FortiBleed exposed cracked admin passwords for around 75,000 Fortinet firewalls across 194 countries, roughly half the internet-facing fleet. There is no new zero-day. It is config exports, weak hashing, and recycled credentials, packaged as a sales catalog.
FulcrumSec says it stole 1.3 TB from Novo Nordisk, including internal AI models and clinical-trial data, and wants $25M. We pulled the leak-site listing and the stealer logs. The credentials were leaking for months.
Washington cut Fable 5 and Mythos 5 for every foreigner. Meanwhile 34,814 stolen Claude sessions and 74,114 ChatGPT cookies already sit in infostealer logs. A citizenship gate is just KYC, and KYC loses.
The Gentlemen RaaS has listed 483 victims across 66 countries since 2025. A leaked chat log, live tracker data, and infostealer records show how the crew scaled.
Lumma now leads the infostealer ecosystem in 2026, after Operation Magnus took out RedLine and META in late 2024. RedLine’s…
A stealer log is the data dump that an infostealer malware produces after it compromises a device. It typically contains…
We analysed 16,699 ransomware leak-site posts from 200 groups over 24 months. The data shows ransomware now runs on a workweek calendar: 84% of leaks land Monday to Friday, half of all activity happens in 8 UTC hours, October is open season, and the ecosystem is growing not consolidating. Here is the full timing picture.
Lithuania’s Centre of Registers (Registrų centras) disclosed a May 2026 breach exposing roughly 600,000 records. Attackers reused credentials of authorised institutions, queried from abroad. Alerts.bar data shows 117 stealer-log accounts tied to the agency and 60+ live infected staff endpoints across the wider Lithuanian institutional ecosystem.
A 5-year census of 65,907 exposed databases found 30,515 carry a ransom or wipe marker. Of 512 attacker wallets we traced on-chain, 318 received nothing. The 9.78 BTC ($753K) that did move concentrates into the top 10 wallets, which captured 43% of receipts. Mass database extortion is industrial, automated, and mostly failing.
Inside the May 2026 pivot to encryption-less extortion. The ShinyHunters–Instructure breach, Nitrogen’s hit on Foxconn, EDR killers as standard tooling, and what a 28% payment rate means for defenders.