Bash is in the files!!!!11!
https://www.justice.gov/epstein/files/DataSet%209/EFTA00315849.pdf
Doing stuff at TurkuSec, DisArray, PersecCamp (hakkerileiri). Volunteering for DisObey.
Threat Intel as a job.
| Site | https://cryptolek.info/ |
CryptoLek ๐๐ป
- 305 Followers
- 423 Following
- 3.8K Posts
Woah! This is huge-ish. FBI has seized RAMP forum, one of favourite places of ransomware gangs.
Link to the news: https://www.bleepingcomputer.com/news/security/fbi-seizes-ramp-cybercrime-forum-used-by-ransomware-gangs/
Owner of the forum, Stallman, posted a statement on XSS forum confirming the seizure (machine translation of the forum post)
To whom it may concern: I regret to inform you that law enforcement agencies have gained control of the Ramp forum. This event has destroyed years of my work to create the most free forum in the world, and although I hoped this day would never come, I always knew in my heart that it was possible. It's a risk we all take. Although I no longer manage Ramp and will not be creating a new forum from scratch, I will continue to purchase access. My main business remains unchanged. If you have something to offer me, the terms are listed in my signature, write to me in private messages, and we will exchange frog/tox. Good luck to everyone, take care of yourselves and your loved ones, Stallman
fsb[.]sex: Karma Project - Russia Opensource
A search engine to search through leaks from Russia
Remember the article from last week from CyberArk about exploiting an XSS vulnerability in the web panel of StealC? The user on XSS forum has addressed the issue.
Machine translation of the post
About the recent news about the โhackโ of the panel
News began to spread about the alleged hack of the stealc user panel. At first, we didnโt see the point in writing anything, but not everyone is attentive, and in order to prevent further spread of fake news, we are writing this message.
The news is completely irrelevant. The article refers to admin panel 2.4.4 (which was released back in May 2025 and was replaced by version 2.5 in June 2025). there was also a very controversial situation where access was gained not to the admin panel via xss, but to the server via ssh โ subsequently, we encountered a couple more times that researchers are not particularly shy about using illegal tools for such performances).
We caught that hack in real time thanks to a user who wrote to us (admin panels are located on client servers, there is no common admin panel, etc.), which allowed us to release a fix.
We donโt know why the researchers took six months to do this; apparently, they had nothing to write about in January, so they remembered a case from mid-2025 in which they had success with one (there is a theory that they were able to get into three admin panels, but we didnโt find any traces of them at the time).
Also in December, we recorded attempts by two users to โbreak intoโ the admin panel using similar XSS attacks. Thanks to users who reported the attacks in real time, we observed attempts by the researcher to make the XSS work, but this time we didnโt let them off the hook and spammed their backend with some not-so-censored messages to accept cookies ๐
As for the current version (2.11.0, released in January 2026), it does not have such vulnerabilities. In fact, the researchers responsible for this article were essentially testers, for which we are very grateful to them.
Apparently, the guys remembered the case from May 2025, tried to pull off a similar trick in December, and when they found out that it had been fixed six months ago, they published an article.```
The other day I was thinking, when will infostealers start collecting information from "AI" browsers.
Today noticed that StealC has posted an update, where they added a feature of collecting Sigma AI Browser data.
''Sigma AI Browser is an AIโfirst agentic browser that combines an AI agent, deep research, and AI tools to help you navigate, create, and'' sloooop
Anyways, left to find some time and energy to look for some stealc logs and see if it syphons some more juicy data from "ai" browsers.
INC Ransom has claimed ENEA (enea.com) as their victim, alleging exfiltration of 79 GB of data.
According to Enea's Linkedin:
"Enea is a global specialist in advanced telecom and cybersecurity software, with a vision to make the worldโs communications safer and more efficient. Dedicated to innovation and security, our solutions connect, optimize, and protect communications between people, companies, and connected things worldwide. We serve 160+ communication service providers across 100+ countries, with more than 3 billion people relying on Enea technologies every day."
#ENEA #Sweden #INCRansom #Threatintel #extortion #ransomware
And it's out!
End of the game for cybercrime infrastructure: 1025 servers taken down
Between 10 and 13 November 2025, the latest phase of Operation Endgame was coordinated from Europolโs headquarters in The Hague. The actions targeted one of the biggest infostealer Rhadamanthys, the Remote Access Trojan VenomRAT, and the botnet Elysium, all of which played a key role in international cybercrime. Authorities took down these three large cybercrime enablers. The main suspect for VenomRAT was arrested in Greece on 3 November 2025.
#OperationEndgame #rhadamanthys #infostealer #VenomRAT #Elysium
Less than 10 minutes left on the Operation Endgame's counter. Wonder what they gonna announce. Maybe just the takedown of rhadamanthys infostealer infra.
