Dark Web Profile: 0APT Ransomware
Dark Web Profile: 0APT Ransomware 0APT, also recognized as the 0APT Syndicate, is a controversial Ransomware-as-a-Service operation that surfaced in late January 2026. The group rapidly gained notorie...
Dark Web Posts Claim Argaam User Data, Paage Records, and Airport Data...
Dark Web Posts Claim Argaam User Data, Paage Records, and Airport Database SOCRadar’s Dark Web Team identified several new underground listings this week, including alleged database sales linked to Ar...
Alleged Axtria & Salesfloor Data Leaks Surface on Dark Web
Alleged Axtria & Salesfloor Data Leaks Surface on Dark Web SOCRadar’s Dark Web Team identified several new underground posts this week, including alleged data leaks involving Axtria and Salesfloor...
Dark Web Profile: BravoX Ransomware
Dark Web Profile: BravoX Ransomware BravoX is an emerging Ransomware-as-a-Service (RaaS) operation that surfaced after the publication of a new TOR-based data leak site (DLS) following a forum post on...
How Security Teams Track Threat Actor Activity on Telegram Without Joi...
How Security Teams Track Threat Actor Activity on Telegram Without Joining Risky Channels Over the past decade, the cybercrime ecosystem has undergone a clear migration. What once operated mainly thro...
Dark Web Profile: Anubis Ransomware
Dark Web Profile: Anubis Ransomware Anubis (Sphinx) ransomware is a Ransomware-as-a-Service (RaaS) group that challenges one of the core assumptions of modern ransomware response: that recovery is alw...
Dark Web Profile: APT28
Dark Web Profile: APT28 APT28 is one of the most tracked state-linked intrusion sets because its activity often aligns with major geopolitical events and long-running espionage goals. Also known as Fa...
Multiple Database Leak Claims Involve JobsGO, MyVete, PIXPAY, and Fond...
Multiple Database Leak Claims Involve JobsGO, MyVete, PIXPAY, and Fondasol SOCRadar’s Dark Web Team identified multiple new data leak claims this week involving recruitment, veterinary, payment, and e...
Dark Web Profile: Orion Ransomware
Dark Web Profile: Orion Ransomware Orion Ransomware is a newly observed operation identified after the detection of a previously unknown ransomware Data Leak Site (DLS) by SOCRadar. The group emerged ...
Alleged n8n Exploit, iOS Full-Chain Sale, and Instagram Data
Alleged n8n Exploit, iOS Full-Chain Sale, and Instagram Data SOCRadar’s Dark Web Team identified several new underground posts this week, including a broad “hacking service” offering, an alleged explo...
Top 10 APT Groups in 2025
Top 10 APT Groups in 2025 Advanced Persistent Threats, known as APTs, represent some of the most capable cyber adversaries. These groups are often state-backed or part of well funded organizations and...
Top 10 Ransomware Groups of 2025
Top 10 Ransomware Groups of 2025 The Top 10 Ransomware Groups of 2025 illustrate how the ransomware ecosystem changed in structure rather than simply growing in volume. After the disruption of dominan...
NordVPN Dev Data Leak, Crow Stealer Tool & Large Data Listings
NordVPN Dev Data Leak, Crow Stealer Tool & Large Data Listings SOCRadar’s Dark Web Team identified several new underground posts this week, including a threat actor claim involving alleged interna...
Banco Vimenca, WIRED, and Government Data Leaks Surface on Dark Web
Banco Vimenca, WIRED, and Government Data Leaks Surface on Dark Web SOCRadar’s Dark Web Team identified several high-profile data leak claims this week, including alleged exposures affecting Banco Vim...
Dark Web Forum: RAMP
Dark Web Forum: RAMP RAMP (Russian Anonymous Marketplace) is one of the most active and strategically significant ransomware forums on the dark web. Originally launched to connect ransomware operators...
PSN Satellite Data Re-Listed, CryptoRipper Tool, and Chromium 0-Day Ad...
PSN Satellite Data Re-Listed, CryptoRipper Tool, and Chromium 0-Day Advertised SOCRadar’s Dark Web Team observed several new underground listings this week, including a re-surfaced data sale claim inv...
Rolladen Planet Data Sale, Windows 0-Day, and New macOS RAT Detected
Rolladen Planet Data Sale, Windows 0-Day, and New macOS RAT Detected SOCRadar’s Dark Web Team identified several new underground listings this week, including an alleged customer database sale linked ...
Top 10 Cybercrime Law Enforcement Operations of 2025
Top 10 Cybercrime Law Enforcement Operations of 2025 This report highlights a set of major law enforcement operations from 2025 that we selected for their substantial CTI value. Like last year’s revie...
Weapon Bot Toolkit, MadLicense Exploit Demand, and 413K Credit Cards O...
Weapon Bot Toolkit, MadLicense Exploit Demand, and 413K Credit Cards Observed SOCRadar’s Dark Web Team identified multiple underground posts this week, including a major auction for global credit card...
Riyadh Airports Access Claim, Golden Goose Trojan, and NEWSAN Leak Sur...
Riyadh Airports Access Claim, Golden Goose Trojan, and NEWSAN Leak Surface Online SOCRadar’s Dark Web Team identified several notable underground posts this week, including alleged unauthorized access...