🔴🇨🇴El grupo de ransomware LockBit publica: A Casa Andina, es el principal distribuidor ferretero y de materiales de construcción del suroccidente colombiano. Con sede principal en Pasto y sucursales en Ipiales, ofrece herramientas, grifería, acabados y suministros. ⚠️Anteriormente, habia sido publicado por el ransomware The Gentlemen, en marzo de este año. #Lockbit #ciberataque #ciberseguridad #ransomware #Colombia #DarkWeb

Biggest hate crime in history. White collar criminals? @lockbit

🔥 Daily Ransomware Digest - Total 15 Victims Top Groups: LockBit - 7 victims NightSpire - 3 victims DragonForce - 1 victim Nova (RALord) - 1 victim Securotop - 1 victim Shadowbyt3s - 1 victim SLSH - 1 victim Top Attacked Countries: 🇺🇸 United States (5) 🇨🇳 China (1) 🇧🇷 Brazil (1) Top Attacked Industries: 🏭 Manufacturing 🚘 Automotive Parts Distribution 🏢 Real Estate LockBit led the day with 7 victims, followed by NightSpire with 3, while several other groups each struck once. Activity clustered heavily in the United States, with a broad distribution across sectors such as manufacturing and real estate. Notably, Shadowbyt3s listed Nintendo, a major multinational video game and consumer electronics company, while SLSH posted the Council of Europe.

A billion-dollar AI phishing factory, three years running, nine thousand fake websites. The floor just opened up under a significant chunk of PaaS cybercrime infrastructure. The FBI, Google, and Black Lotus Labs took down Outsider Enterprise — a Chinese-operated phishing-as-a-service platform active since at least 2023. Operation Riptide seized admin servers, a Shopify storefront used to fence stolen card data, and test accounts tied to a network that generated over one million fraudulent URLs across 9,000 brand-impersonation sites. 3.8 million credit card records stolen. Estimated losses: $1.9 billion. One of the largest PaaS cybercrime takedowns on record. The scale is the first thing worth sitting with. One million URLs is not a phishing campaign — it's phishing infrastructure. Traditional URL blocklists, operating at tens of thousands of entries with hours-to-days update cycles, are structurally outpaced by an operation that generates URLs faster than defenders can blackhole them. That's precisely what the AI generation layer does for the attacker. It doesn't make the phishing smarter; it makes the volume untenable. The carrier delivery vector is the second problem. Outsider Enterprise routed smishing campaigns through AT&T, T-Mobile, and Verizon simultaneously — all three major US networks. That's not a technical feat. It's a procurement feat. Bulk SMS abuse via gray-market aggregators has been an open wound in the US carrier ecosystem for years. It always does. The Shopify storefront is the detail that deserves more attention than it will get. This operation wasn't just stealing credentials — it was running a full monetization pipeline. Stolen card data sold through a legitimate e-commerce platform, seized as part of the action, which means it survived long enough to attract FBI attention and legal process. The complete loop — phish, steal, sell — was industrialized. That's a business, not a tool. The $1.9 billion figure is an FBI estimate, and cybercrime loss quantification carries wide confidence intervals by nature. Even at a fraction of that number, the 3.8 million card records map to real people, real accounts, real fraud disputes. They're not an abstraction. What the takedown didn't do: announce arrests. Operation Riptide seized infrastructure. The operators are still at large unless there's a sealed indictment or bilateral cooperation not yet disclosed. PaaS cybercrime operations with Chinese infrastructure have a documented pattern of reconstituting after law enforcement action — often within weeks. This is the LockBit playbook applied to phishing-as-a-service. Outsider Enterprise 2.0 is a question of when, not if. For enterprise security teams, the practical read is this: AI-generated brand impersonation content is increasingly indistinguishable from legitimate communications at the visual layer. The "spot the bad grammar" awareness training model is structurally obsolete. The control that matters now is FIDO2/passkey authentication — credentials that can't be phished because they never leave the device. This story lands 24 hours after the Anthropic export control directive. The AI-offensive pipeline isn't converging toward the billion-dollar scale. It's already there.

Seeking Truth on the targeted murders of 1977 Camp Scott and Operation Chaos and the pictures used then to target me, already illegal, and @SpeakerJohnson proposing illegal measures based on Constitution, Invasion of Privacy 2nd Torts - FOR RACKATEERING IS THE ISSUE, like alleged of the 88 and 34 pending of @realDonaldTrump ? What is the legal basis of his double crimes in rackateering in cyber mafia? @UN violations of Cryptocurrency Agreements, and @UN_HRC and @UN_Women? The federal investigation since 2023 is still ongoing and placed in October 2023 under @JoeBiden Admin as an Expert Theologian and Investor with @StateDept and @SecBlinken related before @AGPamBondi extorted 31 Million of my Mac to Naples alleged in the invvestigation in 2026 with a Mr. Mars Atty Transportation with questionable guests from Austin, TX of "Big Daddy" and alcohol boxes? @SenTedCruz what do you know since related to @charliekirk11 and plagiarism Dec 2024 on Sabbath of my 16 years writings and doctoral work and the @OpenAI death Nov 2024? - @HeatherHar89660 -@HeatherRogero cc: @AGJamesUthmeier is involved in Insurance matters of fraud from @SenTomCotton -@AsaHutchinson related @lockbit @IDXPrivacy and Lucas Todd murder Aug 1 -2019 with Epstein right after during @HeatherRogero v @SecAzar 19-5657 USSC, then targeted 2023 and laptop stolen, blackmail attempt by @Sector7 carjacker for @blueorigin and @realDonaldTrump and @SpaceX in Fulton CO related where my Great Aunt Delma born related to UK monarchy lines at birth and YOUNGBLOOD-HARRINGTON grandparents and Fed gov moving 1964 after 1963 Kennedy Assassin, 1969, 1999, 2025 all related to HARRINGTON-YOUNGBLOOD/Kennedy and tech of Kennedy on Hinton related to Trumps organized crime in DOJ email of his scheme of launder. And @POTUS44 only because 2nd double of me and one of the murders being Michele Heather, like Farmer, which Maxwell targeted girls based on 2nd doubles of @HeatherHar89660 like Melania, only after Heather's last trip through Heathrow and India in 1994. Need a whole team as I was hacked by Russia in 2016 based on my 9 expert witnessed in Fed VICP and my bloodline of both Sophias. And coded at age 4 used by Obama in frauds or violation of First Amendment, 2nd Torts violation under Invasion of Privacy False light of CIA Kathy in @epsteinsearchin, and @Beyonce related and alleged crypto extortion by @NICKIMINAJ 2023 with "Pig Boy" pig butchering by @GovRonDeSantis for Sheriffs of HARRINGTON-ROGERO, USSC 19-5657? Trump shows 52 years of organized crime related to @epsteinsearchin with alleged pay-for-play that US vv Trump alleged to have information. And @JoeBiden desires to cover up evidence from DOJ? Let's just resolve this please. Rev Heather Dawn Harrington - Rogero children and changed my name in 2021 back to maiden setting off the Mar-A-Largo National Archives by Biden and related to Jessica Aber death on the case since 2015. Jeffrey art depicts Operation Chaos, New York, and Hot Air Balloon, related to 1972-1973 and targeting 4 generations related to Brooklyn and Federal Reserve and Gold. No legal conclusions, only facts. Application is also related.

📢 Ransomware Alert: 🇩🇪 PROBAT Bau AG (probat.ag), a Germany-based Construction Company has reportedly fallen victim to LOCKBIT 5.0 Ransomware. NB: The group intends to publish the data within 14-15 days. 🔍Key Details: 🛡️Threat actor: LOCKBIT 5.0 📅 Reported on: 14/06/26

‼️𝗣𝗥𝗢𝗕𝗔𝗧 𝗕𝗮𝘂 𝗔𝗚 𝗳𝗮𝗹𝗹𝘀 𝘃𝗶𝗰𝘁𝗶𝗺 𝘁𝗼 𝗟𝗢𝗖𝗞𝗕𝗜𝗧 𝟱.𝟬 𝗥𝗮𝗻𝘀𝗼𝗺𝘄𝗮𝗿𝗲 Country: Germany 🇩🇪 Industry: Building and Construction Site: probat.ag The group claims to have obtained organization's data and intend to publish it within 14-15 days. Follow @CyberXlx9q for more insights

🚨 Ransomware Alert 🚨 LockBit 5.0 ransomware group has added 3 new victims to their dark web portal. •Ag360 🇨🇦 •AB&W Innovation Co., Ltd. 🇹🇭 •5 de Agosto 🇧🇷

Originally from Flare: Ransomware-as-a-Service: LockBit Alumni Launch Competing Programs as Ecosystem Consolidates in Q1 2026 flare.io/learn/resources/blo… ( :-{ı▓ #flare #CTI #cyberresearch

👾 Ransomware Alert: LockBit 5.0 Activity LockBit 5.0 has added multiple new victims to its dark web leak site. 🎯 Newly listed organizations include: • Defcon 5 S.r.l 🇮🇹 • Vitex Pharmaceuticals 🇦🇺 • Consorzio Selenia 🇮🇹 • Aplast 🇷🇴 • Shun Hing Group 🇭🇰 • Vitropor 🇵🇹 • Villa Romane 🇫🇷 • Pegasus S.r.l 🇮🇹 • MEYZIE TP 🇫🇷 • Mesto Jemnice 🇨🇿 ⚠️ Listings indicate potential data exfiltration and extortion phase Organizations should: • Verify exposure immediately • Monitor for data leaks • Activate incident response #LockBit #Ransomware #CyberThreats #DataBreach #CyberSecurity

🚨 Ransomware Alert 🚨 LockBit 5.0 ransomware group has added 3 new victims to their dark web portal. •Casa Andina SAS 🇨🇴 •Asia Motor Services Center 🇹🇭 •Elematic 🇫🇮

🔥 Daily Ransomware Digest - Total 12 Victims Top Groups: LockBit - 7 victims 3AM - 1 victim Krybit - 1 victim Payload - 1 victim Shadowbyt3s - 1 victim Stormous - 1 victim Top Attacked Countries: 🇲🇾 Malaysia (2) 🇨🇳 China (2) 🇯🇵 Japan (1) Top Attacked Industries: 🎮 Video Games and Electronics ⚖️ Legal Services 💻 Information Technology and Services LockBit led the day with seven victims, while 3AM, Krybit, Payload, Shadowbyt3s, and Stormous followed with one attack each. Ransomware activity clustered in Asia, particularly impacting Malaysia and China. Among the targets, Shadowbyt3s listed Nintendo company, a major Japanese multinational video game and consumer electronics manufacturer.

Each profile includes negotiation tone, pricing tactics, linguistic IOCs links to all three sources. New JSON indexes: notes_mapping · operational_mapping · ransomwarelive_index Top volume: Akira (60) · LockBit 3.0 (42) · Conti (32) · REvil (20). For research, defense & CTI.

📢 Ransomware Alert: Eternal Beauty Holdings Limited 🇭🇰 Eternal Beauty Holdings Limited (eternal.hk), a Hong Kong-based beauty and fragrance retailer and distributor, has reportedly fallen victim to LOCKBIT 5.0 ransomware. NB: The threat actor intends to publish the data within 8–9 days. 🔍 Key Details: 🛡️ Threat actor: LOCKBIT 5.0 📅 Reported on: 13/06/26

Lorsqu'un groupe de hackers internationaux comme LockBit paralyse des hôpitaux, les mandats d'arrêt internationaux s'appuient sur les mêmes règles d'extradition créées pour la piraterie Et Forcer un hacker russe à être, lui aussi, appelé à la barre d'un tribunal occidental

LockBit just listed Eternal Beauty Holdings, the largest perfume retailer in China, Hong Kong and Macau and the distributor behind 70 luxury brands including Hermes and Chopard (FY2025 revenue CNY 2.08B). Notable for one reason: this is the brand that survived Operation Cronos. Eighteen months after the takedown, LockBit 5.0 is still landing marquee names. Deadline set for 21 June, nothing published yet.