PowerSchool Hack; Takedowns and Arrests and Leaks, Oh My!; and ITRC Breach Report Findings

There’s been quite a few hacks, takedowns-arrests-leaks, and insights from the Identity Theft Resource Center (ITRC) 2024 Breach Report. Dive into the most pressing recent stories on data leaks, cybercrime, and the dark web with security researcher Nick Ascoli on the podcast Leaky Weekly. On this episode of Leaky Weekly, Nick covers: Tune in for […]
The Underground’s Favorite Messenger: Telegram’s Reign Continues

The data and visualizations presented on this webpage are based on information collected from January 2024 to January 2025. These graphs are static and do not reflect real-time updates or recent developments. Any trends, insights, or conclusions should be interpreted with this timeframe in mind. Executive Summary Telegram remains the dominant messaging platform in the […]
MOVEit Repackaged and Recycled

The largest repackage and re-post of an old leak In November 2024, a hacker known as “Nam3L3ss” allegedly released previously undisclosed data from the MOVEit breach in May 2023. This leak consisted of millions of records, including sensitive employee and big brand corporate information, significantly escalating the breach’s impact. Digging into this story reveals that […]
Infostealer Malware: An Introduction

This article was updated on June 26, 2025 with updated information Stolen credentials are big business among cybercriminals. According to Verizon’s latest Data Breach Investigation Report (DBIR), credentials were involved in 88% of basic web application attack breaches, making them the most common initial attack vector — and sometimes, the only vector used in an […]
Dark Web Forum Arrests, Columbus Ransomware Attack Updates, and American Background Info Data Leak

Keeping up with the world of cybercrime is important but can often feel overwhelming for security practitioners. Leaky Weekly is a podcast hosted by security researcher Nick Ascoli as he dives into the most pressing stories on data leaks, cybercrime, and the dark web in the last week or so. On this episode of Leaky […]
AWS Takeover Campaign, Ransomware Attack on Columbus, and City of Columbus Sues Ransomware Researcher Whistleblower

There’s so much to keep up with in the world of cybercrime…especially for security practitioners. Leaky Weekly is a cybercrime current events podcast hosted by security researcher Nick Ascoli as he dives into the most pressing stories on data leaks, cybercrime, and the dark web in the last week or so. On this episode of […]
Cybercrime Current Events: Background Check Organization Breach, a Repossessed Ransomware Blog, Feuding Forums, and Double Arrest of “J.P. Morgan”

There’s so much to keep up with in the world of cybercrime…especially for security practitioners. Leaky Weekly is a bi-weekly podcast hosted by security researcher Nick Ascoli as he dives into the most pressing stories on data leaks, cybercrime, and the dark web in the last week or so. On this episode of Leaky Weekly, […]
Launching Leaky Weekly with Flare, Cybercrime Current Events Podcast

There’s so much to keep up with in the world of cybercrime…especially for security practitioners. Leaky Weekly is a cybercrime current events podcast hosted by security researcher Nick Ascoli as he dives into the most pressing stories on data leaks, cybercrime, and the dark web in the last week or so. On this episode of […]
Ransomware in Context: 2024, A Year of Tumultuous Change

2024 has started off dramatic shifts in the ransomware landscape. In December of 2023 international law enforcement took down the BlackCat leaks site, leading to the group removing all ethical restrictions for their affiliates and declaring all organizations in Western Europe and the United States viable targets to include nuclear power plants and childrens hospitals. […]
LockBit’s Conversation on XSS Forum with an Initial Access Broker

In February of 2024, admins of the Russian hacking forum XSS banned the primary LockBit account active on the forum. The ban was the result of a dispute between LockBit, and an initial access broker operating under the username “aa.” The following is a conversation between AA and LockBit, posted on XSS as aa sought […]