FBI Seizes Russian Cybercrime Platform RAMP Forum

Russian Cybercrime Platform RAMP Forum Seized by FBI

In a huge blow to the global cybercrime underground, US federal authorities have seized the clearnet and dark web domains of RAMP (Ramp4u.io), a well-known Russian-language cybercrime forum used by ransomware affiliates, malware developers, and initial access brokers.

The seizure banners, now visible on both domains, confirm the takedown was carried out by the Federal Bureau of Investigation (FBI) in coordination with the US Attorney’s Office for the Southern District of Florida and the Department of Justice’s Computer Crime and Intellectual Property Section (CCIPS).

The domains now redirect to seizure notices with FBI and DOJ seals, and the nameservers have been updated to ns1.fbi.seized.gov and ns2.fbi.seized.gov as of January 28, 2026, confirming full control by US authorities.

No Place Like Home Network: Disrupting the World's Largest Residential Proxy Network

This week Google and partners took action to disrupt what we believe is one of the largest residential proxy networks in the world, the IPIDEA proxy network. IPIDEA’s proxy infrastructure is a little-known component of the digital ecosystem leveraged by a wide array of bad actors.

This disruption, led by Google Threat Intelligence Group (GTIG) in partnership with other teams, included three main actions:

1. Took legal action to take down domains used to control devices and proxy traffic through them.

2. Shared technical intelligence on discovered IPIDEA software development kits (SDKs) and proxy software with platform providers, law enforcement, and research firms to help drive ecosystem-wide awareness and enforcement. These SDKs, which are offered to developers across multiple mobile and desktop platforms, surreptitiously enroll user devices into the IPIDEA network. Driving collective enforcement against these SDKs helps protect users across the digital ecosystem and restricts the network's ability to expand.

3. These efforts to help keep the broader digital ecosystem safe supplement the protections we have to safeguard Android users on certified devices. We ensured Google Play Protect, Android’s built-in security protection, automatically warns users and removes applications known to incorporate IPIDEA SDKs, and blocks any future install attempts.

Number of Cybersecurity Pros Surges 194% in Four Years

Cybersecurity remains the fastest-growing IT occupation in the UK, having seen its ranks expand by 194% since 2021, according to a new Socura report.

The managed detection and response (MDR) specialist used Office of National Statistics (ONS) data to compile its latest report out today: A wave in cyber. Specifically, it cited the ONS Annual Population Survey, which tracks employment figures across 400+ Standard Occupational Classification codes, including 13 IT-related roles.

Between Dec 2021 and June 2025, the number of cybersecurity professionals in the UK has almost tripled – from 28,500 to 83,700. That means there are more security pros than vets, architects, bricklayers and coffee shop workers, Socura claimed.

Survey of 100+ Energy Systems Reveals Critical OT Cybersecurity Gaps

A study by OMICRON has revealed widespread cybersecurity gaps in the operational technology (OT) networks of substations, power plants, and control centers worldwide. Drawing on data from more than 100 installations, the analysis highlights recurring technical, organizational, and functional issues that leave critical energy infrastructure vulnerable to cyber threats.

The findings are based on several years of deploying OMICRON's intrusion detection system (IDS) StationGuard in protection, automation, and control (PAC) systems. The technology, which monitors network traffic passively, has provided deep visibility into real-world OT environments. The results underscore the growing attack surface in energy systems and the challenges operators face in securing aging infrastructure and complex network architectures.

Have I Been Pwned: SoundCloud data breach impacts 29.8 million accounts

Hackers have stolen the personal and contact information belonging to over 29.8 million SoundCloud user accounts after breaching the audio streaming platform's systems.

SoundCloud was founded in 2007 as an artist-first platform that now provides access to over 400 million tracks from more than 40 million artists worldwide.

The company confirmed the breach on December 15, following widespread reports from users who were unable to access SoundCloud and saw 403 "Forbidden" errors when connecting via VPN.

…

While SoundCloud didn't provide further details regarding the incident, BleepingComputer learned that the breach affected 20% of all SoundCloud users, roughly 28 million accounts based on publicly reported user figures (SoundCloud later published a security notice confirming the information provided by BleepingComputer's sources).

Panera Bread Data Breach: ShinyHunters Claims 14 Million Records Stolen

The ShinyHunters group claims to have breached Panera Bread (Panera), a major American chain of bakery-cafe fast casual restaurants. The group, known for high-profile data exfiltration and extortion campaigns, posted the listing on their dark web leak site on January 27, 2026. The threat actors allege they have compromised a massive database containing millions of customer entries.

The allegedly compromised data includes over 14 million records totaling 760MB in compressed format. According to the actor, the stolen information contains:

 Full names

 Email addresses

 Phone numbers

 Home addresses

 Account details

 Personally Identifiable Information (PII)