Dark Web Profile: Fox Kitten
Jun 15, 2026
Categories
Jun 15, 2026
Dark Web Profile: Fox Kitten
Dark Web Profile: Fox Kitten Fox Kitten stands out among Iranian Advanced Persistent Threat (APT) groups for operating on two tracks simultaneously: collecting intelligence for the Iranian regime whil...
Learn More
Jun 12, 2026
Dark Web Profile: Rock
Dark Web Profile: Rock Most Phishing-as-a-Service operations are run by a faceless brand. Rock is the opposite: a single developer who builds, maintains, and sells an entire phishing and remote access...
Learn More
Jun 11, 2026
Dark Web Profile: Tengu Ransomware (Shisa)
Dark Web Profile: Tengu Ransomware (Shisa) Despite a measured public persona, Tengu Ransomware operates as a financially motivated, well-organized threat. First observed in late 2025, the group emerge...
Learn More
Jun 05, 2026
Dark Web Profile: Vect Ransomware
Dark Web Profile: Vect Ransomware Most new ransomware operations spend their first months in the shadows, courting affiliates one at a time on closed forums. Vect did the opposite. Within four months ...
Learn More
Jun 02, 2026
Dark Web Profile: BlindEagle
Dark Web Profile: BlindEagle BlindEagle (APT-C-36 / AguilaCiega / TAG-144 / G0099 / APT-Q-98) is a threat actor believed to be operating from Latin America. Tracked since 2018, the group runs a hybrid...
Learn More
May 22, 2026
Dark Web Profile: CoinbaseCartel
Dark Web Profile: CoinbaseCartel CoinbaseCartel is a financially motivated threat actor that emerged on the Dark Web in September 2025. Unlike traditional ransomware groups, the group does not encrypt...
Learn More
May 13, 2026
Dark Web Profile: Keymous+
Dark Web Profile: Keymous+ Keymous Plus, also known as Keymous+ threat group, markets itself as a hacktivist collective fighting for humanity. What intelligence investigations have documented is struc...
Learn More
Apr 09, 2026
Dark Web Profile: TeamPCP
Dark Web Profile: TeamPCP TeamPCP is a financially motivated cybercriminal group that executed the most consequential open-source supply chain attack campaign of 2026, compromising security tools trus...
Learn More
Mar 17, 2026
Dark Web Profile: DieNet
Dark Web Profile: DieNet Every kinetic spike in the Iran-Israel confrontation is now mirrored by a surge of cyber activity. In this environment, DieNet has emerged as the single most prolific disrupti...
Learn More
Mar 13, 2026
Dark Web Profile: Handala Hack
Dark Web Profile: Handala Hack [Update] March 30, 2026: “FBI Director Personal Email Breach and Escalating Operations”, “Alleged Doxxing Campaign Targets Handala Members” Not every hacktivist group is...
Learn More
Mar 06, 2026
Dark Web Profile: APT41
Dark Web Profile: APT41 APT41 stands out in the threat landscape because it doesn’t stick to a single playbook. It has been repeatedly linked to both cyber espionage and financially motivated cybercri...
Learn More
Feb 27, 2026
Dark Web Profile: Andariel
Dark Web Profile: Andariel Andariel operates as a North Korea–linked threat group under the Reconnaissance General Bureau (RGB). Security researchers widely assess it as a sub-cluster of the Lazarus G...
Learn More
Feb 20, 2026
Dark Web Profile: Lotus Blossom
Dark Web Profile: Lotus Blossom Lotus Blossom is a long-running cyber espionage Advanced Persistent Threat (APT) group active since at least 2009 and widely attributed to the People’s Republic of Chin...
Learn More
Feb 17, 2026
Dark Web Profile: Sinobi Ransomware
Dark Web Profile: Sinobi Ransomware Sinobi Ransomware is a cybercrime operation that emerged in mid-2025, operating as a Ransomware-as-a-Service model. It is believed that the group is a rebrand or di...
Learn More
Feb 12, 2026
Dark Web Profile: The Gentlemen Ransomware
Dark Web Profile: The Gentlemen Ransomware Despite its polished name, The Gentlemen Ransomware shows little interest in playing nice. First observed in 2025, the group quickly established itself as a ...
Learn More
Feb 05, 2026
Dark Web Profile: 0APT Ransomware
Dark Web Profile: 0APT Ransomware 0APT, also recognized as the 0APT Syndicate, is a controversial Ransomware-as-a-Service operation that surfaced in late January 2026. The group rapidly gained notorie...
Learn More
Jan 26, 2026
Dark Web Profile: BravoX Ransomware
Dark Web Profile: BravoX Ransomware BravoX is an emerging Ransomware-as-a-Service (RaaS) operation that surfaced after the publication of a new TOR-based data leak site (DLS) following a forum post on...
Learn More
Jan 22, 2026
Dark Web Profile: Anubis Ransomware
Dark Web Profile: Anubis Ransomware Anubis (Sphinx) ransomware is a Ransomware-as-a-Service (RaaS) group that challenges one of the core assumptions of modern ransomware response: that recovery is alw...
Learn More
Jan 20, 2026
Dark Web Profile: APT28
Dark Web Profile: APT28 APT28 is one of the most tracked state-linked intrusion sets because its activity often aligns with major geopolitical events and long-running espionage goals. Also known as Fa...
Learn More
Jan 16, 2026
Dark Web Profile: Orion Ransomware
Dark Web Profile: Orion Ransomware Orion Ransomware is a newly observed operation identified after the detection of a previously unknown ransomware Data Leak Site (DLS) by SOCRadar. The group emerged ...
Learn More
