Latest Security News Collection
Europol Dismantles Archetyp Market in Major Dark Web Crackdown
Section titled “Europol Dismantles Archetyp Market in Major Dark Web Crackdown”#CyberCrime #Europol #DarkWeb #ArchetypMarket #DrugTrafficking #FentanylCrisis #DigitalForensics #InternationalLawEnforcement #Eurojust #OperationDeepSentinel
In a sweeping international operation, Europol and Eurojust have shut down Archetyp Market, the longest-running dark web drug marketplace. Coordinated across six countries—including Germany, Spain, and Sweden—the operation led to the arrest of the platform’s administrator in Spain and the targeting of top vendors. Archetyp Market had operated for over five years, amassing more than 600,000 users and facilitating transactions worth at least €250 million. Known for allowing the sale of fentanyl and other potent synthetic opioids, the platform posed a significant threat to public health. Authorities seized €7.8 million in assets and dismantled the site’s infrastructure, replacing it with a seizure banner and a warning video. This takedown sends a strong message: law enforcement is closing in on the dark web’s illicit trade networks.
→ Read more on securityaffairs.com
Exposed JDWP Interfaces Open the Door to Remote Code Execution and Crypto Mining
Section titled “Exposed JDWP Interfaces Open the Door to Remote Code Execution and Crypto Mining”#CyberSecurity #JDWP #RemoteCodeExecution #CryptoMining #JavaSecurity #TeamCity #DevSecOps #CloudSecurity #DDoS #XMRig
Cybersecurity researchers have issued a stark warning about the exploitation of exposed Java Debug Wire Protocol (JDWP) interfaces. Threat actors are leveraging these misconfigured endpoints to gain remote code execution (RCE) capabilities, deploying cryptocurrency miners and launching DDoS attacks. The attackers use a modified XMRig miner with obfuscated configurations to evade detection, often targeting CI/CD tools like TeamCity and Jenkins. JDWP, typically used for debugging Java applications, lacks built-in authentication—making it a prime target when exposed to the internet. Over 2,600 IP addresses have been observed scanning for JDWP endpoints, with a significant portion flagged as malicious. The attacks highlight the urgent need for developers and system administrators to secure debug interfaces and avoid leaving them accessible in production environments.
→ Read more on thehackernews.com
Phishing Scammers Innovate with Callback Tactics to Evade Detection
Section titled “Phishing Scammers Innovate with Callback Tactics to Evade Detection”#PhishingAlert #CallbackScams #CyberSecurity #SocialEngineering #EmailSecurity #ThreatDetection #SecurityAwareness #VoicePhishing #CyberThreats #InfoSec
Cybercriminals are evolving their phishing strategies by incorporating callback mechanisms to bypass traditional email security filters. Instead of embedding malicious links or attachments, attackers now prompt recipients to call a phone number, where they are manipulated into divulging sensitive information or installing malware. This method, often disguised as urgent messages from trusted brands or IT support, exploits human psychology rather than technical vulnerabilities. The shift to voice-based social engineering makes it harder for automated systems to detect and block these threats. Security experts warn that this trend marks a significant escalation in phishing sophistication, urging organisations to enhance employee awareness and adopt multi-layered defence strategies.
→ Read more on databreachtoday.com
Spain’s .es Domains Flooded with Phishing Attacks in Alarming Surge
Section titled “Spain’s .es Domains Flooded with Phishing Attacks in Alarming Surge”#PhishingAlert #CyberThreats #SpainDomains #CredentialTheft #RemoteAccessTrojans #CloudflareSecurity #MicrosoftSpoofing #EmailScams #CAPTCHAAbuse #InfosecUpdate
Cybersecurity researchers have uncovered a dramatic 19-fold increase in phishing campaigns launched from Spain’s .es top-level domains (TLDs), now ranking third globally behind .com and .ru. Since January, over 1,300 subdomains across 447 .es domains have been weaponised—99% for credential phishing and 1% for distributing remote access trojans (RATs) like ConnectWise and XWorm. These attacks often spoof trusted brands, especially Microsoft, and use convincing HR-themed emails to lure victims. Most malicious sites are hosted on Cloudflare and feature CAPTCHA barriers to appear legitimate. The randomness of domain names makes them easier to spot, yet their sheer volume poses a growing threat. Experts believe this trend reflects widespread adoption of .es domains by diverse threat actors, not just niche groups, signalling a persistent and evolving cyber risk.
→ Read more on theregister.com
Qantas Data Breach Exposes Records of 6 Million Customers
Section titled “Qantas Data Breach Exposes Records of 6 Million Customers”#QantasBreach #DataSecurity #CyberIncident #CustomerPrivacy #FrequentFlyerData #PhishingRisk #AviationSecurity #InfoSec #DataProtection #CyberAwareness
Australian airline Qantas has confirmed a major data breach affecting up to 6 million customers, after personal information was accessed from systems hosting frequent flyer service records. The compromised data includes names, contact details, and travel history, though no passwords or financial information were reportedly stolen. The breach was discovered during a routine security audit, prompting Qantas to notify affected customers and launch an internal investigation. While the airline insists that its core booking systems remain secure, cybersecurity experts warn that the exposed data could still be exploited for phishing or identity theft. The incident underscores the growing risks facing the aviation sector and the importance of robust data protection measures.
→ Read more on securityweek.com
EU Unveils Ambitious Strategy for Quantum-Secure Communications by 2030
Section titled “EU Unveils Ambitious Strategy for Quantum-Secure Communications by 2030”#QuantumSecurity #EUQuantumStrategy #EuroQCI #QuantumInternet #QKDSatellite #PostQuantumCryptography #CyberResilience #DataProtection #QuantumInnovation #DigitalSovereignty
The European Union has launched a comprehensive Quantum Strategy aimed at establishing a continent-wide quantum-secure communication infrastructure by 2030. Central to this initiative is the European Quantum Communication Infrastructure (EuroQCI), which will integrate terrestrial quantum networks across 26 member states and support the launch of a Quantum Key Distribution (QKD) satellite in 2026. These efforts are designed to safeguard sensitive data against future quantum computing threats, which could render current encryption obsolete. The strategy also includes the Quantum Internet Initiative, focused on developing distributed quantum computing and ultra-secure data sharing. Pilot projects are already underway, including encrypted hospital data transfers and secure government communications. The EU is committed to building this infrastructure using a fully European supply chain, reinforcing its ambition to become a global leader in quantum technologies.
→ Read more on infosecurity-magazine.com
Interpol Cracks Down on West African Cybercrime Network in Côte d’Ivoire
Section titled “Interpol Cracks Down on West African Cybercrime Network in Côte d’Ivoire”#Interpol #Cybercrime #WestAfrica #PhishingScam #Contender2 #CôteDIvoire #DigitalFraud #CyberSecurity #BECScams #GlobalJustice
Interpol has dismantled a major cybercrime operation in Côte d’Ivoire, arresting eight suspects involved in large-scale phishing scams targeting Swiss citizens. The fraudsters used QR codes to lure victims to fake payment websites, where they harvested sensitive data such as login credentials and card numbers. Disguised as buyers on classified ad platforms or customer service agents, the criminals exploited trust to execute their schemes. The operation, part of Interpol’s ongoing “Contender 2.0” initiative, uncovered over $1.9 million in illicit gains and more than 260 victim reports. One key suspect confessed to orchestrating the scam, while five others were caught conducting cybercriminal activities at the same location. Authorities are now working to trace stolen funds and identify further victims. This takedown highlights the growing cyber threat landscape in West Africa and the global collaboration needed to combat it.
→ Read more on therecord.media
Sharp Rise in Malware Attacks and Data Breaches Sparks Global Concern
Section titled “Sharp Rise in Malware Attacks and Data Breaches Sparks Global Concern”#CyberThreats #MalwareSurge #DataBreaches #EndpointSecurity #GermanyCyberStats #AsyncRAT #RansomwareGroups #PhishingProtection #AcronisReport #CyberResilience
Cybersecurity firm Acronis has reported a significant surge in malware attacks and data breaches worldwide, with May 2025 seeing a 36% increase in malware incidents compared to April. Over 10.8 million malicious URLs were blocked, and more than 800,000 threats were detected on endpoint devices. Germany experienced a notable spike, with malware detection rates rising from 5.1% to 7.1%, surpassing the global average. The most prevalent malware strains included Lumma, Remcos, and AsyncRAT—tools designed to infiltrate systems and steal sensitive data. Ransomware remains a critical threat, with groups like SafePay, Silent RansomGroup, and Quilin responsible for dozens of attacks. Simultaneously, data breach reports rose to over 580 incidents globally, highlighting the growing risk to both organisations and individuals. Acronis stresses the urgent need for proactive security strategies to counter these escalating threats.
→ Read more on it-daily.net
Amazon Prime Day 2025: Surge in Fake Sites and Phishing Scams
Section titled “Amazon Prime Day 2025: Surge in Fake Sites and Phishing Scams”#AmazonPrimeDay #PhishingScams #CyberSecurity #FakeWebsites #OnlineFraud #CredentialTheft #ScamAwareness #TwoFactorAuthentication #DigitalSafety #CyberNews
As Amazon Prime Day 2025 approaches on 8 July, cybercriminals are exploiting the shopping frenzy by launching a wave of phishing scams and fake websites. Security researchers have identified over 1,230 new domains mimicking Amazon—87% of which are deemed suspicious or outright malicious. These scams often involve phishing emails disguised as Amazon customer service alerts, urging users to resolve “refund errors” or “account issues.” Victims are redirected to counterfeit login pages, risking credential theft, unauthorised purchases, and identity fraud. Fraudulent domains like “amazon-2025> [.]top” and “Amazon02atonline51> [.]online” are designed to deceive even cautious users. Experts urge shoppers to avoid clicking on suspicious links, verify URLs manually, and enable two-factor authentication. The rise in scams mirrors trends seen during other major retail events like Black Friday and Cyber Monday.
→ Read more on cybernews.com
Hunters International Ransomware Group Rebrands as ‘World Leaks’ After 250+ Attacks
Section titled “Hunters International Ransomware Group Rebrands as ‘World Leaks’ After 250+ Attacks”#Ransomware #WorldLeaks #CyberThreats #HuntersInternational #DataExtortion #HealthcareCybersecurity #RaaS #CyberResilience #ThreatIntelligence #InfoSecUpdate
The notorious ransomware-as-a-service (RaaS) group Hunters International has officially shut down and rebranded as “World Leaks,” following a wave of cyberattacks that included 55 confirmed and 199 unconfirmed incidents. The group, known for targeting healthcare institutions and businesses, announced the transition on 4 July 2025. While the rebrand suggests a shift in tactics or leadership, security experts warn that the threat remains active under a new identity. The group’s previous operations involved data theft, extortion, and the publication of stolen information. The emergence of World Leaks signals a continuation of these activities, potentially with enhanced capabilities and broader targeting. Organisations are urged to remain vigilant, update their defences, and monitor for indicators of compromise linked to both Hunters International and its successor.
→ Read more on hackread.com
+49 89 360 5310 | security-awareness@metafinanz.de
The editors are not responsible for the content of each article.