Ransomware 3.0: The Autonomous Threat That Changed Everything
Ransomware 3.0: The Autonomous Threat That Changed Everything Ransomware has changed a lot over time and gone through major shifts, it’s now “Ransomware 3.0.” The changes across the years explain why ...
Financial Crime in 2026: How Organized Threat Ecosystems Are Outsmarti...
Financial Crime in 2026: How Organized Threat Ecosystems Are Outsmarting AML Controls Financial crime has changed dramatically over the last few years. Fraud is no longer driven primarily by isolated ...
Dark Web Profile: DieNet
Dark Web Profile: DieNet Every kinetic spike in the Iran-Israel confrontation is now mirrored by a surge of cyber activity. In this environment, DieNet has emerged as the single most prolific disrupti...
Alleged Adidas & ICFES Leaks, Belgian Banking Sale, PayPal Recruitment...
Alleged Adidas & ICFES Leaks, Belgian Banking Sale, PayPal Recruitment & 7.2M Card Listing SOCRadar’s Dark Web Team identified several new underground posts this week, including an alleged Adi...
U.S. Tax Season: How Threat Actors Exploit IRS Phishing, W-2 Fraud, an...
U.S. Tax Season: How Threat Actors Exploit IRS Phishing, W-2 Fraud, and Dark Web Activity Every year, the U.S. tax filing period brings a surge of financial activity, sensitive data exchanges, and inc...
Dark Web Profile: Handala Hack
Dark Web Profile: Handala Hack [Update] March 30, 2026: “FBI Director Personal Email Breach and Escalating Operations”, “Alleged Doxxing Campaign Targets Handala Members” Not every hacktivist group is...
Alleged FNATH, AT&T, Rapikom, Canva, and Canada Data Listings Plus Win...
Alleged FNATH, AT&T, Rapikom, Canva, and Canada Data Listings Plus Windows Bot Rental SOCRadar’s Dark Web Team identified several new underground posts this week, including alleged database sales ...
Iranian APT MuddyWater Uses Dindoor Malware to Target U.S. Networks
Iranian APT MuddyWater Uses Dindoor Malware to Target U.S. Networks A recently uncovered cyber espionage campaign attributed to the Iranian state-linked threat group MuddyWater has drawn attention fro...
Dark Web Profile: APT41
Dark Web Profile: APT41 APT41 stands out in the threat landscape because it doesn’t stick to a single playbook. It has been repeatedly linked to both cyber espionage and financially motivated cybercri...
Alleged Eholo, OptimizerAI, PlayStation, Florajet, Coinbase Data and M...
Alleged Eholo, OptimizerAI, PlayStation, Florajet, Coinbase Data and MalFactory Stealer Sale Surface SOCRadar’s Dark Web Team identified several new underground posts this week, including alleged data...
What Dark Web Chatter Tells Us About Threats U.S. Firms Are Facing
What Dark Web Chatter Tells Us About Threats U.S. Firms Are Facing The cyber threat landscape targeting the United States is not shaped by isolated incidents or opportunistic actors alone. It is incre...
How to Cut Through Dark Web Noise and Focus on Threats That Actually T...
How to Cut Through Dark Web Noise and Focus on Threats That Actually Target You Cyber environment produces more data than security teams can realistically process. As cybercriminal operations evolve i...
Dark Web Profile: Andariel
Dark Web Profile: Andariel Andariel operates as a North Korea–linked threat group under the Reconnaissance General Bureau (RGB). Security researchers widely assess it as a sub-cluster of the Lazarus G...
Alleged Wendy’s Franchise Data Listing, WhatsApp Exploit, and Origin G...
Alleged Wendy’s Franchise Data Listing, WhatsApp Exploit, and Origin GPT Surface on Forums SOCRadar’s Dark Web Team identified several new underground posts this week, including an alleged Wendy’s fra...
Dark Web Profile: Lotus Blossom
Dark Web Profile: Lotus Blossom Lotus Blossom is a long-running cyber espionage Advanced Persistent Threat (APT) group active since at least 2009 and widely attributed to the People’s Republic of Chin...
Dark Web Profile: Sinobi Ransomware
Dark Web Profile: Sinobi Ransomware Sinobi Ransomware is a cybercrime operation that emerged in mid-2025, operating as a Ransomware-as-a-Service model. It is believed that the group is a rebrand or di...
Alleged Discord Exploit Sale & WormGPT Database Leak Detected
Alleged Discord Exploit Sale & WormGPT Database Leak Detected SOCRadar’s Dark Web Team identified several new underground posts this week, including an alleged Discord zero-day RCE exploit sale, a...
Dark Web Profile: The Gentlemen Ransomware
Dark Web Profile: The Gentlemen Ransomware Despite its polished name, The Gentlemen Ransomware shows little interest in playing nice. First observed in 2025, the group quickly established itself as a ...
Alleged Suno Data, Card Dump, ASUS Records & Air France Access Sale
Alleged Suno Data, Card Dump, ASUS Records & Air France Access Sale SOCRadar’s Dark Web Team identified several new underground listings this week, including an alleged database and source code sa...
Dark Web Profile: 0APT Ransomware
Dark Web Profile: 0APT Ransomware 0APT, also recognized as the 0APT Syndicate, is a controversial Ransomware-as-a-Service operation that surfaced in late January 2026. The group rapidly gained notorie...