Sharpening the knife: GOLD BLADE’s strategic evolution
Updates include novel abuse of recruitment platforms, modified infection chains, and expansion into a hybrid operation that combines data theft and ransomware deployment
Similar Posts
Critical Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain Attacks
Bys sCybersecurity researchers have disclosed a critical vulnerability in the Open VSX Registry (“open-vsx[.]org”) that, if successfully exploited, could have enabled attackers to take control of the entire Visual Studio Code extensions marketplace, posing a severe supply chain risk. “This vulnerability provides attackers full control over the entire extensions marketplace, and in turn, full control
Head of US Cybersecurity Agency Says She Hopes It Keeps up Election Work Under Trump
Bys sJen Easterly hopes CISA is allowed to continue its election-related work under new leadership despite “contentiousness” around that part of its mission. The post Head of US Cybersecurity Agency Says She Hopes It Keeps up Election Work Under Trump appeared first on SecurityWeek.
How to Integrate AI into Modern SOC Workflows
Bys sArtificial intelligence (AI) is making its way into security operations quickly, but many practitioners are still struggling to turn early experimentation into consistent operational value. This is because SOCs are adopting AI without an intentional approach to operational integration. Some teams treat it as a shortcut for broken processes. Others attempt to apply machine learning…
Authorities Seize Domains of Popular Hacking Forums in Major Cybercrime Crackdown
Bys sAn international law enforcement operation has dismantled the domains associated with various online platforms linked to cybercrime such as Cracked, Nulled, Sellix, and StarkRDP. The effort has targeted the following domains – www.cracked.io www.nulled.to www.mysellix.io www.sellix.io www.starkrdp.io Visitors to these websites are now greeted by a seizure banner that says they were confiscated
Some good news: downstream victims of mass data theft campaigns are less likely to pay — incident responders
Bys sMathew J. Schwartz reports: The Clop digital extortion gang for years perfected a method for wringing tens of millions out of cybercrime. Find a zero-day flaw, often in file transfer software, swarm vulnerable networks and post online the sensitive data of any victim unwilling to pay for a promise of data deletion. The Russian-speaking ransomware……
222,000 customer records allegedly from Manhattan Parking Group leaked
Bys sData allegedly from Manhattan Parking Group has been leaked on a hacking forum. The listing claims that the breach occurred this month (June 2025). The data fields include: Customer ID, First Name, Last Name, E-mail, Cell Phone Number, Order Number, Company Code, Garage, Date From, Time From, Date To, Time To, Vehicle Type, Options, Vehicle…