High-fidelity IOCs aggregated from The Hacker News, BleepingComputer, Microsoft Security Blog and CISA KEV. Refreshed daily. CVEs/hashes via regex; domains/IPs only when defanged by the source author. https://clankerusecase.com/ en-us Mon, 15 Jun 2026 01:48:51 +0000 Mon, 15 Jun 2026 01:48:51 +0000 usecaseintel/generate.py https://cybersecuritynews.com/chrome-extensions-hide-ad-tracking/ <p><strong>IPV4:</strong> <code>92.112.198.22</code></p><p>Severity: <strong>med</strong> · First seen: 2026-06-14 · Sources: Cyber Security News</p><p>Context: 152 Chrome Extensions Hide Ad Tracking and Fake Google Search Traffic</p> usecaseintel:ipv4:92.112.198.22 Sun, 14 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/chrome-extensions-hide-ad-tracking/ <p><strong>IPV4:</strong> <code>147.79.120.202</code></p><p>Severity: <strong>med</strong> · First seen: 2026-06-14 · Sources: Cyber Security News</p><p>Context: 152 Chrome Extensions Hide Ad Tracking and Fake Google Search Traffic</p> usecaseintel:ipv4:147.79.120.202 Sun, 14 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/chrome-extensions-hide-ad-tracking/ <p><strong>DOMAIN:</strong> <code>yowgames.com</code></p><p>Severity: <strong>med</strong> · First seen: 2026-06-14 · Sources: Cyber Security News</p><p>Context: 152 Chrome Extensions Hide Ad Tracking and Fake Google Search Traffic</p> usecaseintel:domain:yowgames.com Sun, 14 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/chrome-extensions-hide-ad-tracking/ <p><strong>DOMAIN:</strong> <code>tabplugins.com</code></p><p>Severity: <strong>med</strong> · First seen: 2026-06-14 · Sources: Cyber Security News</p><p>Context: 152 Chrome Extensions Hide Ad Tracking and Fake Google Search Traffic</p> usecaseintel:domain:tabplugins.com Sun, 14 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/chrome-extensions-hide-ad-tracking/ <p><strong>DOMAIN:</strong> <code>owhit.com</code></p><p>Severity: <strong>med</strong> · First seen: 2026-06-14 · Sources: Cyber Security News</p><p>Context: 152 Chrome Extensions Hide Ad Tracking and Fake Google Search Traffic</p> usecaseintel:domain:owhit.com Sun, 14 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/chrome-extensions-hide-ad-tracking/ <p><strong>DOMAIN:</strong> <code>chromewallpaper.com</code></p><p>Severity: <strong>med</strong> · First seen: 2026-06-14 · Sources: Cyber Security News</p><p>Context: 152 Chrome Extensions Hide Ad Tracking and Fake Google Search Traffic</p> usecaseintel:domain:chromewallpaper.com Sun, 14 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/chrome-extensions-hide-ad-tracking/ <p><strong>DOMAIN:</strong> <code>avads.live</code></p><p>Severity: <strong>med</strong> · First seen: 2026-06-14 · Sources: Cyber Security News</p><p>Context: 152 Chrome Extensions Hide Ad Tracking and Fake Google Search Traffic</p> usecaseintel:domain:avads.live Sun, 14 Jun 2026 00:00:00 +0000 Cyber Security News https://www.stepsecurity.io/blog/400-aur-packages-hijacked-atomic-arch-campaign <p><strong>DOMAIN:</strong> <code>temp.sh</code></p><p>Severity: <strong>crit</strong> · First seen: 2026-06-13 · Sources: StepSecurity, The Hacker News, BleepingComputer</p><p>Context: 400+ AUR Packages Hijacked: What the “Atomic Arch” Campaign Means for Supply-Chain Security</p> usecaseintel:domain:temp.sh Sat, 13 Jun 2026 00:00:00 +0000 StepSecurity The Hacker News BleepingComputer https://www.bleepingcomputer.com/news/security/chinese-hackers-hijack-auth-flow-spy-on-isolated-network-for-a-decade/ <p><strong>DOMAIN:</strong> <code>gs.thc.org</code></p><p>Severity: <strong>crit</strong> · First seen: 2026-06-13 · Sources: BleepingComputer</p><p>Context: Chinese hackers hijack auth flow, spy on isolated network for a decade</p> usecaseintel:domain:gs.thc.org Sat, 13 Jun 2026 00:00:00 +0000 BleepingComputer https://www.stepsecurity.io/blog/400-aur-packages-hijacked-atomic-arch-campaign <p><strong>DOMAIN:</strong> <code>github.com/fardewoak/nodejs-argo</code></p><p>Severity: <strong>crit</strong> · First seen: 2026-06-13 · Sources: StepSecurity</p><p>Context: 400+ AUR Packages Hijacked: What the “Atomic Arch” Campaign Means for Supply-Chain Security</p> usecaseintel:domain:github.com/fardewoak/nodejs-argo Sat, 13 Jun 2026 00:00:00 +0000 StepSecurity https://cybersecuritynews.com/agentjacking-attack-hijacks-ai-coding-agent/ <p><strong>DOMAIN:</strong> <code>advisory-tracker.com</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-13 · Sources: Cyber Security News, The Hacker News</p><p>Context: New Agentjacking Attack Hijacks Your AI Coding Agent to Run Code From a Hacker’s Server</p> usecaseintel:domain:advisory-tracker.com Sat, 13 Jun 2026 00:00:00 +0000 Cyber Security News The Hacker News https://thehackernews.com/2026/06/critical-splunk-enterprise-flaw-lets.html <p><strong>CVE:</strong> <code>CVE-2026-20253</code></p><p>Severity: <strong>crit</strong> · First seen: 2026-06-13 · Sources: The Hacker News, Cyber Security News</p><p>Context: Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication</p> usecaseintel:cve:CVE-2026-20253 Sat, 13 Jun 2026 00:00:00 +0000 The Hacker News Cyber Security News https://www.bleepingcomputer.com/news/security/chinese-hackers-hijack-auth-flow-spy-on-isolated-network-for-a-decade/ <p><strong>CVE:</strong> <code>CVE-2024-20399</code></p><p>Severity: <strong>crit</strong> · First seen: 2026-06-13 · Sources: BleepingComputer, The Hacker News, CISA KEV</p><p>Context: Chinese hackers hijack auth flow, spy on isolated network for a decade</p> usecaseintel:cve:CVE-2024-20399 Sat, 13 Jun 2026 00:00:00 +0000 BleepingComputer The Hacker News CISA KEV https://cybersecuritynews.com/malicious-npm-campaign-steals-ssh-keys-api-tokens/ <p><strong>SHA256:</strong> <code>feabf10c8a9ba2775bb0f7f9d0b20203112b7df8e6d333a44d5a11eae0e38e86</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Malicious npm Campaign Steals SSH Keys, API Tokens, Cloud Credentials, and Wallet Secrets</p> usecaseintel:sha256:feabf10c8a9ba2775bb0f7f9d0b20203112b7df8e6d333a44d5a11eae0e38e86 Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/fancy-bear-hackers-abuse-edgerouters-and-cloud-services/ <p><strong>SHA256:</strong> <code>fd3f13db41cd5b442fa26ba8bc0e9703ed243b3516374e3ef89be71cbf07436b</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks</p> usecaseintel:sha256:fd3f13db41cd5b442fa26ba8bc0e9703ed243b3516374e3ef89be71cbf07436b Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://www.bleepingcomputer.com/news/security/early-warning-signs-of-supply-chain-attacks-live-in-the-dark-web/ <p><strong>SHA256:</strong> <code>f099c5d9ec417d4445a0328ac0ada9cde79fc37410914103ae9c609cbc0ee068</code></p><p>Severity: <strong>crit</strong> · First seen: 2026-06-12 · Sources: BleepingComputer, Aikido, StepSecurity, Snyk</p><p>Context: Early Warning Signs of Supply-Chain Attacks Live in the Dark Web</p> usecaseintel:sha256:f099c5d9ec417d4445a0328ac0ada9cde79fc37410914103ae9c609cbc0ee068 Fri, 12 Jun 2026 00:00:00 +0000 BleepingComputer Aikido StepSecurity Snyk https://cybersecuritynews.com/malicious-npm-campaign-steals-ssh-keys-api-tokens/ <p><strong>SHA256:</strong> <code>e848d73a68e4e8aea00a6257552b5872907dfaf7cce3d94636d7e59d286edeab</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Malicious npm Campaign Steals SSH Keys, API Tokens, Cloud Credentials, and Wallet Secrets</p> usecaseintel:sha256:e848d73a68e4e8aea00a6257552b5872907dfaf7cce3d94636d7e59d286edeab Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://www.bleepingcomputer.com/news/security/early-warning-signs-of-supply-chain-attacks-live-in-the-dark-web/ <p><strong>SHA256:</strong> <code>dc67467a39b70d1cd4c1f7f7a459b35058163592f4a9e8fb4dffcbba98ef210c</code></p><p>Severity: <strong>crit</strong> · First seen: 2026-06-12 · Sources: BleepingComputer, Aikido, StepSecurity, Snyk</p><p>Context: Early Warning Signs of Supply-Chain Attacks Live in the Dark Web</p> usecaseintel:sha256:dc67467a39b70d1cd4c1f7f7a459b35058163592f4a9e8fb4dffcbba98ef210c Fri, 12 Jun 2026 00:00:00 +0000 BleepingComputer Aikido StepSecurity Snyk https://cybersecuritynews.com/malicious-npm-campaign-steals-ssh-keys-api-tokens/ <p><strong>SHA256:</strong> <code>d94a2444268b339dfda2615f7800322fb318e0a484414bb17016cfcd5eb07c44</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Malicious npm Campaign Steals SSH Keys, API Tokens, Cloud Credentials, and Wallet Secrets</p> usecaseintel:sha256:d94a2444268b339dfda2615f7800322fb318e0a484414bb17016cfcd5eb07c44 Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/malicious-npm-campaign-steals-ssh-keys-api-tokens/ <p><strong>SHA256:</strong> <code>d7ec660a2a29c1aabcbe9bff1ef29be9a9fab8c7fe7c40df4772dd2b5bdf9666</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Malicious npm Campaign Steals SSH Keys, API Tokens, Cloud Credentials, and Wallet Secrets</p> usecaseintel:sha256:d7ec660a2a29c1aabcbe9bff1ef29be9a9fab8c7fe7c40df4772dd2b5bdf9666 Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/malicious-npm-campaign-steals-ssh-keys-api-tokens/ <p><strong>SHA256:</strong> <code>d6abc7003b580472d808b338adef0b28eacc698cd4692f76cb2a91718ab78d88</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Malicious npm Campaign Steals SSH Keys, API Tokens, Cloud Credentials, and Wallet Secrets</p> usecaseintel:sha256:d6abc7003b580472d808b338adef0b28eacc698cd4692f76cb2a91718ab78d88 Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://www.bleepingcomputer.com/news/security/early-warning-signs-of-supply-chain-attacks-live-in-the-dark-web/ <p><strong>SHA256:</strong> <code>cbb9bc5a8496243e02f3cc080efbe3e4a1430ba0671f2e43a202bf45b05479cd</code></p><p>Severity: <strong>crit</strong> · First seen: 2026-06-12 · Sources: BleepingComputer, Aikido, StepSecurity, Snyk</p><p>Context: Early Warning Signs of Supply-Chain Attacks Live in the Dark Web</p> usecaseintel:sha256:cbb9bc5a8496243e02f3cc080efbe3e4a1430ba0671f2e43a202bf45b05479cd Fri, 12 Jun 2026 00:00:00 +0000 BleepingComputer Aikido StepSecurity Snyk https://cybersecuritynews.com/fancy-bear-hackers-abuse-edgerouters-and-cloud-services/ <p><strong>SHA256:</strong> <code>c91183175ce77360006f964841eb4048cf37cb82103f2573e262927be4c7607f</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks</p> usecaseintel:sha256:c91183175ce77360006f964841eb4048cf37cb82103f2573e262927be4c7607f Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/fancy-bear-hackers-abuse-edgerouters-and-cloud-services/ <p><strong>SHA256:</strong> <code>bb23545380fde9f48ad070f88fe0afd695da5fcae8c5274814858c5a681d8c4e</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks</p> usecaseintel:sha256:bb23545380fde9f48ad070f88fe0afd695da5fcae8c5274814858c5a681d8c4e Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/malicious-npm-campaign-steals-ssh-keys-api-tokens/ <p><strong>SHA256:</strong> <code>bab96257018df49ace8fe8adfadc74cf8327fcf9a9dc8a3a7c9ac8e18881df5f</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Malicious npm Campaign Steals SSH Keys, API Tokens, Cloud Credentials, and Wallet Secrets</p> usecaseintel:sha256:bab96257018df49ace8fe8adfadc74cf8327fcf9a9dc8a3a7c9ac8e18881df5f Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://www.bleepingcomputer.com/news/security/early-warning-signs-of-supply-chain-attacks-live-in-the-dark-web/ <p><strong>SHA256:</strong> <code>b74caeaa75e077c99f7d44f46daaf9796a3be43ecf24f2a1fd381844669da777</code></p><p>Severity: <strong>crit</strong> · First seen: 2026-06-12 · Sources: BleepingComputer, Aikido, StepSecurity, Snyk</p><p>Context: Early Warning Signs of Supply-Chain Attacks Live in the Dark Web</p> usecaseintel:sha256:b74caeaa75e077c99f7d44f46daaf9796a3be43ecf24f2a1fd381844669da777 Fri, 12 Jun 2026 00:00:00 +0000 BleepingComputer Aikido StepSecurity Snyk https://cybersecuritynews.com/fancy-bear-hackers-abuse-edgerouters-and-cloud-services/ <p><strong>SHA256:</strong> <code>b2ba51b4491da8604ff9410d6e004971e3cd9a321390d0258e294ac42010b546</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks</p> usecaseintel:sha256:b2ba51b4491da8604ff9410d6e004971e3cd9a321390d0258e294ac42010b546 Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/fancy-bear-hackers-abuse-edgerouters-and-cloud-services/ <p><strong>SHA256:</strong> <code>a944a09783023a2c6c62d3601cbd5392a03d808a6a51728e07a3270861c2a8ee</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks</p> usecaseintel:sha256:a944a09783023a2c6c62d3601cbd5392a03d808a6a51728e07a3270861c2a8ee Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/fancy-bear-hackers-abuse-edgerouters-and-cloud-services/ <p><strong>SHA256:</strong> <code>a876f648991711e44a8dcf888a271880c6c930e5138f284cd6ca6128eca56ba1</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks</p> usecaseintel:sha256:a876f648991711e44a8dcf888a271880c6c930e5138f284cd6ca6128eca56ba1 Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://www.bleepingcomputer.com/news/security/early-warning-signs-of-supply-chain-attacks-live-in-the-dark-web/ <p><strong>SHA256:</strong> <code>a3894003ad1d293ba96d77881ccd2071446dc3f65f434669b49b3da92421901a</code></p><p>Severity: <strong>crit</strong> · First seen: 2026-06-12 · Sources: BleepingComputer, Aikido, StepSecurity, Snyk</p><p>Context: Early Warning Signs of Supply-Chain Attacks Live in the Dark Web</p> usecaseintel:sha256:a3894003ad1d293ba96d77881ccd2071446dc3f65f434669b49b3da92421901a Fri, 12 Jun 2026 00:00:00 +0000 BleepingComputer Aikido StepSecurity Snyk https://cybersecuritynews.com/fancy-bear-hackers-abuse-edgerouters-and-cloud-services/ <p><strong>SHA256:</strong> <code>9f4672c1374034ac4556264f0d4bf96ee242c0b5a9edaa4715b5e61fe8d55cc8</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks</p> usecaseintel:sha256:9f4672c1374034ac4556264f0d4bf96ee242c0b5a9edaa4715b5e61fe8d55cc8 Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/malicious-npm-campaign-steals-ssh-keys-api-tokens/ <p><strong>SHA256:</strong> <code>7269c00a6164fd01dd516e0a72b2bd84c82e78feb552e06964e4992ff0479dda</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Malicious npm Campaign Steals SSH Keys, API Tokens, Cloud Credentials, and Wallet Secrets</p> usecaseintel:sha256:7269c00a6164fd01dd516e0a72b2bd84c82e78feb552e06964e4992ff0479dda Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/malicious-npm-campaign-steals-ssh-keys-api-tokens/ <p><strong>SHA256:</strong> <code>6585ca0d3e26c20ced638f46f4a89eea924d411b8753d3fcf434663593c7cf0b</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Malicious npm Campaign Steals SSH Keys, API Tokens, Cloud Credentials, and Wallet Secrets</p> usecaseintel:sha256:6585ca0d3e26c20ced638f46f4a89eea924d411b8753d3fcf434663593c7cf0b Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://www.bleepingcomputer.com/news/security/early-warning-signs-of-supply-chain-attacks-live-in-the-dark-web/ <p><strong>SHA256:</strong> <code>62ee164b9b306250c1172583f138c9614139264f889fa99614903c12755468d0</code></p><p>Severity: <strong>crit</strong> · First seen: 2026-06-12 · Sources: BleepingComputer, Aikido, StepSecurity, Snyk</p><p>Context: Early Warning Signs of Supply-Chain Attacks Live in the Dark Web</p> usecaseintel:sha256:62ee164b9b306250c1172583f138c9614139264f889fa99614903c12755468d0 Fri, 12 Jun 2026 00:00:00 +0000 BleepingComputer Aikido StepSecurity Snyk https://thehackernews.com/2026/06/over-400-arch-linux-aur-packages.html <p><strong>SHA256:</strong> <code>6144d433f8a0316869877b5f834c801251bbb936e5f1577c5680878c7443c98b</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: The Hacker News, BleepingComputer</p><p>Context: Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit</p> usecaseintel:sha256:6144d433f8a0316869877b5f834c801251bbb936e5f1577c5680878c7443c98b Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News BleepingComputer https://cybersecuritynews.com/malicious-npm-campaign-steals-ssh-keys-api-tokens/ <p><strong>SHA256:</strong> <code>5c50f79038b31aa8a3a68b24d8b783dfbd2e15fff7586c5609e544a717ef7d05</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Malicious npm Campaign Steals SSH Keys, API Tokens, Cloud Credentials, and Wallet Secrets</p> usecaseintel:sha256:5c50f79038b31aa8a3a68b24d8b783dfbd2e15fff7586c5609e544a717ef7d05 Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/fancy-bear-hackers-abuse-edgerouters-and-cloud-services/ <p><strong>SHA256:</strong> <code>5a17cfaea0cc3a82242fdd11b53140c0b56256d769b07c33757d61e0a0a6ec02</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks</p> usecaseintel:sha256:5a17cfaea0cc3a82242fdd11b53140c0b56256d769b07c33757d61e0a0a6ec02 Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://www.bleepingcomputer.com/news/security/early-warning-signs-of-supply-chain-attacks-live-in-the-dark-web/ <p><strong>SHA256:</strong> <code>4b2399646573bb737c4969563303d8ee2e9ddbd1b271f1ca9e35ea78062538db</code></p><p>Severity: <strong>crit</strong> · First seen: 2026-06-12 · Sources: BleepingComputer, Aikido, StepSecurity, Snyk</p><p>Context: Early Warning Signs of Supply-Chain Attacks Live in the Dark Web</p> usecaseintel:sha256:4b2399646573bb737c4969563303d8ee2e9ddbd1b271f1ca9e35ea78062538db Fri, 12 Jun 2026 00:00:00 +0000 BleepingComputer Aikido StepSecurity Snyk https://www.bleepingcomputer.com/news/security/early-warning-signs-of-supply-chain-attacks-live-in-the-dark-web/ <p><strong>SHA256:</strong> <code>46faab8ab153fae6e80e7cca38eab363075bb524edd79e42269217a083628f09</code></p><p>Severity: <strong>crit</strong> · First seen: 2026-06-12 · Sources: BleepingComputer, Aikido, StepSecurity, Snyk</p><p>Context: Early Warning Signs of Supply-Chain Attacks Live in the Dark Web</p> usecaseintel:sha256:46faab8ab153fae6e80e7cca38eab363075bb524edd79e42269217a083628f09 Fri, 12 Jun 2026 00:00:00 +0000 BleepingComputer Aikido StepSecurity Snyk https://cybersecuritynews.com/fancy-bear-hackers-abuse-edgerouters-and-cloud-services/ <p><strong>SHA256:</strong> <code>3f476d316efe2514efd70c975d0c87e12357db9fca54a25834d60b28192c6a69</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks</p> usecaseintel:sha256:3f476d316efe2514efd70c975d0c87e12357db9fca54a25834d60b28192c6a69 Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/malicious-npm-campaign-steals-ssh-keys-api-tokens/ <p><strong>SHA256:</strong> <code>2fa5b0475c3b70a3ba14c6a3938baf441a08b11841493b85e087d1d5e01eba49</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Malicious npm Campaign Steals SSH Keys, API Tokens, Cloud Credentials, and Wallet Secrets</p> usecaseintel:sha256:2fa5b0475c3b70a3ba14c6a3938baf441a08b11841493b85e087d1d5e01eba49 Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/fancy-bear-hackers-abuse-edgerouters-and-cloud-services/ <p><strong>SHA256:</strong> <code>2822c72a59b58c00fc088aa551cdeeb92ca10fd23e23745610ff207f53118db9</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks</p> usecaseintel:sha256:2822c72a59b58c00fc088aa551cdeeb92ca10fd23e23745610ff207f53118db9 Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/fancy-bear-hackers-abuse-edgerouters-and-cloud-services/ <p><strong>SHA256:</strong> <code>1ed863a32372160b3a25549aad25d48d5352d9b4f58d4339408c4eea69807f50</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks</p> usecaseintel:sha256:1ed863a32372160b3a25549aad25d48d5352d9b4f58d4339408c4eea69807f50 Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/malicious-npm-campaign-steals-ssh-keys-api-tokens/ <p><strong>SHA256:</strong> <code>17bad5ae5b2ac262f5f18854853869840245c344105aa38c7f550ef51d2e5f26</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Malicious npm Campaign Steals SSH Keys, API Tokens, Cloud Credentials, and Wallet Secrets</p> usecaseintel:sha256:17bad5ae5b2ac262f5f18854853869840245c344105aa38c7f550ef51d2e5f26 Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/fancy-bear-hackers-abuse-edgerouters-and-cloud-services/ <p><strong>SHA256:</strong> <code>0bb0d54033767f081cae775e3cf9ede7ae6bea75f35fbfb748ccba9325e28e5e</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks</p> usecaseintel:sha256:0bb0d54033767f081cae775e3cf9ede7ae6bea75f35fbfb748ccba9325e28e5e Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/malicious-npm-campaign-steals-ssh-keys-api-tokens/ <p><strong>SHA1:</strong> <code>fcc8a542aad41e758cf6c18571048890be53808e</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Malicious npm Campaign Steals SSH Keys, API Tokens, Cloud Credentials, and Wallet Secrets</p> usecaseintel:sha1:fcc8a542aad41e758cf6c18571048890be53808e Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/malicious-npm-campaign-steals-ssh-keys-api-tokens/ <p><strong>SHA1:</strong> <code>e1bdcd1a7157f7d047a88ab4573723fe1e861951</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Malicious npm Campaign Steals SSH Keys, API Tokens, Cloud Credentials, and Wallet Secrets</p> usecaseintel:sha1:e1bdcd1a7157f7d047a88ab4573723fe1e861951 Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/malicious-npm-campaign-steals-ssh-keys-api-tokens/ <p><strong>SHA1:</strong> <code>74d3d5ab6d0fa4c6a5860598231728a6a893ecf7</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Malicious npm Campaign Steals SSH Keys, API Tokens, Cloud Credentials, and Wallet Secrets</p> usecaseintel:sha1:74d3d5ab6d0fa4c6a5860598231728a6a893ecf7 Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/malicious-npm-campaign-steals-ssh-keys-api-tokens/ <p><strong>SHA1:</strong> <code>70842cfc27b116d0db2fd7aa33d53a3faf510993</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Malicious npm Campaign Steals SSH Keys, API Tokens, Cloud Credentials, and Wallet Secrets</p> usecaseintel:sha1:70842cfc27b116d0db2fd7aa33d53a3faf510993 Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/malicious-npm-campaign-steals-ssh-keys-api-tokens/ <p><strong>SHA1:</strong> <code>63154cd9c79f9d14eb9be6c4efc2a778d31646ec</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Malicious npm Campaign Steals SSH Keys, API Tokens, Cloud Credentials, and Wallet Secrets</p> usecaseintel:sha1:63154cd9c79f9d14eb9be6c4efc2a778d31646ec Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/malicious-npm-campaign-steals-ssh-keys-api-tokens/ <p><strong>SHA1:</strong> <code>53b91117db931d3acbbfd15aa8400bb6691e023d</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Malicious npm Campaign Steals SSH Keys, API Tokens, Cloud Credentials, and Wallet Secrets</p> usecaseintel:sha1:53b91117db931d3acbbfd15aa8400bb6691e023d Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://thehackernews.com/2026/06/over-400-arch-linux-aur-packages.html <p><strong>MD5:</strong> <code>42b59fdbe1b72895b2951412222ebf40</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: The Hacker News, BleepingComputer</p><p>Context: Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit</p> usecaseintel:md5:42b59fdbe1b72895b2951412222ebf40 Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News BleepingComputer https://cybersecuritynews.com/malicious-npm-campaign-steals-ssh-keys-api-tokens/ <p><strong>IPV4:</strong> <code>193.233.201.21</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Malicious npm Campaign Steals SSH Keys, API Tokens, Cloud Credentials, and Wallet Secrets</p> usecaseintel:ipv4:193.233.201.21 Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://thehackernews.com/2026/06/shinyhunters-exploits-oracle-peoplesoft.html <p><strong>IPV4:</strong> <code>176.120.22.24</code></p><p>Severity: <strong>crit</strong> · First seen: 2026-06-12 · Sources: The Hacker News, CISA KEV</p><p>Context: ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities</p> usecaseintel:ipv4:176.120.22.24 Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News CISA KEV https://thehackernews.com/2026/06/shinyhunters-exploits-oracle-peoplesoft.html <p><strong>IPV4:</strong> <code>142.11.200.190</code></p><p>Severity: <strong>crit</strong> · First seen: 2026-06-12 · Sources: The Hacker News, CISA KEV</p><p>Context: ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities</p> usecaseintel:ipv4:142.11.200.190 Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News CISA KEV https://thehackernews.com/2026/06/shinyhunters-exploits-oracle-peoplesoft.html <p><strong>IPV4:</strong> <code>142.11.200.189</code></p><p>Severity: <strong>crit</strong> · First seen: 2026-06-12 · Sources: The Hacker News, CISA KEV</p><p>Context: ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities</p> usecaseintel:ipv4:142.11.200.189 Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News CISA KEV https://thehackernews.com/2026/06/shinyhunters-exploits-oracle-peoplesoft.html <p><strong>IPV4:</strong> <code>142.11.200.188</code></p><p>Severity: <strong>crit</strong> · First seen: 2026-06-12 · Sources: The Hacker News, CISA KEV</p><p>Context: ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities</p> usecaseintel:ipv4:142.11.200.188 Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News CISA KEV https://thehackernews.com/2026/06/shinyhunters-exploits-oracle-peoplesoft.html <p><strong>IPV4:</strong> <code>142.11.200.187</code></p><p>Severity: <strong>crit</strong> · First seen: 2026-06-12 · Sources: The Hacker News, CISA KEV</p><p>Context: ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities</p> usecaseintel:ipv4:142.11.200.187 Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News CISA KEV https://thehackernews.com/2026/06/shinyhunters-exploits-oracle-peoplesoft.html <p><strong>IPV4:</strong> <code>142.11.200.186</code></p><p>Severity: <strong>crit</strong> · First seen: 2026-06-12 · Sources: The Hacker News, CISA KEV</p><p>Context: ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities</p> usecaseintel:ipv4:142.11.200.186 Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News CISA KEV https://thehackernews.com/2026/06/shinyhunters-exploits-oracle-peoplesoft.html <p><strong>IPV4:</strong> <code>108.174.202.99</code></p><p>Severity: <strong>crit</strong> · First seen: 2026-06-12 · Sources: The Hacker News, CISA KEV</p><p>Context: ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities</p> usecaseintel:ipv4:108.174.202.99 Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News CISA KEV https://cybersecuritynews.com/fancy-bear-hackers-abuse-edgerouters-and-cloud-services/ <p><strong>DOMAIN:</strong> <code>wellnessmedcare.org</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks</p> usecaseintel:domain:wellnessmedcare.org Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/fancy-bear-hackers-abuse-edgerouters-and-cloud-services/ <p><strong>DOMAIN:</strong> <code>wellnesscaremed.com</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks</p> usecaseintel:domain:wellnesscaremed.com Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://www.bleepingcomputer.com/news/security/early-warning-signs-of-supply-chain-attacks-live-in-the-dark-web/ <p><strong>DOMAIN:</strong> <code>webhook.site</code></p><p>Severity: <strong>crit</strong> · First seen: 2026-06-12 · Sources: BleepingComputer, Aikido, StepSecurity, Snyk, CISA KEV</p><p>Context: Early Warning Signs of Supply-Chain Attacks Live in the Dark Web</p> usecaseintel:domain:webhook.site Fri, 12 Jun 2026 00:00:00 +0000 BleepingComputer Aikido StepSecurity Snyk CISA KEV https://thehackernews.com/2026/06/interpol-takes-down-sniper-dz-phishing.html <p><strong>DOMAIN:</strong> <code>v0tingsystem.github.io</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: The Hacker News</p><p>Context: INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator</p> usecaseintel:domain:v0tingsystem.github.io Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News https://thehackernews.com/2026/06/europol-disrupts-audia6-crypto.html <p><strong>DOMAIN:</strong> <code>trayo.app</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: The Hacker News</p><p>Context: Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs</p> usecaseintel:domain:trayo.app Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News https://thehackernews.com/2026/06/europol-disrupts-audia6-crypto.html <p><strong>DOMAIN:</strong> <code>technobrains.dev</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: The Hacker News</p><p>Context: Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs</p> usecaseintel:domain:technobrains.dev Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News https://www.bleepingcomputer.com/news/security/french-govt-says-tchap-breach-affected-over-73-000-accounts/ <p><strong>DOMAIN:</strong> <code>tchap.gouv.fr</code></p><p>Severity: <strong>med</strong> · First seen: 2026-06-12 · Sources: BleepingComputer</p><p>Context: Over 73,000 French govt employees affected in Tchap messenger breach</p> usecaseintel:domain:tchap.gouv.fr Fri, 12 Jun 2026 00:00:00 +0000 BleepingComputer https://thehackernews.com/2026/06/interpol-takes-down-sniper-dz-phishing.html <p><strong>DOMAIN:</strong> <code>t.me/JokerDzV2</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: The Hacker News</p><p>Context: INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator</p> usecaseintel:domain:t.me/JokerDzV2 Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News https://thehackernews.com/2026/06/europol-disrupts-audia6-crypto.html <p><strong>DOMAIN:</strong> <code>sumato-soft.org</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: The Hacker News</p><p>Context: Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs</p> usecaseintel:domain:sumato-soft.org Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News https://thehackernews.com/2026/06/interpol-takes-down-sniper-dz-phishing.html <p><strong>DOMAIN:</strong> <code>sniperdz.com</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: The Hacker News</p><p>Context: INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator</p> usecaseintel:domain:sniperdz.com Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News https://thehackernews.com/2026/06/europol-disrupts-audia6-crypto.html <p><strong>DOMAIN:</strong> <code>smplfy.in</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: The Hacker News</p><p>Context: Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs</p> usecaseintel:domain:smplfy.in Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News https://cybersecuritynews.com/hackers-abuse-legitimate-ninjaone-rmm-software/ <p><strong>DOMAIN:</strong> <code>sefaz.services</code></p><p>Severity: <strong>med</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Hackers Abuse Legitimate NinjaOne RMM Software to Bypass Traditional Malware Detection</p> usecaseintel:domain:sefaz.services Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/hackers-abuse-legitimate-ninjaone-rmm-software/ <p><strong>DOMAIN:</strong> <code>rectalmania.com</code></p><p>Severity: <strong>med</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Hackers Abuse Legitimate NinjaOne RMM Software to Bypass Traditional Malware Detection</p> usecaseintel:domain:rectalmania.com Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/hackers-abuse-legitimate-ninjaone-rmm-software/ <p><strong>DOMAIN:</strong> <code>reclameaqui.services</code></p><p>Severity: <strong>med</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Hackers Abuse Legitimate NinjaOne RMM Software to Bypass Traditional Malware Detection</p> usecaseintel:domain:reclameaqui.services Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://thehackernews.com/2026/06/interpol-takes-down-sniper-dz-phishing.html <p><strong>DOMAIN:</strong> <code>raviral.com/k_fac.php</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: The Hacker News</p><p>Context: INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator</p> usecaseintel:domain:raviral.com/k_fac.php Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News https://thehackernews.com/2026/06/interpol-takes-down-sniper-dz-phishing.html <p><strong>DOMAIN:</strong> <code>raviral.com/host_style/style/js-track/track.js</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: The Hacker News</p><p>Context: INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator</p> usecaseintel:domain:raviral.com/host_style/style/js-track/track.js Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News https://thehackernews.com/2026/06/interpol-takes-down-sniper-dz-phishing.html <p><strong>DOMAIN:</strong> <code>raviral.com</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: The Hacker News</p><p>Context: INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator</p> usecaseintel:domain:raviral.com Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News https://cybersecuritynews.com/hackers-abuse-legitimate-ninjaone-rmm-software/ <p><strong>DOMAIN:</strong> <code>r64.org</code></p><p>Severity: <strong>med</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Hackers Abuse Legitimate NinjaOne RMM Software to Bypass Traditional Malware Detection</p> usecaseintel:domain:r64.org Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://thehackernews.com/2026/06/europol-disrupts-audia6-crypto.html <p><strong>DOMAIN:</strong> <code>quix.express</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: The Hacker News</p><p>Context: Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs</p> usecaseintel:domain:quix.express Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News https://thehackernews.com/2026/06/europol-disrupts-audia6-crypto.html <p><strong>DOMAIN:</strong> <code>qube.black</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: The Hacker News</p><p>Context: Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs</p> usecaseintel:domain:qube.black Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News https://thehackernews.com/2026/06/interpol-takes-down-sniper-dz-phishing.html <p><strong>DOMAIN:</strong> <code>pubg-tournament-official.github.io</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: The Hacker News</p><p>Context: INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator</p> usecaseintel:domain:pubg-tournament-official.github.io Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News https://thehackernews.com/2026/06/interpol-takes-down-sniper-dz-phishing.html <p><strong>DOMAIN:</strong> <code>pro.riccardomalisano.com</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: The Hacker News</p><p>Context: INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator</p> usecaseintel:domain:pro.riccardomalisano.com Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News https://thehackernews.com/2026/06/europol-disrupts-audia6-crypto.html <p><strong>DOMAIN:</strong> <code>postino.click</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: The Hacker News</p><p>Context: Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs</p> usecaseintel:domain:postino.click Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News https://thehackernews.com/2026/06/europol-disrupts-audia6-crypto.html <p><strong>DOMAIN:</strong> <code>postify.email</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: The Hacker News</p><p>Context: Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs</p> usecaseintel:domain:postify.email Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News https://thehackernews.com/2026/06/europol-disrupts-audia6-crypto.html <p><strong>DOMAIN:</strong> <code>postfast.eu</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: The Hacker News</p><p>Context: Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs</p> usecaseintel:domain:postfast.eu Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News https://thehackernews.com/2026/06/europol-disrupts-audia6-crypto.html <p><strong>DOMAIN:</strong> <code>pheontx.eu</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: The Hacker News</p><p>Context: Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs</p> usecaseintel:domain:pheontx.eu Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News https://cybersecuritynews.com/malicious-npm-campaign-steals-ssh-keys-api-tokens/ <p><strong>DOMAIN:</strong> <code>pastefy.app</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News, Lab52</p><p>Context: Malicious npm Campaign Steals SSH Keys, API Tokens, Cloud Credentials, and Wallet Secrets</p> usecaseintel:domain:pastefy.app Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News Lab52 https://thehackernews.com/2026/06/over-400-arch-linux-aur-packages.html <p><strong>DOMAIN:</strong> <code>olrh4mibs62l6kkuvvjyc5lrercqg5tz543r4lsw3o6mh5qb7g7sneid.onion</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: The Hacker News, BleepingComputer</p><p>Context: Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit</p> usecaseintel:domain:olrh4mibs62l6kkuvvjyc5lrercqg5tz543r4lsw3o6mh5qb7g7sneid.onion Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News BleepingComputer https://www.bleepingcomputer.com/news/security/french-govt-says-tchap-breach-affected-over-73-000-accounts/ <p><strong>DOMAIN:</strong> <code>matrix.agent.education.tchap.gouv.fr</code></p><p>Severity: <strong>med</strong> · First seen: 2026-06-12 · Sources: BleepingComputer</p><p>Context: Over 73,000 French govt employees affected in Tchap messenger breach</p> usecaseintel:domain:matrix.agent.education.tchap.gouv.fr Fri, 12 Jun 2026 00:00:00 +0000 BleepingComputer https://thehackernews.com/2026/06/europol-disrupts-audia6-crypto.html <p><strong>DOMAIN:</strong> <code>mailora.eu</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: The Hacker News</p><p>Context: Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs</p> usecaseintel:domain:mailora.eu Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News https://cybersecuritynews.com/fancy-bear-hackers-abuse-edgerouters-and-cloud-services/ <p><strong>DOMAIN:</strong> <code>longsauce.com</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks</p> usecaseintel:domain:longsauce.com Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://thehackernews.com/2026/06/europol-disrupts-audia6-crypto.html <p><strong>DOMAIN:</strong> <code>lettermail.eu</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: The Hacker News</p><p>Context: Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs</p> usecaseintel:domain:lettermail.eu Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News https://thehackernews.com/2026/06/europol-disrupts-audia6-crypto.html <p><strong>DOMAIN:</strong> <code>lett.email</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: The Hacker News</p><p>Context: Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs</p> usecaseintel:domain:lett.email Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News https://cybersecuritynews.com/hackers-abuse-legitimate-ninjaone-rmm-software/ <p><strong>DOMAIN:</strong> <code>lazybearpottery.net</code></p><p>Severity: <strong>med</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Hackers Abuse Legitimate NinjaOne RMM Software to Bypass Traditional Malware Detection</p> usecaseintel:domain:lazybearpottery.net Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://thehackernews.com/2026/06/interpol-takes-down-sniper-dz-phishing.html <p><strong>DOMAIN:</strong> <code>instagram-cutequeen57.netlify.app</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: The Hacker News</p><p>Context: INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator</p> usecaseintel:domain:instagram-cutequeen57.netlify.app Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News https://thehackernews.com/2026/06/europol-disrupts-audia6-crypto.html <p><strong>DOMAIN:</strong> <code>inboxly.top</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: The Hacker News</p><p>Context: Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs</p> usecaseintel:domain:inboxly.top Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News https://thehackernews.com/2026/06/europol-disrupts-audia6-crypto.html <p><strong>DOMAIN:</strong> <code>inboxally.agency</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: The Hacker News</p><p>Context: Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs</p> usecaseintel:domain:inboxally.agency Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News https://cybersecuritynews.com/hackers-abuse-legitimate-ninjaone-rmm-software/ <p><strong>DOMAIN:</strong> <code>hairdb.com</code></p><p>Severity: <strong>med</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Hackers Abuse Legitimate NinjaOne RMM Software to Bypass Traditional Malware Detection</p> usecaseintel:domain:hairdb.com Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://cybersecuritynews.com/fancy-bear-hackers-abuse-edgerouters-and-cloud-services/ <p><strong>DOMAIN:</strong> <code>freefoodaid.com</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: Cyber Security News</p><p>Context: Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks</p> usecaseintel:domain:freefoodaid.com Fri, 12 Jun 2026 00:00:00 +0000 Cyber Security News https://thehackernews.com/2026/06/interpol-takes-down-sniper-dz-phishing.html <p><strong>DOMAIN:</strong> <code>freefirefff.github.io</code></p><p>Severity: <strong>high</strong> · First seen: 2026-06-12 · Sources: The Hacker News</p><p>Context: INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator</p> usecaseintel:domain:freefirefff.github.io Fri, 12 Jun 2026 00:00:00 +0000 The Hacker News