurations to hijack domain names and redirect users to malicious sites for scams, malware distribution, and other nefarious activities.  Recently, a threat actor tracked by Infoblox as "Hazy Hawk" has been leveraging a different version of the attack vector to seize control of abandoned cloud resources, such as S3 buckets and Azure endpoints, linked to prominent organizations.  Infoblox observed the threat actor using the hijacked domains to host a

Businesses are more likely to face a costly cyber-crime attack than a robbery or fire this year as hackers continue to employ devious social-engineering skills to lure unsuspecting victims.  This reality has been highlighted in several reports by global cybersecurity experts who have analyzed cybercrimes, such as ransomware (where hackers encrypt and steal data), smishing (SMS link scams) and phishing (email link/attachment scams) in recent years and have warned that Artificial Intelligence (AI)