⚠️ CVE-2025-25427: A Stored cross-site scripting ... ⚠️ CVE-2025-3509: A Remote Code Execution (RCE) ... ⚠️ CVE-2025-3246: An improper neutralization of ... 🟡 CVE-2025-3124: A missing authorization vulner... 🟢 CVE-2024-42178: HCL MyXalytics is affected by ... 🟡 CVE-2025-3765: A vulnerability, which was cla... 🟡 CVE-2025-3764: A vulnerability classified as ... 🟢 CVE-2024-42177: HCL MyXalytics is affected by ... 🟡 CVE-2025-3763: A vulnerability classified as ... 🟡 CVE-2025-3762: A vulnerability was found in P... 🟡 CVE-2025-29722: A CSRF vulnerability in Commer... 🟡 CVE-2025-28101: An arbitrary file deletion vul... 🔥 CVE-2025-28009: A SQL Injection vulnerability ... 🟢 CVE-2025-26269: DragonflyDB Dragonfly through ... 🟢 CVE-2025-26268: DragonflyDB Dragonfly before 1... ⚠️ CVE-2024-55211: An issue in Think Router Tk-Rt... 🟢 CVE-2021-47671: In the Linux kernel, the follo... ⚠️ CVE-2021-47670: In the Linux kernel, the follo... ⚠️ CVE-2021-47669: In the Linux kernel, the follo... ⚠️ CVE-2021-47668: In the Linux kernel, the follo... 🟢 CVE-2025-32415: In libxml2 before 2.13.8 and 2... ⚠️ CVE-2025-2947: IBM i 7.6  contains a privile... ⚠️ CVE-2025-29661: Litepubl CMS <= 7.0.9 is vulne... ⚠️ CVE-2025-29181: FOXCMS <= V1.25 is vulnerable ... ⚠️ CVE-2025-29180: In FOXCMS <=1.25, the installd... ⚠️ CVE-2025-29039: An issue in dlink DIR 832x 240... ⚠️ CVE-2025-43015: In JetBrains RubyMine before 2... 🟡 CVE-2025-43014: In JetBrains Toolbox App befor... 🟡 CVE-2025-43013: In JetBrains Toolbox App befor... ⚠️ CVE-2025-43012: In JetBrains Toolbox App befor... 🟡 CVE-2025-42921: In JetBrains Toolbox App befor... 🔥 CVE-2025-39596: Weak Authentication vulnerabil... 🔥 CVE-2025-39595: Improper Neutralization of Spe... ⚠️ CVE-2025-39594: Improper Neutralization of Inp... 🔥 CVE-2025-39588: Deserialization of Untrusted D... 🔥 CVE-2025-39587: Improper Neutralization of Spe... ⚠️ CVE-2025-39586: Improper Neutralization of Spe... ⚠️ CVE-2025-39583: Missing Authorization vulnerab... 🟡 CVE-2025-39580: Missing Authorization vulnerab... ⚠️ CVE-2025-39569: Improper Neutralization of Spe... ⚠️ CVE-2025-39568: Improper Limitation of a Pathn... ⚠️ CVE-2025-39567: Improper Neutralization of Inp... 🟡 CVE-2025-39562: Improper Neutralization of Inp... 🟡 CVE-2025-39559: Missing Authorization vulnerab... ⚠️ CVE-2025-39558: Improper Neutralization of Inp... 🟡 CVE-2025-39554: Missing Authorization vulnerab... 🔥 CVE-2025-39551: Deserialization of Untrusted D... 🔥 CVE-2025-39550: Deserialization of Untrusted D... ⚠️ CVE-2025-39542: Incorrect Privilege Assignment... ⚠️ CVE-2025-39535: Authentication Bypass Using an... ⚠️ CVE-2025-39533: Missing Authorization vulnerab... ⚠️ CVE-2025-39532: Missing Authorization vulnerab... ⚠️ CVE-2025-39527: Deserialization of Untrusted D... ⚠️ CVE-2025-39526: Improper Control of Filename f... ⚠️ CVE-2025-39521: Improper Neutralization of Inp... ⚠️ CVE-2025-39519: Improper Neutralization of Inp... ⚠️ CVE-2025-39464: Improper Neutralization of Inp... ⚠️ CVE-2025-39462: Improper Control of Filename f... ⚠️ CVE-2025-39461: Improper Control of Filename f... 🟡 CVE-2025-39457: Missing Authorization vulnerab... 🟡 CVE-2025-39456: Missing Authorization vulnerab... ⚠️ CVE-2025-39455: Cross-Site Request Forgery (CS... 🟡 CVE-2025-39453: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39452: Improper Control of Filename f... 🟡 CVE-2025-39444: Improper Neutralization of Inp... 🟡 CVE-2025-39443: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39442: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39441: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39440: Cross-Site Request Forgery (CS... 🟡 CVE-2025-39439: Exposure of Sensitive System I... 🟡 CVE-2025-39438: Cross-Site Request Forgery (CS... 🟡 CVE-2025-39437: Cross-Site Request Forgery (CS... 🔥 CVE-2025-39436: Unrestricted Upload of File wi... ⚠️ CVE-2025-39435: Cross-Site Request Forgery (CS... 🟡 CVE-2025-39434: Authorization Bypass Through U... ⚠️ CVE-2025-39433: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39432: Improper Neutralization of Inp... ⚠️ CVE-2025-39431: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39430: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39429: Improper Control of Filename f... 🟡 CVE-2025-39428: Improper Neutralization of Inp... 🟡 CVE-2025-39427: Improper Neutralization of Inp... 🟡 CVE-2025-39426: Cross-Site Request Forgery (CS... 🟡 CVE-2025-39425: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39424: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39423: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39422: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39421: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39420: Improper Neutralization of Inp... ⚠️ CVE-2025-39419: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39418: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39417: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39416: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39415: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39414: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-32686: Deserialization of Untrusted D... 🔥 CVE-2025-32682: Unrestricted Upload of File wi... ⚠️ CVE-2025-32674: Improper Neutralization of Inp... ⚠️ CVE-2025-32670: Improper Neutralization of Inp... ⚠️ CVE-2025-32666: Improper Neutralization of Inp...
Authorities Seize Domains of Popular Hacking Forums

By Cybersecurity Team on

Authorities Seize Domains of Popular Hacking Forums in Major Cybercrime Crackdown

In a significant international law enforcement operation, authorities have seized the domains of several prominent hacking forums, including Cracked, Nulled, Sellix, and StarkRDP. This coordinated effort, known as Operation Talent, involved agencies from Australia, France, Germany, Greece, Italy, Romania, Spain, and the United States, with support from Europol.

Targeted Platforms and Seizure Details

The targeted domains are:

  • www.cracked.io
  • www.nulled.to
  • www.mysellix.io
  • www.sellix.io
  • www.starkrdp.io

Visitors to these websites now encounter a seizure notice stating that the sites have been confiscated by international law enforcement partners. The message also indicates that information regarding customers and victims has been obtained during the operation.

Scope of the Operation

Operation Talent led to the seizure of 12 domains associated with the Cracked and Nulled platforms. Additionally, authorities dismantled related services, including Sellix, a financial processor used by Cracked, and StarkRDP, a hosting service promoted on both platforms and operated by the same suspects. The operation also resulted in the arrest of two individuals in Valencia, Spain, the confiscation of 17 servers, and the seizure of over 50 electronic devices and approximately €300,000 in cash and cryptocurrency.

Impact on Cybercrime Activities

Cracked and Nulled were among the largest hacking forums, boasting over 10 million users combined. These platforms served as hubs for discussions on cybercrime and marketplaces for illegal goods and services, including stolen data, malware, hacking tools, and "combo lists" of stolen credentials. The forums also facilitated the distribution of AI-based tools and scripts designed to exploit security vulnerabilities and optimize attacks.

Future Investigations

The seized data, encompassing email addresses, IP addresses, and communication records of the approximately 10 million registered user accounts, will serve as a foundation for further international investigations targeting criminal sellers and users of these platforms. Authorities aim to dismantle the networks that have relied on these forums to perpetrate cybercrimes.

Conclusion

Operation Talent represents a significant milestone in global efforts to combat cybercrime. By dismantling these prominent hacking forums and associated services, international law enforcement agencies have disrupted key platforms that facilitated illegal activities. This operation underscores the importance of continued collaboration among global authorities to address the evolving challenges of cybercrime.

Sources

Back to Posts