Bitdefender reports a surge in LummaStealer activity, showing the MaaS infostealer rebounded after 2025 law enforcement disruption. Bitdefender observed renewed LummaStealer activity, proving the MaaS infostealer recovered after 2025 takedowns. Active since 2022, it relies on affiliates, social engineering, fake cracked software, and fake CAPTCHA “ClickFix” lures. CastleLoader plays a key role in spreading it.…
Category: Cybercrime
AI, Cybercrime, Endpoint, extortion, Global Security News, malware, Ransomware, Risk Management
0APT ransomware group rises swiftly with bluster, along with genuine threat of attack
Most signs suggest the group is running a massive hoax by claiming hundreds of initial victims, but at least some of the threat 0APT poses is grounded in truth backed by proven capabilities.
The post 0APT ransomware group rises swiftly with bluster, along with genuine threat of attack appeared first on CyberScoop.
AI, Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, malware, Network Security
SSHStalker botnet targets Linux servers with legacy exploits and SSH scanning
A new Linux botnet, SSHStalker, has infected about 7,000 systems using old 2009-era exploits, IRC bots, and mass-scanning malware. Flare researchers uncovered a previously undocumented Linux botnet dubbed SSHStalker, observed via SSH honeypots over two months. Researchers ran an SSH honeypot with weak credentials starting in early 2026 and spotted a set of intrusions unlike…
AI, Breaking News, cyber crime, Cybercrime, Cybersecurity, data breach, Data Breaches, Global Security News, Government & Policy, Network Security, Security
Senegal shuts National ID office after ransomware attack
Senegal closed its national ID card office after a ransomware cyberattack disrupted ID, passport, and biometric services. Senegal confirmed a cyberattack on the Directorate of File Automation, the government office that manages national ID cards, passports, and biometric data. After ransomware claims surfaced, authorities temporarily closed the office to contain the incident. The agency warned…
AI, Breaking News, china, Cybercrime, data breach, Global Security News, hacking, malware, Network Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 83
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter ClawHavoc: 341 Malicious Clawed Skills Found by the Bot They Were Targeting ù APT28 Leverages CVE-2026-21509 in Operation Neusploit Amaranth-Dragon: Weaponizing CVE-2025-8088 for Targeted Espionage in the Southeast Asia Analyzing Dead#Vax: Analyzing Multi-Stage VHD…
AI, Breaking News, china, Cybercrime, data breach, Global Security News, hacking, malware, Network Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 83
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter ClawHavoc: 341 Malicious Clawed Skills Found by the Bot They Were Targeting ù APT28 Leverages CVE-2026-21509 in Operation Neusploit Amaranth-Dragon: Weaponizing CVE-2025-8088 for Targeted Espionage in the Southeast Asia Analyzing Dead#Vax: Analyzing Multi-Stage VHD…
AI, Breaking News, china, Cybercrime, data breach, Global Security News, hacking, malware, Network Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 83
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter ClawHavoc: 341 Malicious Clawed Skills Found by the Bot They Were Targeting ù APT28 Leverages CVE-2026-21509 in Operation Neusploit Amaranth-Dragon: Weaponizing CVE-2025-8088 for Targeted Espionage in the Southeast Asia Analyzing Dead#Vax: Analyzing Multi-Stage VHD…
AI, Breaking News, china, Cybercrime, Cybersecurity, data breach, Data Breaches, Exploits, Global Security News, Government & Policy, hacking, malware, Network Security, Risk Management, Russia, Security
Security Affairs newsletter Round 562 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Italian university La Sapienza still offline to mitigate recent cyber attack CISA pushes Federal agencies to…
AI, Breaking News, china, Cybercrime, Cybersecurity, data breach, Data Breaches, Exploits, Global Security News, Government & Policy, hacking, malware, Network Security, Risk Management, Russia, Security
Security Affairs newsletter Round 562 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Italian university La Sapienza still offline to mitigate recent cyber attack CISA pushes Federal agencies to…
AI, Cybercrime, data breach, Data Breaches, Global Security News, hacking, hacking news, Uncategorized
Hacker claims theft of data from 700,000 Substack users; Company confirms breach
Substack confirmed a data breach after a hacker leaked data from nearly 700,000 users, including email addresses and phone numbers. Substack is an online platform for publishing email‑based newsletters and blogs, with built‑in paid subscriptions and basic analytics. It’s free to start; creators pay a fee on paid plans. In 2026 it’s estimated to serve…
AI, Cybercrime, Department of Justice (DOJ), Exploits, Global Security News, Justice Department, Network Security, The Com
Alleged 764 member arrested, charged with CSAM possession in New York
A 23-year-old New York man allegedly affiliated with 764 was arrested and charged with receiving child sexual abuse material. Aaron Corey of Albany, N.Y., faces up to 20 years in prison for trafficking CSAM during a three-month period ending in December. Corey, also known as “Baggeth,” is accused of running multiple 764-related chats, seeking CSAM…
AI, Cybercrime, DDoS, EU, Global Security News, law enforcement, News
Police shut down global DDoS operation, arrest 20-year-old
Police officers from Poland’s Central Bureau for Combating Cybercrime (CBZC) have arrested a 20-year-old man suspected of carrying out global DDoS attacks targeting high-profile and strategically important websites. Arrest (Source: Poland’s Central Bureau for Combating Cybercrime) The suspect faces six criminal charges, including disrupting IT systems and obtaining specialized software designed to conduct cyberattacks. If…
AI, Cybercrime, Cybersecurity, Global Security News, News
AI is driving a new kind of phishing at scale
Email remains a primary entry point for attackers, and security teams continue to manage high volumes of malicious messages that change form across campaigns. Attackers generate large numbers of messages with small variations in wording, structure, and delivery paths. AI systems now sit at the center of this activity, supporting generation, testing, and rollout of…
Breaking News, cyber crime, Cybercrime, Global Security News, North America, Security
Taiwanese operator of Incognito Market sentenced to 30 years over $105M darknet drug ring
A Taiwanese man was sentenced to 30 years for running Incognito Market, a major darknet drug site that sold over $105 million in illegal drugs. Rui-Siang Lin (24) was sentenced to 30 years in prison for running Incognito Market, a major darknet drug marketplace that sold over one ton of narcotics. The Taiwanese man pled…
AI, Cybercrime, dark web, Global Security News, Government, law enforcement, News
Incognito dark web drug market operator gets 30 years in prison
Rui-Siang Lin, a Taiwanese national, was sentenced to 30 years in U.S. federal prison for operating Incognito Market, one of the world’s largest illicit online narcotics marketplaces. Incognito Market splash page and graphical interface Incognito Market operated on the dark web from October 2020 until it closed in March 2024. The platform functioned as a…
AI, Artificial Intelligence, Breaking News, cyber crime, Cybercrime, Global Security News
Paris raid on X focuses on child abuse material allegations
French prosecutors raided X offices in Paris over illegal content; Elon Musk and CEO summoned for voluntary interviews in April. French prosecutors, with France’s National Gendarmerie and Europol support, raided the X offices in Paris in a criminal probe over complaints that the platform facilitated child sexual abuse material and other illegal content. The probe…
Breaking News, cyber crime, Cybercrime, Global Security News, malware, Security
Microsoft: Info-Stealing malware expands from Windows to macOS
Microsoft warns info-stealing attacks are expanding from Windows to macOS, using cross-platform languages like Python and abusing trusted platforms. Microsoft warns info-stealing attacks are rapidly expanding from Windows to macOS, using cross-platform languages like Python and abusing trusted platforms. Since late 2025, Microsoft has seen a surge in macOS infostealer attacks using social engineering, fake…
Cybercrime, Cybersecurity and Infrastructure Security Agency (CISA), Exploits, Global Security News, Research, Technology, Threats
Ivanti’s EPMM is under active attack, thanks to two critical zero-days
Attackers are again focusing on a familiar target in the network edge space, actively exploiting two critical zero-day vulnerabilities in Ivanti software that allows administrators to set mobile device and application controls. The vulnerabilities — CVE-2026-1281 and CVE-2026-1340 — each carry a CVSS rating of 9.8 and allow unauthenticated users to execute code remotely in…
APT, Asia Pacific, Authentication, Cybercrime, Global Security News, Research, Threats
China-based espionage group compromised Notepad++ for six months
A China-based threat group operating for almost two decades broke into the internal systems of Notepad++, an extremely popular open source-code editor, to spy on a select group of targeted users, researchers at Rapid7 said Monday. Don Ho, the author and maintainer of the open-source tool, said independent security researchers confirmed a China state-sponsored group…
APT, Asia Pacific, Authentication, Cybercrime, Global Security News, Research, Threats
China-based espionage group compromised Notepad++ for six months
A China-based threat group operating for almost two decades broke into the internal systems of Notepad++, an extremely popular open source-code editor, to spy on a select group of targeted users, researchers at Rapid7 said Monday. Don Ho, the author and maintainer of the open-source tool, said independent security researchers confirmed a China state-sponsored group…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, Security
Panera Bread breach affected 5.1 Million accounts, HIBP Confirms
Have I Been Pwned says Panera Bread ’s breach affected 5.1 million accounts, far fewer than the 14 million customers first reported. Have I Been Pwned followed claims by the ShinyHunters gang, which said it stole data from over 14 million Panera Bread accounts. After Panera refused to pay, the group leaked a 760MB archive…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, Security
Panera Bread breach affected 5.1 Million accounts, HIBP Confirms
Have I Been Pwned says Panera Bread ’s breach affected 5.1 million accounts, far fewer than the 14 million customers first reported. Have I Been Pwned followed claims by the ShinyHunters gang, which said it stole data from over 14 million Panera Bread accounts. After Panera refused to pay, the group leaked a 760MB archive…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, Security
Panera Bread breach affected 5.1 Million accounts, HIBP Confirms
Have I Been Pwned says Panera Bread ’s breach affected 5.1 million accounts, far fewer than the 14 million customers first reported. Have I Been Pwned followed claims by the ShinyHunters gang, which said it stole data from over 14 million Panera Bread accounts. After Panera refused to pay, the group leaked a 760MB archive…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, Security
Panera Bread breach affected 5.1 Million accounts, HIBP Confirms
Have I Been Pwned says Panera Bread ’s breach affected 5.1 million accounts, far fewer than the 14 million customers first reported. Have I Been Pwned followed claims by the ShinyHunters gang, which said it stole data from over 14 million Panera Bread accounts. After Panera refused to pay, the group leaked a 760MB archive…
Asia Pacific, Breaking News, Cybercrime, data breach, Global Security News, hacking, Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 82
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter KONNI Adopts AI to Generate PowerShell Backdoors Who Operates the Badbox 2.0 Botnet? Weaponized in China, Deployed in India: The SyncFuture Espionage Targeted Campaign Android Trojan Campaign Uses Hugging Face Hosting for RAT Payload…
Asia Pacific, Breaking News, Cybercrime, data breach, Global Security News, hacking, Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 82
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter KONNI Adopts AI to Generate PowerShell Backdoors Who Operates the Badbox 2.0 Botnet? Weaponized in China, Deployed in India: The SyncFuture Espionage Targeted Campaign Android Trojan Campaign Uses Hugging Face Hosting for RAT Payload…
Asia Pacific, Breaking News, Cybercrime, data breach, Global Security News, hacking, Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 82
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter KONNI Adopts AI to Generate PowerShell Backdoors Who Operates the Badbox 2.0 Botnet? Weaponized in China, Deployed in India: The SyncFuture Espionage Targeted Campaign Android Trojan Campaign Uses Hugging Face Hosting for RAT Payload…
Asia Pacific, Breaking News, Cybercrime, data breach, Global Security News, hacking, Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 82
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter KONNI Adopts AI to Generate PowerShell Backdoors Who Operates the Badbox 2.0 Botnet? Weaponized in China, Deployed in India: The SyncFuture Espionage Targeted Campaign Android Trojan Campaign Uses Hugging Face Hosting for RAT Payload…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, Security
Security Affairs newsletter Round 561 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. DOJ releases details alleged talented hacker working for Jeffrey Epstein Cyberattacks Disrupt Communications at Wind, Solar,…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, Security
Security Affairs newsletter Round 561 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. DOJ releases details alleged talented hacker working for Jeffrey Epstein Cyberattacks Disrupt Communications at Wind, Solar,…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, Security
Security Affairs newsletter Round 561 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. DOJ releases details alleged talented hacker working for Jeffrey Epstein Cyberattacks Disrupt Communications at Wind, Solar,…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, Security
Security Affairs newsletter Round 561 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. DOJ releases details alleged talented hacker working for Jeffrey Epstein Cyberattacks Disrupt Communications at Wind, Solar,…
Breaking News, cyber crime, Cybercrime, Epstein files, Europe, Global Security News, Laws and regulations
DOJ releases details alleged talented hacker working for Jeffrey Epstein
An FBI informant said in 2017 that Jeffrey Epstein had a “personal hacker,” according to a Justice Department document released Friday. An FBI informant said in 2017 that Jeffrey Epstein had a “personal hacker,” according to one of the documents released by the Department of Justice (DoJ) as part of the Epstein Files. The accuracy…
Cybercrime, data protection, Global Security News, juice jacking, Technology, Travel Fraud
Juice Jacking Continues to Be a Cyber Problem in South Africa
“Juice jacking” may be a new term for some, but it has been around as a method of cyber attack for a long time. The former problem was that it was expensive to install, but now that has all changed. The tools required for juice jacking have become cheaper and easier and it’s now a…
copyright, Cybercrime, Cybersecurity, Global Security News
DOJ seizes piracy sites, Italian police dismantle illegal IPTV operation
A trio of domains that allegedly distributed pirated content, including movies, TV shows, video games and other content was seized by the U.S. government as part of a globally coordinated crackdown on copyright infringement, the Justice Department said Friday. The sites — zamunda.net, arenabg.com and zelka.org — were among the most popular domains in Bulgaria…
Asia Pacific, china, Cybercrime, Cybersecurity, Global Security News, Threats
Google’s disruption rips millions out of devices out of malicious network
Millions of devices used as proxies by cybercriminals, espionage groups and data thieves have been removed from circulation following Google’s disruption of IPIDEA, a China-based residential proxy network. The reduction in available proxy devices came after Google’s Threat Intelligence Group used legal action and intelligence sharing to target the company’s domain infrastructure, Google said in…
Breaking News, cyber crime, Cybercrime, Global Security News, Security
Empire Market co-founder faces 10 years to life after guilty plea
Empire Market co-founder Raheim Hamilton pleaded guilty to U.S. drug conspiracy charges in Chicago, facing a mandatory 10 years to life in prison. Raheim Hamilton (30) of Virginia, co-creator of the dark web marketplace Empire Market, pleaded guilty in Chicago to a federal drug conspiracy charge. Empire Market allowed users to anonymously buy and sell…
Breaking News, cyber crime, Cybercrime, Global Security News, Security
Empire Market co-founder faces 10 years to life after guilty plea
Empire Market co-founder Raheim Hamilton pleaded guilty to U.S. drug conspiracy charges in Chicago, facing a mandatory 10 years to life in prison. Raheim Hamilton (30) of Virginia, co-creator of the dark web marketplace Empire Market, pleaded guilty in Chicago to a federal drug conspiracy charge. Empire Market allowed users to anonymously buy and sell…
Cybercrime, Financial, Global Security News, North America
The ‘staggering’ cybersecurity weakness that isn’t getting enough focus, according to a top Secret Service official
The internet domain registration system is a major weakness that malicious hackers can exploit, but is often being overlooked, a senior Secret Service official said Thursday. “It is staggering to me that we live in a world where domain registrars and registrars will do bulk registration of various spellings of a major institution’s brand name…
APT, Cybercrime, Exploits, Global Security News, hacking, Security
Nation-state and criminal actors leverage WinRAR flaw in attacks
Multiple threat actors exploited a now-patched critical WinRAR flaw to gain initial access and deliver various malicious payloads. Google Threat Intelligence Group (GTIG) revealed that multiple threat actors, including APTs and financially motivated groups, are exploiting the CVE-2025-8088 flaw in RARLAB WinRAR to establish initial access and deploy a diverse array of payloads. The WinRAR…
Cybercrime, Cybersecurity, Exploits, Global Security News, Threats
Fortinet’s latest zero-day vulnerability carries frustrating familiarities for customers
Fortinet customers are confronting another actively exploited zero-day vulnerability that allows attackers to bypass authentication in the single sign-on flow for FortiCloud and gain privileged access to multiple Fortinet firewall products and related services. The vendor issued a security advisory for the vulnerability — CVE-2026-24858 — warning that some instances of exploitation already occurred earlier…
china, Cybercrime, Cybersecurity, Exploits, Global Security News, Research, Threats
Cybercriminals and nation-state groups are exploiting a six-month old WinRAR defect
Google Threat Intelligence Group warned that a diverse and growing collection of attackers, including nation-state groups and financially motivated cybercriminals, are exploiting a path-traversal vulnerability affecting WinRAR that was disclosed and patched six months ago. The high-severity vulnerability — CVE-2025-8088 — was exploited in the wild almost two weeks before RARLAB, the vendor behind the…
Cybercrime, Cybersecurity, Global Security News, Ransomware, Threats
A new wave of ‘vishing’ attacks is breaking into SSO accounts in real time
Threat hunters and researchers are racing to contain a wave of voice-phishing attacks targeting single sign-on tools, already leading to data theft and extortion attempts. Multiple cybercrime groups are combining voice calls and advanced phishing kits to trick victims into handing over access — including a group identifying itself as ShinyHunters, which has publicly named alleged…
Breaking News, cyber crime, Cybercrime, data breach, Global IT News, Global Security News
Nike is investigating a possible data breach, after WorldLeaks claims
Nike is investigating a possible cyber incident after the WorldLeaks group claimed it stole data from the company’s systems. Nike is probing a potential security breach after the WorldLeaks cybercrime group claimed it accessed and stole data from the company’s systems. The footwear and apparel giant said it has launched an investigation to assess the…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 81
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter UNO reverse card: stealing cookies from cookie stealers PDFSIDER Malware – Exploitation of DLL Side-Loading for AV and EDR Evasion VoidLink: Evidence That the Era of Advanced AI-Generated Malware Has Begun PyPI Package Impersonates…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, hacking news
Security Affairs newsletter Round 560 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Osiris ransomware emerges, leveraging BYOVD technique to kill security tools U.S. CISA adds a flaw in…
Breaking News, cyber crime, Cybercrime, data breach, Global IT News, Global Security News
Investigation underway after 72M Under Armour records surface online
Under Armour is investigating a data breach after 72M customer records were posted online by a cybercriminal. Under Armour is an American company that designs, manufactures, and sells sportswear, athletic shoes, and fitness-related accessories. TechCrunch reported that Under Armour is investigating a data breach after 72M customer records were posted online. The stolen data, linked…
CryptoCurrency, Cybercrime, Cybersecurity, Global Security News, North America, Ransomware
Leader of ransomware crew pleads guilty to four-year crime spree
A Russian national pleaded guilty to leading a ransomware conspiracy that targeted at least 50 victims during a four-year period ending in August 2022. Ianis Aleksandrovich Antropenko began participating in ransomware attacks before moving to the United States, but conducted many of his crimes while living in Florida and California, where he’s been out on…
Cybercrime, Cybersecurity, Global Security News, Ransomware
Black Basta’s alleged ringleader identified as authorities raid homes of other members
Law enforcement agencies from multiple European countries are still pursuing leads on people involved in the Black Basta ransomware group, nearly a year after the group’s internal chat logs were leaked, exposing key details about its operations, and at least six months since the group claimed responsibility for new attacks. Officials in Ukraine and Germany…
Breaking News, cyber crime, Cybercrime, Global Security News, hacking, hacking news, North America
Crooks impersonate LastPass in campaign to harvest master passwords
Password manager LastPass warns of an active phishing campaign impersonating the service to steal users’ master passwords. LastPass warned users about an active phishing campaign that began around January 19, 2026. Attackers impersonate the service with emails claiming urgent maintenance and urge users to back up their password vaults within 24 hours. The messages use…
Cybercrime, Cybersecurity, Global Security News, Ransomware, Threats
The thin line between saving a company and funding a crime
Ransomware negotiation is a dark but widely acknowledged reality in the cybersecurity industry — one that many argue is a necessary practice, even if it largely occurs out of sight. Brokering payments and terms with cybercriminals who hold organizations’ data and operations hostage places security professionals in a fraught position that requires them to balance…
Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, malware
PDFSIDER Malware – Exploitation of DLL Side-Loading for AV and EDR Evasion
Threat actors use PDFSIDER malware with social engineering and DLL sideloading to bypass AV/EDR, and ransomware gangs already abuse it. Resecurity has learned about PDFSIDER during an investigation of a network intrusion attempt that was successfully prevented by a Fortune 100 energy corporation. The threat actor contacted their staff, impersonating technical support, and used social…
Breaking News, cyber crime, Cybercrime, Global Security News, hacking, hacking news
Access broker caught: Jordanian pleads guilty to hacking 50 companies
A Jordanian man pleaded guilty in the US to selling illegal access to 50 compromised enterprise networks after an undercover sting. A Jordanian national Feras Khalil Ahmad Albashiti (40), living in Georgia, pleaded guilty in a US court to acting as an access broker, selling unauthorized access to the networks of at least 50 companies.…
Asia Pacific, Breaking News, Crypto, cyber crime, Cybercrime, Global Security News, hacking
Telegram-based illicit billionaire marketplace Tudou Guarantee stopped transactions
Major Telegram-based illicit marketplace Tudou Guarantee appears to be shutting down its operations, according to Elliptic. Blockchain cybersecurity firm Elliptic reports that Tudou Guarantee, a major Telegram-based illicit marketplace in Southeast Asia, has stopped transactions in its public groups after handling over $12 billion. The researchers noted that other services still run, so a full…
Breaking News, cyber crime, Cybercrime, Europe, Global Security News, hacking, malware
StealC malware control panel flaw leaks details on active attacker
Researchers uncovered an XSS flaw in StealC malware’s control panel, exposing key details about a threat actor using the info stealer. StealC is an infostealer that has been active since at least 2023, sold as Malware-as-a-Service to steal cookies and passwords. In 2025, its operators released StealC v2, but the web panel quickly leaked and…
Breaking News, cyber crime, Cybercrime, Global Security News, Security
Hacker pleads guilty to hacking Supreme Court, AmeriCorps, and VA Systems
An actor who goes online with the alias @ihackthegovernment posted stolen personal data from his victims, including the U.S. Supreme Court. Nicholas Moore, 24, from Tennessee, pleaded guilty to repeatedly hacking the U.S. Supreme Court’s electronic filing system. Court documents reveal he used his Instagram account to leak data from several of his victims. “Nicholas…
Breaking News, cyber crime, Cybercrime, Global Security News, GootLoader, malware
GootLoader uses malformed ZIP files to bypass security controls
GootLoader malware uses malformed ZIP files made of hundreds of concatenated archives to evade detection. GootLoader is used by ransomware actors for initial access, then handed off to others. Built to evade detection, it accounted for 11% of bypassing malware in the past years. GootLoader runs on an access-a-as-a-service model, it is used by different groups to…
Breaking News, Cybercrime, Exploits, Global Security News, hacking, malware, Uncategorized
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 80
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Gogs 0-Day Exploited in the Wild SHADOW#REACTOR – Text-Only Staging, .NET Reactor, and In-Memory Remcos RAT Deployment “Untrustworthy Fund”: targeted UAC-0190 cyberattacks against SOU using PLUGGYAPE (CERT-UA#19092) Hiding in Plain Sight: Deconstructing the Multi-Actor…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, hacking news
Security Affairs newsletter Round 559 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Ukraine–Germany operation targets Black Basta, Russian leader wanted China-linked APT UAT-8837 targets North American critical infrastructure…
Cybercrime, elderly fraud, financial scams, Global Security News, seniors online safety, South Africa cybersecurity
South African Seniors are Prime Target for Cyber Attacks
Threat actors are well-aware of the fact that many older people are not very savvy when it comes to technology. Unlike younger generations, they did not “grow up” with digital versions and are often confused. Add to this that some seniors suffer from memory problems and you have a recipe ripe for cyber thieves to…
Cybercrime, Cybersecurity, Department of Justice (DOJ), Global Security News, North America
Jordanian national pleads guilty after unknowingly selling FBI agent access to 50 company networks
A 40-year-old Jordanian national pleaded guilty Thursday to operating as an access broker, selling access to at least 50 victim company networks he broke into by exploiting two commercial firewall products in 2023, according to the Justice Department. Feras Khalil Ahmad Albashiti, who lived in the Republic of Georgia at the time, sold an undercover…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News
Data breach at Canada’s Investment Watchdog Canadian Investment Regulatory Organization impacts 750,000 people
A data breach at Canada’s investment watchdog, Canadian Investment Regulatory Organization (CIRO), impacted about 750,000 people. The Canadian Investment Regulatory Organization (CIRO) is Canada’s national self-regulatory body overseeing investment dealers and marketplaces, protecting investors, enforcing compliance, and maintaining fair, efficient capital markets. CIRO announced that threat actors stole personal data of 750,000 people in an…
Breaking News, cyber crime, Cybercrime, data breach, Exploits, Global Security News, hacking
A ransomware attack disrupted operations at South Korean conglomerate Kyowon
South Korean conglomerate Kyowon confirmed a ransomware attack that disrupted operations and may have exposed customer data. Kyowon Group is a major South Korean conglomerate with diverse business interests spanning education, publishing, media, and technology. It operates nationwide, serving millions of customers through its various subsidiaries and brands. The company is a significant player in…
Breaking News, cyber crime, Cybercrime, Global Security News, malware
Lumen disrupts AISURU and Kimwolf botnet by blocking over 550 C2 servers
Lumen’s Black Lotus Labs blocked over 550 C2 servers tied to the AISURU/Kimwolf botnet used for DDoS attacks and proxy abuse. Lumen’s Black Lotus Labs disrupted over 550 command-and-control servers linked to the AISURU and Kimwolf botnet, a major network used for DDoS attacks and proxy abuse. Acting as a DDoS-for-hire service, Aisuru avoids government…
Australia, Cybercrime, Cybersecurity, Global Security News, North America, Research
Microsoft seizes RedVDS infrastructure, disrupts fast-growing cybercrime marketplace
Microsoft announced Wednesday that it worked with international law enforcement to seize infrastructure used to run cybercrime subscription service RedVDS and organized civil actions in the United States and United Kingdom to disrupt its further use. RedVDS has enabled at least $40 million in fraud losses in the U.S. since March 2025, according to Microsoft.…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, hacking
Threat actor claims the theft of full customer data from Spanish energy firm Endesa
Endesa disclosed a data breach exposing full customer data, including contact details, national ID numbers, and payment information. Spanish energy firm Endesa disclosed a data breach, threat actors stole full customer data, including contact details, national ID numbers, and payment information. “In this regard, we regret to inform you that Endesa Energía has detected a…
Breaking News, cyber crime, Cybercrime, Europe, Global Security News, malware, Security
Dutch court convicts hacker who exploited port networks for drug trafficking
Dutch appeals court jails a 44-year-old hacker for 7 years for hacking port systems to help smuggle cocaine through European logistics hubs. A Dutch appeals court sentenced a 44-year-old hacker to seven years in prison for hacking port systems to help smuggle cocaine through European logistics hubs into the Netherlands. The appeals court reduced the…
Cybercrime, Cybersecurity, Europe, Global Security News
Spanish police disrupt Black Axe, arrest alleged leaders in action spanning four cities
Authorities arrested 34 alleged cybercriminals in Spain, including some leaders of Black Axe, a transnational criminal organization responsible for adversary-in-the-middle scams such as business email compromise, money laundering and vehicle trafficking, the Spanish National Police said Friday. A coordinated law enforcement operation that fanned out to Seville, Madrid, Malaga and Barcelona significantly disrupted the group’s…
Breaking News, cyber crime, Cybercrime, Global Security News, Security
Europol and Spanish Police arrest 34 in crackdown on Black Axe criminal network
Europol announced the arrest of 34 suspected Black Axe members in Spain during a joint operation with Spanish and European law enforcement. Europol announced the arrest of 34 suspects in Spain linked to the Black Axe criminal network, following a joint operation by Spanish police, Bavarian authorities, and Europol, with most arrests in Seville. “The…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, hacking news
Security Affairs newsletter Round 558 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. A massive breach exposed data of 17.5M Instagram users North Korea–linked APT Kimsuky behind quishing attacks,…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, Security
A massive breach exposed data of 17.5M Instagram users
A massive breach exposed data of 17.5M Instagram users, triggering mass password reset emails and fears that stolen data is already circulating online. A major data breach has exposed the personal data of about 17.5 million Instagram users, Malwarebytes Labs researchers warn. Exposed data includes usernames, physical addresses, phone numbers, and email addresses,. Cybercriminals stole…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, hacking
Illinois Department of Human Services (IDHS) suffered a data breach that impacted 700K individuals
Illinois Department of Human Services (IDHS) exposed personal and health data of nearly 700,000 residents due to incorrect privacy settings. The Illinois Department of Human Services (IDHS ) disclosed a data breach after misconfigured privacy settings exposed personal and health data of nearly 700,000 residents. On September 22, 2025, IDHS discovered that internal maps meant…
AI, Congress, Cybercrime, Europe, Global Security News, Government, Policy
Dems pressure Google, Apple to drop X app as international regulators turn up heat
A trio of Senate Democrats are calling on Apple and Google to drop Elon Musk’s X from app stores as international regulators in Europe and Britain took steps towards investigations of the site’s mass undressing of users using Grok’s AI tool. On Friday, Senators Ron Wyden, D-Ore., Ben Ray Luján, D-N.M., and Ed Markey, D-Mass.,…
Cybercrime, Cybersecurity, deepfakes, Global Security News, Government, Technology
FCC finalizes new penalties for robocall violators
The Federal Communications Commission finalized new financial penalties for telecoms that submit false, inaccurate or late reporting to a federal robocalling system. The new regulations, which go into effect Feb. 5, will require providers to recertify every year that their information is accurate in the Robocall Mitigation Database (RMD). It would also impose fines on…
Breaking News, cyber crime, Cybercrime, Global Security News, hacking, hacking news
Resecurity Went on the Cyber Offensive – When ‘Shiny Objects’ trick ‘Shiny Hunters’
Resecurity released 105 pages with 1,000+ messages tied to hacker John Erin Binns, detailing contacts with an unnamed woman in Turkey and an associate called “S.M.” Resecurity released 105 pages containing over 1,000 messages related to John Erin Binns, a hacker who is currently not in U.S. custody, and sent a “warm hello” to an…
Breaking News, cyber crime, Cybercrime, discord, Global Security News, malware
VVS Stealer, a new python malware steals Discord credentials
VVS Stealer is a Python-based malware that steals Discord credentials and tokens and has been sold on Telegram since at least April 2025. Palo Alto Networks researchers uncovered VVS Stealer, a Python-based malware that steals Discord credentials and tokens and has been sold on Telegram since at least April 2025. VVS Stealer uses the source…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, Security
Sedgwick discloses data breach after TridentLocker ransomware attack
Sedgwick confirmed a cyber incident at its federal contractor unit after TridentLocker claimed to steal 3.4GB of data. Sedgwick is a leading global claims management and risk services provider operating in the insurance and risk solutions sector. It employs roughly 33,000 people worldwide, across more than 80 countries. Estimated annual revenue is in the multi-billion…
Breaking News, Cybercrime, data breach, Global Security News, malware, Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 78
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Evasive Panda APT poisons DNS requests to deliver MgBot Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations EmEditor Supply Chain Incident Details Disclosed: Distribution of Information-Stealing Malware Sweeps…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, hacking news
Security Affairs newsletter Round 557 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. French authorities investigate AI ‘undressing’ deepfakes on X Thousands of ColdFusion exploit attempts spotted during Christmas…
Breaking News, cyber crime, Cybercrime, Global Security News, Google Cloud Application, hacking, North America
Phishing campaign abuses Google Cloud Application to impersonate legitimate Google emails
Researchers uncovered a phishing campaign abusing Google Cloud Application Integration to send emails posing as legitimate Google messages. Check Point researchers have revealed a phishing campaign that abuses Google Cloud Application Integration to send emails impersonating legitimate Google messages. The attack uses layered redirection with trusted cloud services, user validation checks, and brand impersonation to…
Cybercrime, Exploits, Global Security News, hacking, hacking news, Uncategorized
React2Shell under attack: RondoDox Botnet spreads miners and malware
RondoDox botnet exploits the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers. CloudSEK researchers warn that the RondoDox botnet is exploiting the critical React2Shell flaw (CVE-2025-55182) to drop malware and cryptominers on vulnerable Next.js servers. “CloudSEK’s report details a persistent nine-month RondoDoX botnet campaign targeting IoT devices and web applications. Recently, the…
Breaking News, Cybercrime, Global Security News, hacking, Security
Coupang announces $1.17B compensation plan for 33.7M data breach victims
Coupang will spend about $1.17B to compensate 33.7 million users affected by a data breach, providing purchase vouchers to those impacted. Coupang announced it will spend about $1.17 billion to compensate 33.7 million people affected by a recent data breach, providing purchase vouchers to impacted users. “Coupang plans to provide customers with purchase vouchers worth…
Breaking News, cyber crime, Cybercrime, Global Security News, malware, Security
Lithuanian suspect arrested over KMSAuto malware that infected 2.8M systems
A Lithuanian national was arrested for allegedly spreading KMSAuto malware that stole clipboard data and infected 2.8 million Windows and Office systems. A Lithuanian man (29) was arrested for allegedly spreading KMSAuto-based clipboard-stealing malware that infected about 2.8 million Windows and Office systems. The man was extradited from Georgia to South Korea under Interpol coordination.…
Breaking News, cyber crime, Cybercrime, Global Security News, malware, Security
Romania’s Oltenia Energy Complex suffers major ransomware attack
A ransomware attack hit Romania’s Oltenia Energy Complex on December 26, knocking out IT systems at the country’s largest coal power producer. A ransomware attack disrupted Oltenia Energy Complex, Romania’s largest coal-based power producer, shutting down its IT systems on December 26. The Oltenia Energy Complex (CE Oltenia) is Romania’s leading state-controlled lignite mining and…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News
Condé Nast faces major data breach: 2.3M WIRED records leaked, 40M more at risk
Hacker claims Condé Nast breach, leaking 2.3M WIRED subscriber records and threatening to expose up to 40M more from other brands. A hacker known as “Lovely” claims to have leaked personal data of over 2.3 million Wired.com users. The data was allegedly posted on December 20, 2025, on the new Breach Stars hacking forum, with…
Breaking News, Crypto, cyber crime, Cybercrime, Global Security News, Security
Stolen LastPass backups enable crypto theft through 2025
Stolen vault backups from the 2022 LastPass breach are still being cracked, allowing attackers to steal crypto as late as 2025. The blockchain intelligence firm TRM Labs warns that encrypted vault backups stolen in the 2022 LastPass breach are still being cracked using weak master passwords, enabling crypto theft as late as 2025. In 2022,…
Breaking News, Cybercrime, data breach, Global Security News, malware, Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 77
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Choose Your Fighter: A New Stage in the Evolution of Android SMS Stealers in Uzbekistan From Linear to Complex: An Upgrade in RansomHouse Encryption Prince of Persia: A Decade of Iranian Nation-State APT Campaign…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, hacking news
Security Affairs newsletter Round 556 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. LangChain core vulnerability allows prompt injection and data exposure NPM package with 56,000 downloads compromises WhatsApp…
Breaking News, Cybercrime, Global Security News, hacking, hacking news, malware
NPM package with 56,000 downloads compromises WhatsApp accounts
An NPM package with over 56,000 downloads stole WhatsApp credentials, hid its activity, and installed a backdoor. Koi Security researchers warned that the NPM package ‘Lotusbail’, a WhatsApp Web API library and fork of ‘Baileys’, has been stealing users’ credentials and data. The package has been available for six months and has had over 56,000…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, hacking
Spotify cracks down on unlawful scraping of 86 million songs
Spotify shut down accounts after Anna’s Archive scraped and published data on 86 million songs, confirming action against unlawful scraping. Spotify disabled user accounts after an open-source group published files containing 86 million songs scraped from the platform. The group, Anna’s Archive, said it found a method to extract Spotify files and released a database…
Breaking News, cyber crime, Cybercrime, Global Security News, hacking, Security
FBI seized ‘web3adspanels.org’ hosting stolen logins
The U.S. seized the ‘web3adspanels.org’ domain and database used by cybercriminals to store stolen bank login credentials. The FBI seized the domain web3adspanels[.]org and its database after cybercriminals used it to store bank login credentials stolen from U.S. victims. A criminal group ran fake ads on Google and Bing that mimicked real bank advertisements. Victims…
Breaking News, cyber crime, Cybercrime, data breach, Exploits, Global Security News, hacking
Red Hat GitLab breach exposes data of 21,000 Nissan customers
Hackers breached Red Hat’s GitLab, stealing data of 21,000 customers; Nissan confirmed exposure via a self-managed GitLab instance. Japanese carmaker Nissan disclosed a data breach tied to a self-managed GitLab instance used by Red Hat Consulting. Threat actors gained access to the GitLab instance, stealing data from 21,000 customers. In October, the Crimson Collective claimed…
Cybercrime, Cybersecurity, Exploits, Global Security News, Threats
Leader of 764 offshoot pleads guilty, faces up to 60 years in jail
A 19-year-old man from San Antonio pleaded guilty Friday to multiple crimes involving the sexual exploitation of children while acting as an administrator and leader of 8884, a splinter group of the violent extremist collective known as 764. Alexis Aldair Chavez faces up to 60 years in prison for racketeering, distribution and possession of child…
Breaking News, cyber crime, Cybercrime, Global Security News, malware, North America
Ukrainian hacker pleads guilty to Nefilim Ransomware attacks in U.S.
Ukrainian Artem Stryzhak (35) pleaded guilty in the U.S. for Nefilim ransomware attacks; he was arrested in Spain in 2024, extradited in April 2025. A 35-year-old Ukrainian, Artem Aleksandrovych Stryzhak (35), pleaded guilty in the U.S. for Nefilim ransomware attacks. The Ukrainian citizen was arrested in Spain in 2024 and extradited to the US in…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, Security
University of Sydney discloses a data breach impacting 27,000 people
Hackers stole personal data of about 27,500 people from the University of Sydney after accessing an online code library, the university confirmed. The University of Sydney disclosed a data breach in which threat actors accessed an online code library and stole personal information linked to about 27,500 individuals, including current and former staff, affiliates, students,…
CyberBust, Cybercrime, Editor's Pick, Global Security News, Social Media Security, social networking sites
How to Detect Fake Social Media Profiles
In this post, we will show you how to detect fake social media profiles. With the increasing prevalence of social media platforms in our daily lives, fake social media profiles have become a significant concern. These profiles are often created for various malicious purposes, such as identity theft, online scams, cyberbullying, and misinformation spreading. Detecting…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, hacking news
Security Affairs newsletter Round 555 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. ATM Jackpotting ring busted: 54 indicted by DoJ U.S. CISA adds a flaw in WatchGuard Fireware…
Australia, Canada, Cybercrime, Cybersecurity, Global Security News, North America, Ransomware
Ukrainian national pleads guilty to Nefilim ransomware attacks
Artem Aleksandrovych Stryzhak, a 35-year-old Ukrainian national, pleaded guilty Friday to multiple crimes stemming from his involvement in a string of ransomware attacks targeting U.S. and Europe-based organizations from mid 2018 to late 2021. He faces up to 10 years in jail for conspiracy to commit fraud, including extortion. Stryzhak was arrested in Spain in…
Cybercrime, Cybersecurity, Global Security News, Ransomware
Former incident responders plead guilty to ransomware attack spree
Former cybersecurity professionals Ryan Clifford Goldberg and Kevin Tyler Martin pleaded guilty Thursday to participating in a series of ransomware attacks in 2023 while they were employed at cybersecurity companies tasked with helping organizations respond to ransomware attacks. Goldberg, who was a manager of incident response at Sygnia, and Martin, a ransomware negotiator at DigitalMint…
Breaking News, cyber crime, Cybercrime, Exploits, GhostPairing, Global Security News, hacking
GhostPairing campaign abuses WhatsApp device linking to hijack accounts
Attackers abuse WhatsApp’s device-linking feature to hijack accounts via pairing codes in the GhostPairing campaign. Attackers are exploiting WhatsApp’s device-linking feature to hijack accounts using pairing codes in a campaign dubbed GhostPairing, without requiring authentication. Gen Digital first observed the GhostPairing campaign in Czechia, but warns that it can spread globally via compromised accounts. The…