Ukrainian National Pleads GUILTY to Wire Fraud Conspiracy in Connection with Conti Ransomware: Conti Attacked Over 1,000 Victims, Resulting in at least $150 Million in Ransom Payments “The defendant and his conspirators used the Conti ransomware to terrorize people and businesses in the United States and around the world, causing millions of dollars in damage,” said @AAGDuva. “Ransomware continues to pose a threat to all business organizations, from critical infrastructure to small businesses. The Justice Department will continue to work with international partners to bring to justice anyone, anywhere who attacks the United States with ransomware.” Read more: justice.gov/opa/pr/ukrainian…

Romanian National Sentenced for Selling Access to Networks of Oregon State Government Office and Other U.S. Victims justice.gov/opa/pr/romanian-…

👀

First VPN service - an infamous VPN provider for cybercriminals, including ransomware, has been seized and taken down by law enforcement in Operation Saffron. operation-saffron.eu/# Check out the cool new video!

1/ We are sharing additional details regarding our investigation into unauthorized access to GitHub's internal repositories. Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version, isolated the endpoint, and began incident response immediately.

Did @Trellix pay Ransom House?

Martino pleaded guilty to extortion, and faces up to 20 years in prison. Authorities said they have already seized $10 million in assets from Martino. techcrunch.com/2026/04/21/ra…

Qilin ransomware is the #1 threat in Japan. 🇯🇵 Our blog breaks down their TTPs and provides 12 Sigma rules to help you detect them before encryption occurs: cs.co/6019B6WsJ5

in one week >npm axios attack >claude code leak >FBI director’s gmail hacked great time to be in security rn

This account flirts with being more bad than good. Now this🫠🫠 -- See post on open sources -- Screenshots and reposts with no analytical effort -- Often overinflats threat actor claim, giving them inflated exposure Chargers for content available from dozens of other sources

Mess with the best…

rmoskovy.github.io/posts/who… The developer: AELS / Lavander / CrazyMark He went by several names. On Exploit.in he was Lavander. On GitHub he was aels and Lavander, with profiles that link directly back to his Exploit.in account. On X he was @AelsMartin with a bio that just says “I’m alive.” On Telegram he was @CrazyMark, until that account went silent on July 9, 2023. On XSS.is he had been posting since 2012, mostly about corporate email harvesting and phishing, until the admins deleted most of it after banning him.

RT @BushidoToken: Decided to share this quick tool I vibe-coded, I'm finding it useful for my research Grab-Bulk-CVE-Details - An all-in-o…

This is worth watching. It refers to events that I followed very closely. The CEO of @Coaxis was extremely transparent with me. Cherry on the cake? You'll to hear from @orangecyberdef, @AShukuhi, @Jon__DiMaggio, or @intel_anastasia #lockbit #ransomware youtube.com/watch?v=0pchn3bk…

OSINT folks tracking the situation in the Middle East y'all need to stop talking in definitives... Noone has a full picture of the situation and cannot truly see in warfare. There is a reason intel folks use words of estimative probability.

RT @BushidoToken: Wtaf 😳

Looks like Killmilk is restarting Killnet. One of the most well-known pro-Russian hacktivist groups.

Google disrupts Chinese-linked hackers that attacked 53 groups globally reut.rs/4rxn4Xn reut.rs/4rxn4Xn