In the underground forum landscape, there are actors who operate episodically, seeking a single media hit, and others who build an almost industrial pipeline of compromises over time, releasing technical...

The ransomware landscape is changing. The most exposed actors—LockBit, Hunters International, and Trigona—have paid the price for overexposure, including international operations, infiltrations, deliberate leaks, and operational collapses. After years dominated...

In recent days, the alleged data leak by Ernst & Young (EY) has become one of the most discussed topics in the international cybersecurity landscape. I decided to reconstruct the...

In 2025, port scanning remains a key activity for both Red Teams (reconnaissance, discovery, fingerprinting) and Blue Teams (monitoring and proactive defense). But the latest development is the arrival of...

A new post on the dark web offers full access to thousands of MySQL servers and databases owned by Italian shared hosting providers. In the last few hours, a new...

On September 20, 2025, at 11:52 PM, a thread titled “FRESH FTP LEAK” appeared on DarkForums , posted by user Hackfut . The material allegedly exposed access to FTP servers...

A déjà-vu with new implications. In May 2025, the LockBit ransomware collective suffered a severe blow: the defacement of the affiliate panel of version 4.0 by an unknown actor signing...

While the West battles ransomware attacks and private companies invest in defensive security, on the other side of the digital front, the war is being played out asymmetrically. On July...

Imagine opening your favorite forum bookmark, like every evening, to find new stealer variants or yet another batch of newly breached credentials. Instead of the usual noticeboard, a banner appears...

Un attacco informatico ai danni di Deloitte è stato rivendicato dal threat actor “303”, che ha pubblicato su un noto forum underground un post con il titolo inequivocabile: “Deloitte.com Source Code +...