Security Affairs
Ubiquiti Patches Critical UniFi OS Flaws Allowing Command Injection and Privilege Escalation|A Hacker Claims 35 GB of Accenture Source Code. The Company discloses the data breach|Telegram-Hosted RedWing Malware Lets Anyone Rent Android Spyware Tools|U.S. CISA adds Adobe ColdFusion, Joomlack Page Builder, Langflow, and JoomShaper SP Page Builder flaws to its Known Exploited Vulnerabilities catalog|CISA Deploys Anthropic’s Mythos AI to Hunt Vulnerabilities in U.S. Government Code|Critical Gitea Docker Bug Under Active Exploitation Exposes Repositories and Secrets|Spanish Police Arrest Man Linked to CARR, Z-Pentest, and NoName057(16)|Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available|AI-Generated Malware Powers New Armored Likho APT Campaign|Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Ubiquiti Patches Critical UniFi OS Flaws Allowing Command Injection and Privilege Escalation|A Hacker Claims 35 GB of Accenture Source Code. The Company discloses the data breach|Telegram-Hosted RedWing Malware Lets Anyone Rent Android Spyware Tools|U.S. CISA adds Adobe ColdFusion, Joomlack Page Builder, Langflow, and JoomShaper SP Page Builder flaws to its Known Exploited Vulnerabilities catalog|CISA Deploys Anthropic’s Mythos AI to Hunt Vulnerabilities in U.S. Government Code|Critical Gitea Docker Bug Under Active Exploitation Exposes Repositories and Secrets|Spanish Police Arrest Man Linked to CARR, Z-Pentest, and NoName057(16)|Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available|AI-Generated Malware Powers New Armored Likho APT Campaign|Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Dariy Pankov, the NLBrute malware author, pleads guilty

The Russian national Dariy Pankov, aka dpxaker, has pleaded guilty to conspiracy to commit wire and computer fraud. The Russian national Dariy Pankov (28), aka dpxaker, is the author of the NLBrute malware. The man has been extradited to the United States from Georgia.  In February 2023, Pankov was charged with conspiracy, access device fraud, […]

Scattered Spider DOJ

The Russian national Dariy Pankov, aka dpxaker, has pleaded guilty to conspiracy to commit wire and computer fraud.

The Russian national Dariy Pankov (28), aka dpxaker, is the author of the NLBrute malware. The man has been extradited to the United States from Georgia. 

In February 2023, Pankov was charged with conspiracy, access device fraud, and computer fraud.

The NLBrute malware allows operators to compromise protected computers by decrypting login credentials. According to the indictment, Pankov marketed and sold NLBrute, he also sold thousands of
login credentials for compromised computers that he had obtained through his use of NLBrute.

The stolen login credentials were available on a dark web website that specialized in the purchase and sale of access to compromised computers. The man listed the credentials of more than 35,000 compromised computers for sale and according to the investigators, he obtained more than $350,000 in illicit proceeds between 2016 and 2019.

The list of Pankov’s victims includes two unnamed law firms in the Middle District of Florida.

Pankov faces a maximum penalty of five years in federal prison, he has agreed to forfeit $358,437 which is the amount of the proceeds of the charged criminal activity conducted by the man. The sentencing date has yet to be set.

“According to the plea agreement, Pankov developed a malicious software program named “NLBrute.” The powerful malware was capable of compromising protected computers by decrypting login credentials, such as passwords. Pankov used NLBrute to obtain the login credentials of tens of thousands of computers located all over the world. He marketed and sold, and had others sell on his behalf, NLBrute to other cybercriminals for a fee.” reads the press release published DoJ. “Pankov sold the stolen login credentials on a dark web website that specialized in the purchase and sale of access to compromised computers.”

Pankov resides in Russia, he was taken into custody by Georgian authorities in the Republic of Georgia on October 4, 2022, and extradited to the United States.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Dariy Pankov)