cognitive cybersecurity intelligence

News and Analysis

Cicada3301 ransomware affiliate program infiltrated by security researchers

Cicada3301, a ransomware-as-a-service group, had its affiliate program infiltrated by Group-IB researchers, who subsequently publicized details about the gang’s operations and inner workings. Active since June 2024, the group has attacked 30 victims, primarily in the U.S and U.K. The ransomware shares similarities with the defunct ALPHV/BlackCat ransomware group. Group-IB’s report also highlights Cicada3301’s sophisticated affiliate program, including detailed attack customization and support services.

Source: packetstormsecurity.com –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts

Malicious npm Package ‘dbmux’ Targets Developers

Malicious npm Package ‘dbmux’ Targets Developers

Malware was discovered in the npm package dbmux. Any computer with this package installed or running should be considered fully compromised. The GitHub Advisory (GHSA-62wx-5f55-w8g2)

Malware Hidden in Trusted Microsoft Repositories Put Developer Credentials at Risk – i-hls.com

Malware Hidden in Trusted Microsoft Repositories Put Developer Credentials at Risk – i-hls.com

Malware Hidden in Trusted Microsoft Repositories Put Developer Credentials at Risk i-hls.com

OpenClaw AI Agent Leaks Credentials in Phishing Simulation

OpenClaw AI Agent Leaks Credentials in Phishing Simulation

Autonomous email agents can become high‑impact phishing victims, leaking cloud credentials and sensitive business data even when wrapped in explicit safety instructions. In a controlled

ServiceNow Flaw Exploited to Gain Unauthorized Access to Customer Instances

ServiceNow Flaw Exploited to Gain Unauthorized Access to Customer Instances

ServiceNow has warned about a security incident in which unknown threat actors exploited a flaw to obtain deeper unauthorized access to susceptible instances. “On June