GOLD SALEM’s Warlock operation joins busy ransomware landscape
The emerging group demonstrates competent tradecraft using a familiar ransomware playbook and hints of ingenuity
Similar Posts
RedDelta Deploys PlugX Malware to Target Mongolia and Taiwan in Espionage Campaigns
Bys sMongolia, Taiwan, Myanmar, Vietnam, and Cambodia have been targeted by the China-nexus RedDelta threat actor to deliver a customized version of the PlugX backdoor between July 2023 and December 2024. “The group used lure documents themed around the 2024 Taiwanese presidential candidate Terry Gou, the Vietnamese National Holiday, flood protection in Mongolia, and meeting invitations,…
After a Massive Hack, Global Schools Group’s Negotiator Acted “Bizarrely.” It Didn’t End Well for Them.
Bys sThe bigger they are, the harder they fail? Global Schools Foundation (GSF) is a Singapore-headquartered, not-for-profit K–12 education organization. With a global network of schools, the foundation strives to provide world-class education to students across multiple countries. Global Schools Group (GSG), an initiative of GSF, manages and operates a network of 12 international school brands……
Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager
Bys sOracle has released security updates to address a critical security flaw impacting Identity Manager and Web Services Manager that could be exploited to achieve remote code execution. The vulnerability, tracked as CVE-2026-21992, carries a CVSS score of 9.8 out of a maximum of 10.0. “This vulnerability is remotely exploitable without authentication,” Oracle said in an…
Post Title
Bys sFRESH BREACH — LENA HEALTH BREACH PREVIEW — FULL LEAK COMING SOON by FulcrumSec – 10 hours ago Lena Health is a company the world will be better off without. To this end, we are working with a plaintiff attorney to contact the true victims of this breach, mostly patients of Lena’s main client, Houston Methodist Hospital, to 1)……
New “Kurd Hackers Forum” Focuses on Middle Eastern Data Breaches and Leaks
Bys sReza abasi notes that there is a new forum called the “Kurd Hacker Forum” that focuses on databreaches in Iran, Syria, and Turkey. The domain was registered January 28, 2026. The forum, which is on the clear net, looks like it has the same format as the classic BreachForums, with the same types of sections……
CISA Emergency Directive 25-03: Identify and Mitigate Potential Compromise of Cisco Devices
Bys sThis page contains a web-friendly version of the Cybersecurity and Infrastructure Security Agency’s Emergency Directive 25-03: Identify and Mitigate Potential Compromise of Cisco Devices. CISA is aware of an ongoing exploitation campaign by an advanced threat actor targeting Cisco Adaptive Security Appliances (ASA). The campaign is widespread and involves exploiting zero-day vulnerabilities to gain unauthenticated……