Cyber: Threatsday Bulletin: New Rces, Darknet Busts, Kernel Bugs & 25+...

This week's updates show how small changes can create real problems. Not loud incidents, but quiet shifts that are easy to miss until they add up. The kind that affects systems people rely on every day.

Many of the stories point to the same trend: familiar tools being used in unexpected ways. Security controls are being worked on. Trusted platforms turning into weak spots. What looks routine on the surface often isn't.

There's no single theme driving everything — just steady pressure across many fronts. Access, data, money, and trust are all being tested at once, often without clear warning signs.

This edition pulls together those signals in short form, so you can see what's changing before it becomes harder to ignore.

The U.S. Federal Bureau of Investigation (FBI) has seized the notorious RAMP cybercrime forum. Visitors to the forum's Tor site and its clearnet domain, ramp4u[.]io, are now greeted by a seizure banner that states the "action has been taken in coordination with the United States Attorney's Office for the Southern District of Florida and the Computer Crime and Intellectual Property Section of the Department of Justice." On the XSS forum, RAMP's current administrator Stallman confirmed the takedown, stating, "This event has destroyed years of my work to create the most free forum in the world, and although I hoped that this day would never come, in my heart I always knew it was possible." RAMP was launched in July 2021 after both Exploit and XSS banned the promotion of ransomware operations. It was established by a user named Orange, who has since been outed as Mikhail Pavlovich Matveev (aka Wazawaka, m1x, Boriselcin, and Uhodiransomwar). "Groups such as Nova and DragonForce are reportedly shifting activity toward Rehub, illustrating the underground's ability to reconstitute quickly in alternative spaces," Tammy Harper, senior threat intelligence researcher at Flare.io, said. "These transitions are often chaotic, opening new risks for threat actors: loss of reputation, escrow instability, operational exposure, and infiltration during the scramble to rebuild trust."

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published an initial list of hardware and software product categories that support or are expected to support post-quantum cryptography (PQC) standards. The guidance covers cloud services, collaboration and web software, endpoint security, and networking hardware and software. The list aims to guide organizati

Source: The Hacker News