The Hunters International ransomware group is threatening to leak what it claims to be 386 GB of data from the U.S. Marshals Service (USMS), more than a year after the federal law enforcement agency suffered a major ransomware attack.
The gang claims the data, comprising more than 327,000 files, includes “Top Secret” documents, gang files, information on active cases, files from the 2022 drug enforcement operation “Operation Turnbuckle” and more, according to HackManac, which posted screenshots of group’s claims on the X social media platform.
Read more…
Source: SC Media
Related:
- Shifts in the Underground: The Impact of Water Kurita’s (Lumma Stealer) Doxxing
October 16, 2025
In September 2025, Trend Micro researchers noted a striking decline in new command and control infrastructure activity associated with Lummastealer (which Trend Micro tracks as Water Kurita), as well as a significant reduction in the number of endpoints targeted by this notorious malware. This sudden drop appears to align with a targeted underground exposure campaign that has ...
- The Rising Threat of Insider Recruitment in Ransomware Campaigns
October 15, 2025
In cybersecurity, we often say that attackers only need to be right once – and defenders need to be right every time. Traditionally, we’ve focused on perimeter breaches, phishing campaigns, and zero-day exploits. But increasingly, attackers are bypassing these hardened defenses and taking a different route: persuading someone on the inside to hand over the keys. ...
- UK: Outsourcing firm Capita fined £14m after millions had data stolen
October 15, 2025
The UK’s data watchdog has fined outsourcing firm Capita £14m after the personal data of 6.6 million people was stolen in a cyber-attack. The Information Commissioner’s Office (ICO) said Capita “failed to ensure the security of processing of personal data which left it at significant risk”. The fine was originally set at £45m but reduced after ...
- Maverick: a new banking Trojan abusing WhatsApp in a mass-scale distribution
October 15, 2025
A malware campaign was recently detected in Brazil, distributing a malicious LNK file using WhatsApp. It targets mainly Brazilians and uses Portuguese-named URLs. To evade detection, the command-and-control (C2) server verifies each download to ensure it originates from the malware itself. The whole infection chain is complex and fully fileless, and by the end, it will ...
- Operation Zero Disco: Attackers Exploit Cisco SNMP Vulnerability to Deploy Rootkits
October 15, 2025
TrendResearch has detected an operation where attackers exploited a Cisco Simple Network Management Protocol (SNMP) vulnerability to install a rootkit on vulnerable network devices. The SNMP exploit referenced in Cisco’s latest advisory is CVE-2025-20352, which affects both 32-bit and 64-bit switch builds and can result in remote code execution (RCE). The operation targeted victims running older ...
- 23 million records leaked in Vietnam Airlines–linked data breach
October 14, 2025
Vietnam Airlines has confirmed that some customers’ personal information, including full names, email addresses and phone numbers, was exposed in a recent data breach linked to its technology partner’s online customer service platform. In an email sent to customers on Oct. 14, the national carrier said it was alerted after hackers uploaded 23 million customer records ...