CyberCrime List - 2026 2025 2024 2023 2021 2020 2019 2018 2017
DATE | NAME |
Info | CATEG. |
WEB |
| 14.6.26 | Ex-school district employee jailed for hacks on former employer | A former IT employee at an Iowa school district was sentenced to 21 months in prison after conducting a prolonged cyberattack against the former employer that disrupted classroom operations, deleted accounts, and caused tens of thousands of dollars in damages. | CyberCrime | BleepingComputer |
| 12.6.26 | LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution | Cybersecurity researchers have disclosed details of three now-patched security flaws impacting LangGraph , including a critical vulnerability | CyberCrime | The Hacker News |
| 12.6.26 | INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator | An INTERPOL-led operation last month resulted in the disruption of Sniper Dz , a decade-long phishing-as-a-service (PhaaS) platform, Group- | CyberCrime | The Hacker News |
| 7.6.26 | Suspicious Polyfill login prompts pop up on Toshiba, Muji websites | Tech giant Toshiba and mega-retailer Muji warned visitors that suspicious sign-in screens popping up on their websites could collect credentials. | CyberCrime | BleepingComputer |
| 7.6.26 | Dark web Nemesis Market vendor gets 26 years for selling drugs | A California man was sentenced to more than 26 years in federal prison for trafficking fentanyl and methamphetamine through Nemesis Market, one of the world's largest dark web marketplaces. | CyberCrime | BleepingComputer |
| 7.6.26 | What 2026 DBIR Confirms: Attacks Are Living in the Browser | Phishing, shadow AI, malicious extensions, and credential theft increasingly happen inside the browser. Keep Aware explains what the 2026 Verizon DBIR reveals about browser-layer security gaps and modern attacks. | CyberCrime | BleepingComputer |
| 7.6.26 | Credit card theft campaign abuses Stripe to host stolen payment info | A new Magecart campaign is using Stripe's API infrastructure to host the credit card-stealing payload and the data exfiltrated from checkout pages. | CyberCrime | BleepingComputer |
| 7.6.26 | Police dismantles fake ID marketplace used by migrant smugglers | French and Spanish authorities took down an online marketplace selling fake identity documents to migrant smuggling rings operating within the European Union. | CyberCrime | BleepingComputer |
| 7.6.26 | What 345 Days of Untested Exposure Looks Like at a Bank | A two-week penetration test can leave roughly 345 days of real-world exposure unvalidated. Sprocket Security explores why continuous testing is becoming critical as attack surfaces constantly change. | CyberCrime | BleepingComputer |
| 7.6.26 | Police dismantles 9 crime groups in illegal streaming crackdown | European and international law enforcement agencies have dismantled nine organized crime groups and arrested 29 suspects in a major crackdown on illegal streaming operations. | CyberCrime | BleepingComputer |
| 6.6.26 | Spain arrests doxer leaking sensitive data of govt employees | The Spanish National Police has arrested an individual for leaking sensitive information related to members of various key state organizations, including the National Cybersecurity Institute (INCIBE). | CyberCrime | BleepingComputer |
| 4.6.26 | DoJ Disrupts Southeast Asia Crypto Fraud Networks, Freezes $3.8 Million in Assets | The U.S. Department of Justice (DoJ) on Wednesday announced the results of a sweeping action undertaken by government authorities and | CyberCrime | The Hacker News |
| 2.6.26 | Wardriving assessment across Mexico: Preparing for the 2026 World Cup | In the lead-up to the 2026 FIFA World Cup, Kaspersky GReAT experts conducted a wardriving assessment in Mexico City, Monterrey, and Guadalajara to evaluate Wi-Fi hotspot security configurations and potential exposure risks. | CyberCrime | SECURELIST |
| 1.6.26 | Pirates in the crosshairs: how one cybercrime gang has been infecting book, movie, and TV show fans for years | In late April 2026, a client reached out to us for incident response support after discovering a miner running on users’ computers. We later discovered that the malware was being distributed via illegal movie and TV show streaming sites. | CyberCrime | SECURELIST |
| 31.5.26 | From $5 Attacks to Botnet-Powered Platforms: Inside the DDoS-as-a- Service Market | DDoS attacks are increasingly being sold like subscription services, complete with pricing tiers, support, and reseller programs. Flare explores how the DDoS-as-a-Service market has evolved from scattered tools into polished attack platforms. | CyberCrime | BleepingComputer |
| 31.5.26 | FBI warns of fake FIFA websites running World Cup fraud schemes | The FBI is warning of fake websites impersonating FIFA ahead of the 2026 World Cup, to steal personal and financial information, sell fake tickets and hospitality packages, and push other fraud related to the event. | CyberCrime | BleepingComputer |
| 31.5.26 | Romanian gets 5 years in prison for hacking Oregon govt network | A Romanian national was sentenced this week to 56 months in federal prison for breaking into an Oregon state government computer network and fr cyberattacks targeting dozens of other U.S. victims. | CyberCrime | BleepingComputer |
| 30.5.26 | Sextortionist sentenced to 33 years for targeting 145 children | A Canadian man was sentenced to 33 years in prison after pleading guilty to targeting more than 145 children across the United States, some as young as 6 years old, in an eight-year-long sextortion scheme. | CyberCrime | BleepingComputer |
| 30.5.26 | FBI warns of in-person data theft attacks from extortion gang | The FBI warned on Tuesday that the Silent Ransom Group (SRG) extortion gang is now targeting U.S.-based law firms in in-person data theft attacks. | CyberCrime | BleepingComputer |
| 30.5.26 | Dutch police arrests suspect linked to Ajax football club hack | The Dutch National Police arrested a 35-year-old man suspected of hacking the professional football club Ajax Amsterdam (AFC Ajax) earlier this year. | CyberCrime | BleepingComputer |
| 24.5.26 | Netherlands seizes 800 servers of hosting firm enabling cyberattacks | Netherlands seizes 800 servers of hosting firm enabling cyberattacks | CyberCrime | BleepingComputer |
| 24.5.26 | Apple blocked over $11 billion in App Store fraud in 6 years | Apple revealed that it blocked over $11 billion in fraudulent App Store transactions over the last six years, more than $2.2 billion in potentially fraudulent App Store transactions in 2025 alone. | CyberCrime | BleepingComputer |
| 24.5.26 | Ukraine identifies infostealer operator tied to 28,000 stolen accounts | The Ukrainian cyberpolice, working in conjunction with U.S. law enforcement, has identified an 18-year-old man from Odesa suspected of running an infostealer malware operation targeting users of an online store in California. | CyberCrime | BleepingComputer |
| 23.5.26 | Cybercrime service disrupted for abusing Microsoft platform to sign malware | Microsoft says it has disrupted a malware-signing-as-a-service (MSaaS) operation that abused the company's Artifact Signing service to generate fraudulent code-signing certificates used by ransomware gangs and other cybercriminals. | CyberCrime | BleepingComputer |
| 23.5.26 | INTERPOL ‘Operation Ramz’ seizes 53 malware, phishing servers | More than 200 individuals were arrested for cybercrime activities during INTERPOL's Operation Ramz, which focused on the Middle East and North Africa. | CyberCrime | BleepingComputer |
| 19.5.26 | INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks with 201 Arrests | INTERPOL has coordinated a first-of-its-kind cybercrime crackdown across the Middle East and North Africa (MENA) that led to 201 arrests | CyberCrime | The Hacker News |
| 17.5.26 | Avada Builder WordPress plugin flaws allow site credential theft | Two vulnerabilities in the Avada Builder plugin for WordPress, with an estimated one million active installations, allow hackers to read arbitrary files and extract sensitive information from the database. | CyberCrime | BleepingComputer |
| 17.5.26 | US charges suspected Dream Market admin arrested in Germany | The alleged main administrator of Dream Market Incognito Market, one of the largest dark web marketplaces before its shutdown, has been indicted in the United States on money laundering charges. | CyberCrime | BleepingComputer |
| 14.5.26 | Police shut down reboot of Crimenetwork marketplace, arrest admin | German authorities have shut down a relaunch version of the criminal marketplace 'Crimenetwork' that generated more than 3.6 million euros, and arrested its operator. | CyberCrime | BleepingComputer |
| 9.5.26 | Karakurt extortion gang ‘cold case’ negotiator gets 8.5 years in prison | A Latvian national extradited to the United States was sentenced to 8.5 years in prison for his "cold case" negotiator role in the Russian Karakurt ransomware group. | CyberCrime | BleepingComputer |
| 8.5.26 | The Duality of the Pluggable Authentication Module (PAM) | The Group-IB DFIR Team has identified a new technique not yet included in the MITRE ATT&CK framework, which could lead to use the module pam_exec to obtain a privileged shell on a host and grant a full persistence to a threat actor. | CyberCrime | GROUP-IB |
| 3.5.26 | Romanian leader of online swatting ring gets 4 years in prison | A Romanian national who led an online swatting ring that targeted more than 75 public officials, multiple journalists, and four religious institutions was sentenced to 4 years in federal prison. | CyberCrime | BleepingComputer |
| 3.5.26 | FBI links cybercriminals to sharp surge in cargo theft attacks | The U.S. Federal Bureau of Investigation (FBI) warned the transportation and logistics industry of a sharp rise in cyber-enabled cargo theft, with estimated losses in the United States and Canada reaching nearly $725 million in 2025. | CyberCrime | BleepingComputer |
| 2.5.26 | US reportedly charges Scattered Spider hacker arrested in Finland | A 19-year-old dual United States and Estonian citizen arrested in Finland earlier this month faces federal charges in the U.S. alleging he was a prolific member of the notorious Scattered Spider hacking collective. | CyberCrime | BleepingComputer |
| 2.5.26 | Alleged Silk Typhoon hacker extradited to US for cyberespionage | A Chinese national accused of carrying out cyberespionage operations for China's intelligence services has been extradited from Italy to the United States to face criminal charges | CyberCrime | BleepingComputer |
| 1.5.26 | Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks | Cybersecurity researchers are warning of two cybercrime groups that are carrying out "rapid, high-impact attacks" operating almost within the | CyberCrime | The Hacker News |
| 29.4.26 | Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign | A cybercrime group of Brazilian origin has resurfaced after more than three years to orchestrate a campaign that targets Minecraft players with a new | CyberCrime | The Hacker News |
| 28.4.26 | Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack | Checkmarx has disclosed that its ongoing investigation tied to the supply chain security incident has revealed that a cybercriminal group published data | CyberCrime | The Hacker News |
| 26.4.26 | Spain dismantles major $4.7M manga piracy platform, arrests four | The Spanish police have dismantled the largest Spanish-language manga piracy platform, operating since 2014, with millions of monthly users from around the globe. | CyberCrime | |
| 25.4.26 | Stopping Fraud at Each Stage of the Customer Journey Without Adding Friction | Fraud prevention and user experience don't have to be a tradeoff. IPQS shows how combining identity, device, and network signals stops fraud without adding friction. | CyberCrime | BleepingComputer |
| 23.4.26 | British Scattered Spider hacker pleads guilty to crypto theft charges | A British man, believed to be the leader of the Scattered Spider cybercrime collective, has pleaded guilty in the United States to charges of wire fraud and aggravated identity theft. | CyberCrime | |
| 19.4.26 | Inside an Underground Guide: How Threat Actors Vet Stolen Credit Card Shops | In cybercrime markets, trust isn't assumed, it's verified. Flare reveals how underground guides teach actors to evaluate carding shops based on data quality, reputation, and survivability. | CyberCrime | |
| 19.4.26 | Man gets 30 months for selling thousands of hacked DraftKings accounts | 23-year-old Kamerin Stokes of Memphis, Tennessee, was sentenced to 30 months in prison for selling access to tens of thousands of hacked DraftKings accounts. | CyberCrime | |
| 18.4.26 | $13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims | Grinex, a Kyrgyzstan-incorporated cryptocurrency exchange sanctioned by the U.K. and the U.S. last year, said it's suspending operations after it blamed | CyberCrime | The Hacker News |
| 11.4.26 | FBI: Americans lost a record $21 billion to cybercrime last year | U.S. victims lost nearly $21 billion to cyber-enabled crimes last year, driven primarily by investment scams, business email compromise, tech support fraud, and data breaches, the Federal Bureau of Investigation says. | CyberCrime | |
| 29.3.26 | Inside a Modern Fraud Attack: From Bot Signups to Account Takeovers | Multi-stage fraud attacks chain bots, proxies, and stolen credentials from signup to takeover. IPQS shows why correlating IP, device, identity, and behavior is critical to stop it. | CyberCrime | BleepingComputer |
| 29.3.26 | Russia arrests suspected owner of LeakBase cybercrime forum | Russian police arrested a Taganrog resident believed to be the owner of LeakBase, a major online forum used by cybercriminals to buy and sell stolen data and hacking tools. | CyberCrime | |
| 29.3.26 | PolyShell attacks target 56% of all vulnerable Magento stores | Attacks leveraging the 'PolyShell' vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are underway, targeting more than half of all vulnerable stores. | CyberCrime | |
| 26.3.26 | WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites | Cybersecurity researchers have discovered a new payment skimmer that uses WebRTC data channels as a means to receive payloads and exfiltrate data, | CyberCrime | The Hacker News |
| 26.3.26 | LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace | The alleged administrator of the LeakBase cybercrime forum has been arrested by Russian law enforcement authorities, state media reported | CyberCrime | The Hacker News |
| 22.3.26 | Police take down 373,000 fake CSAM sites in Operation Alice | An international law enforcement action called Operation Alice has shut down over 373,000 dark web sites that offered fake CSAM packages. | CyberCrime | |
| 15.3.26 | Police sinkholes 45,000 IP addresses in cybercrime crackdown | An international law enforcement action codenamed "Operation Synergia III" has sinkholed tens of thousands of IP addresses and seized servers linked to cybercrime operations worldwide. | CyberCrime | |
| 15.3.26 | Fake enterprise VPN sites used to steal company credentials | A threat actor tracked as Storm-2561 is distributing fake enterprise VPN clients from Ivanti, Cisco, and Fortinet to steal VPN credentials from unsuspecting users. | CyberCrime | |
| 15.3.26 | Going the Extra Mile: Travel Rewards Turn into Underground Currency. | Stolen airline miles are converted into flights and hotel stays, then resold as discounted travel. Flare shows how cybercriminals and underground markets treat loyalty accounts like tradable currency. | CyberCrime | |
| 14.3.26 | INTERPOL Dismantles 45,000 Malicious IPs, Arrests 94 in Global Cybercrime | INTERPOL on Friday announced the takedown of 45,000 malicious IP addresses and servers used in connection with phishing, malware, and | CyberCrime | The Hacker News |
| 8.3.26 | Ghanain man pleads guilty to role in $100 million fraud ring | A Ghanaian national pleaded guilty to his role in a massive fraud ring that stole over $100 million from victims across the United States through business email compromise attacks and romance scams. | CyberCrime | BleepingComputer |
| 7.3.26 | Hacker mass-mails HungerRush extortion emails to restaurant patrons | Customers of restaurants using the HungerRush point-of-sale (POS) platform say they received emails from a threat actor attempting to extort the company, warning that restaurant and customer data could be exposed if HungerRush fails to respond. | CyberCrime | |
| 5.3.26 | Compromised Site Management Panels are a Hot Item in Cybercrime Markets | Compromised cPanel credentials are being sold in bulk across underground channels as plug-and-play phishing and scam infrastructure. Flare explains how analyzing 200,000 underground posts reveals a commoditized market for hacked site management panels. | CyberCrime | |
| 5.3.26 | Alabama man pleads guilty to hacking, extorting hundreds of women | A 22-year-old Alabama man pleaded guilty to extortion, cyberstalking, and computer fraud charges after hijacking the social media accounts of hundreds of young women (including minors). | CyberCrime | |
| 5.3.26 | Florida woman imprisoned for massive Microsoft license fraud scheme | A Florida woman was sentenced to 22 months in prison for running a massive years-long scheme to traffic thousands of stolen Microsoft Certificate of Authenticity (COA) labels. | CyberCrime | |
| 26.2.26 | Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokens | Cybersecurity researchers have disclosed details of a new malicious package discovered on the NuGet Gallery, impersonating a library from financial | CyberCrime | The Hacker News |
| 22.2.26 | Nigerian man gets eight years in prison for hacking tax firms | A Nigerian national was sentenced to eight years in prison for hacking multiple tax preparation firms in Massachusetts and filing fraudulent tax returns seeking over $8.1 million in refunds. | CyberCrime | |
| 22.2.26 | Police arrests 651 suspects in African cybercrime crackdown | African authorities arrested 651 suspects and recovered over $4.3 million in a joint operation targeting investment fraud, mobile money scams, and fake loan applications. | CyberCrime | |
| 21.2.26 | Glendale man gets 5 years in prison for role in darknet drug ring | A Glendale man was sentenced to nearly five years in federal prison for his role in a darknet drug trafficking operation that sold cocaine, methamphetamine, MDMA, and ketamine to customers across the United States. | CyberCrime | |
| 20.2.26 | INTERPOL Operation Red Card 2.0 Arrests 651 in African Cybercrime Crackdown | An international cybercrime operation against online scams has led to 651 arrests and recovered more than $4.3 million as part of an effort led by law | CyberCrime | The Hacker News |
| 19.2.26 | Man arrested for demanding reward after accidental police data leak | Dutch authorities arrested a 40-year-old man after he downloaded confidential documents that had been mistakenly shared by the police and refused to delete them unless he received "something in return." | CyberCrime | |
| 15.2.26 | Turning IBM QRadar Alerts into Action with Criminal IP | Criminal IP now integrates with IBM QRadar SIEM and SOAR to bring external IP-based threat intelligence directly into detection and response workflows. See how risk scoring and automated enrichment help SOC teams prioritize high-risk IPs and accelerate investigations without leaving QRadar. | CyberCrime | |
| 14.2.26 | Police arrest seller of JokerOTP MFA passcode capturing tool | The Netherlands Police have arrested a a 21-year-old man from Dordrecht, suspected of selling access to the JokerOTP phishing automation tool that can intercept one-time passwords (OTP) for hijacking accounts. | CyberCrime | |
| 3.2.26 | Empire cybercrime market owner pleads guilty to drug conspiracy | A Virginia man who co-created Empire Market, one of the largest dark web marketplaces at the time, pleaded guilty to federal drug conspiracy charges for facilitating $430 million in illegal transactions from 2018 to 2020. | CyberCrime | |
| 3.2.26 | Slovakian man pleads guilty to operating darknet marketplace | A Slovakian national admitted on Tuesday to helping operate a darknet marketplace that sold narcotics, cybercrime tools and services, fake government IDs, and stolen personal information for more than two years. | CyberCrime | |
| 18.1.26 | Microsoft disrupts massive RedVDS cybercrime virtual desktop service | Microsoft announced on Wednesday that it disrupted RedVDS, a massive cybercrime platform linked to at least $40 million in reported losses in the United States alone since March 2025. | CyberCrime | |
| 17.1.26 | Hacker gets seven years for breaching Rotterdam and Antwerp ports | The Amsterdam Court of Appeal sentenced a 44-year-old Dutch national to seven years in prison for multiple crimes, including computer hacking and attempted extortion. | CyberCrime | |
| 16.1.26 | Microsoft Legal Action Disrupts RedVDS Cybercrime Infrastructure Used for Online Fraud | Microsoft on Wednesday announced that it has taken a " coordinated legal action " in the U.S. and the U.K. to disrupt a cybercrime subscription service called RedVDS that has allegedly | CyberCrime | The Hacker News |
| 14.1.26 | Long-Running Web Skimming Campaign Steals Credit Cards From Online Checkout Pages | ybersecurity researchers have discovered a major web skimming campaign that has been active since January 2022, targeting several major payment networks like American Express, | CyberCrime | The Hacker News |
| 11.1.26 | Spain arrests 34 suspects linked to Black Axe cyber crime | Authorities in Spain have arrested 34 individuals allegedly part of a criminal network involved in cyber fraud and believed to be connected to the Black Axe group responsible for illicit activities across Europe. | CyberCrime | |
| 10.1.26 | Europol Arrests 34 Black Axe Members in Spain Over €5.9M Fraud and Organized Crime | Europol on Friday announced the arrest of 34 individuals in Spain who are alleged to be part of an international criminal organization called Black Axe . As part of an operation conducted | CyberCrime | The Hacker News |
| 2.1.26 | Cybercriminals Abuse Google Cloud Email Feature in Multi-Stage Phishing Campaign | Cybersecurity researchers have disclosed details of a phishing campaign that involves the attackers impersonating legitimate Google-generated messages by abusing Google Cloud's | CyberCrime | The Hacker News |