Dark Web Profile: SafePay Ransomware
Dark Web Profile: SafePay Ransomware SafePay is a ransomware group first observed around September 2024. It encrypts files and demands a cryptocurrency payment to restore access. The group behind it a...
Dark Web Activity Targets MEXC Global, Pandora Joias, Tea App, and Exp...
Dark Web Activity Targets MEXC Global, Pandora Joias, Tea App, and Expands Smoke Loader Reach SOCRadar Dark Web Team has observed several high-impact cybercrime developments over the past week. Threat...
Cybercriminal Listings Target Fujitsu, Baxter Kelly, AGX Financeira, a...
Cybercriminal Listings Target Fujitsu, Baxter Kelly, AGX Financeira, and a Belgian IT Platform SOCRadar’s Dark Web Team has observed several new listings involving unauthorized access sales and data b...
Dark Web Profile: CrazyHunter Ransomware
Dark Web Profile: CrazyHunter Ransomware On February 9, 2025, Taiwan MacKay Memorial Hospital suffered a major ransomware attack. It hit the emergency and outpatient systems at both the Taipei and Tam...
Dark Web Profile: APT36
Dark Web Profile: APT36 APT36 is a Pakistan-linked state-sponsored cyber-espionage group active since at least 2013. With a persistent focus on Indian military, diplomatic, and critical infrastructure...
BitMart Breach, Naver Leak, qTox Exploit, and Credit Card Sales Detect...
BitMart Breach, Naver Leak, qTox Exploit, and Credit Card Sales Detected on Dark Web Threat actors remain highly active across dark web forums, with SOCRadar’s Dark Web Team uncovering multiple alarmi...
What Are the Main Benefits of Dark Web Monitoring?
What Are the Main Benefits of Dark Web Monitoring? Cybercriminals sell stolen data, attack tools, and insider information on hidden platforms across the Dark Web. If your company doesn’t monitor these...
Dark Web Profile: Arkana Ransomware
Dark Web Profile: Arkana Ransomware Arkana Ransomware emerged in early 2025, made its debut with a bold attack on WideOpenWest (WOW!), a U.S. internet provider, in late March 2025. The group claimed t...
What Is a Dark Web Monitoring API?
What Is a Dark Web Monitoring API? A Dark Web Monitoring API is a tool that enables organizations to automatically detect stolen credentials, leaked data, and other cyber threats hidden within dark we...
How Does Dark Web Monitoring Work? A Step-by-Step Overview
How Does Dark Web Monitoring Work? A Step-by-Step Overview Dark web monitoring helps organizations detect stolen data, compromised credentials, and brand misuse by tracking activity across hidden foru...
SSO 0-Day & Fortinet Exploits, Allianz Breach, Social Media Ban Servic...
SSO 0-Day & Fortinet Exploits, Allianz Breach, Social Media Ban Service Listed on Dark Web SOCRadar’s Dark Web Team has identified a fresh batch of alarming listings on underground forums. This we...
Dark Web Posts Advertise Access to British Firms & Data from Brazil, F...
Dark Web Posts Advertise Access to British Firms & Data from Brazil, France, and CETDIGIT [Update] July 8, 2025: Added clarification from CETDIGIT that no sensitive or financial data was exposed.*...
Dark Peep #19: IntelBroker Indicted, and Ransomware Goes Corporate
Dark Peep #19: IntelBroker Indicted, and Ransomware Goes Corporate The Dark Web never sleeps—and neither do its actors. In this edition, we explore a string of developments shaping the cyber threat la...
What Are Initial Access Brokers (IABs)?
What Are Initial Access Brokers (IABs)? Cyberattacks rarely begin with encryption or data theft. They often start with a quiet exchange: one threat actor selling unauthorized access to a compromised n...
Android Root Exploit, Oracle EBS Flaw, Crypto Logins, and Cisco Access...
Android Root Exploit, Oracle EBS Flaw, Crypto Logins, and Cisco Access Posted for Sale SOCRadar’s Dark Web Team has identified several new posts on underground forums offering high-value exploits, acc...
New Alleged Leaks Hit Vodafone Egypt, SAP Israel, OKX, and T-Mobile US
New Alleged Leaks Hit Vodafone Egypt, SAP Israel, OKX, and T-Mobile US SOCRadar’s Dark Web Team has detected multiple alleged database listings this week involving high-profile companies across teleco...
Dark Web Profile: DragonForce Ransomware
Dark Web Profile: DragonForce Ransomware June 12, 2025: The blog content has been fully updated. DragonForce Ransomware has emerged as an intriguing adversary. Known for its prom...
Fusion Stealer Rises, Android 0-Day for Sale, EDF Leak Exposed
Fusion Stealer Rises, Android 0-Day for Sale, EDF Leak Exposed SOCRadar’s Dark Web Team has uncovered a series of concerning cybercriminal offerings this week, ranging from an alleged Android 0-day ex...
Top Stealer Log Telegram Channels
Top Stealer Log Telegram Channels Telegram has become a widely used tool among cybercriminals involved in the collection and trade of infostealer logs. These logs, obtained by malware designed to stea...
New Alleged Breaches: Bank Banten Customer Data, Deloitte Source Code,...
New Alleged Breaches: Bank Banten Customer Data, Deloitte Source Code, and TotalEnergies France Cybercriminal activity across the Dark Web continues to highlight the vulnerability of organizations and...