While authorities add new technologies and teams in their attempt to thwart cybercriminals, the stats are showing that in South Africa at least 50% of individuals polled have experienced some form of cybercrime; and the numbers continue to grow. The volume of internet users in South Africa is increasing and with this digital transformation threat…
Category: Cybercrime
Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research, Threats
React2Shell fallout spreads to sensitive targets as public exploits hit all-time high
Fallout from React2Shell — a stubborn vulnerability that impacts wide swaths of the internet’s scaffolding — continues to spread as public exploits and stealth backdoors proliferate and worrying details emerge about the targets attackers are pursuing. Threat researchers and incident responders are reacting to swift-moving developments on React2Shell with mounting concern. Cybercriminals, ransomware gangs and…
Cybercrime, Global Security News, Government, Ransomware, Threats, Uncategorized
DOJ announces takedown of alleged laundering platform used by cybercriminal groups
Federal prosecutors in Michigan say they have dismantled online infrastructure tied to an alleged money laundering operation that moved tens of millions of dollars in proceeds from ransomware and other cybercrime, along with indicting the service’s creator. The U.S. Attorney’s Office for the Eastern District of Michigan announced a coordinated action with international partners and…
Breaking News, cyber crime, Cybercrime, data breach, Exploits, Global Security News, hacking
Pornhub targeted in extortion attempt following Mixpanel breach exposing user activity
Hackers tied to ShinyHunters extort PornHub after stealing search and viewing history of Premium users in a Mixpanel data breach. PornHub faces extortion after hackers linked to ShinyHunters allegedly stole search and viewing history of Premium users via a Mixpanel data breach. Mixpanel is a product analytics platform that companies use to understand how people interact…
Cybercrime, Cybersecurity, Data Breaches, Global Security News, Government
Opexus claims background checks missed red flags on twins accused of insider breach
Opexus admits it missed key red flags when it hired twins Muneeb and Sohaib Akhter, as it failed to learn about crimes the brothers pleaded guilty to in 2015, including wire fraud and conspiring to hack into the State Department — offenses committed while they were contractors for federal agencies. The federal government contractor nonetheless…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News
U.S. fintech and data services firm 700Credit suffered a data breach impacting at least 5.6 million people
A data breach at 700Credit exposed the names, addresses, dates of birth, and Social Security numbers of at least 5.6 million people. 700Credit is a U.S. fintech and data services company that provides credit reports, “soft pull” prequalification, identity verification, fraud detection, and compliance tools to auto, RV, powersports, and marine dealerships across the country.…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, Security
Security Affairs newsletter Round 554 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Experts found an unsecured 16TB database containing 4.3B professional records Germany calls in Russian Ambassador over…
Breaking News, Cybercrime, data breach, Global Security News
Experts found an unsecured 16TB database containing 4.3B professional records
An open 16TB database exposed 4.3B professional records. It was unsecured and only closed after researchers alerted the owner. A 16TB unsecured MongoDB database exposed about 4.3 billion professional records, mainly LinkedIn-style data, enabling large-scale AI-driven social-engineering attacks. The researcher Bob Diachenko and nexos.ai discovered the unsecured DB on November 23, 2025, and it was…
Cybercrime, fraud prevention, Global Security News, mobile devices
SIM Pharm Cyber crime Escalates in South Africa
Just when you thought there couldn’t be another type of cyber thief, they develop new and devious methods to steal valuable information and finances. Over the last few yearsthere has been an uptick in “SIM pharm” crimes. This form of crime has encompassed avariety of scams including theft of banking credentials, impersonation, investment fraud,and online…
Cybercrime, Cybersecurity, Exploits, Global Security News, Research, Threats
Attacks pinned to critical React2Shell defect surge, surpass 50 confirmed victims
Security experts have observed a steady increase in malicious activity from a widening pool of attackers seeking to exploit React2Shell, a critical vulnerability disclosed last week in React Server Components. Authorities are also responding to heightened concern about the defect, with the Cybersecurity and Infrastructure Security Agency shortening the deadline for agencies to patch the…
critical infrastructure, Cybercrime, Global Security News, Government, North America, Threats
US charges hacker tied to Russian groups that targeted water systems and meat plants
The Justice Department has charged a Ukrainian national with conducting cyberattacks on critical infrastructure worldwide as part of two Russian state-sponsored hacking operations that targeted water systems, food processing facilities and government networks across the United States and allied nations. Victoria Eduardovna Dubranova, 33, was arraigned on a second indictment Tuesday after being extradited to…
Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, malware
Broadside botnet hits TBK DVRs, raising alarms for maritime logistics
Mirai-based Broadside botnet targets vulnerable TBK Vision DVRs, posing a potential threat to the maritime logistics sector, Cydome warns. Cydome researchers have identified a new Mirai botnet variant dubbed Broadside that is targeting the maritime logistics sector by exploiting the command injection vulnerability CVE-2024-3721 in TBK DVR devices used on vessels. “Cydome’s Cybersecurity Research Team has identified…
Breaking News, cyber crime, Cybercrime, Europe, Flipper Zero, Global Security News, hacking
Polish Police arrest 3 Ukrainians for possessing advanced hacking tools
Poland arrested three Ukrainian nationals accused of using hacking devices to target IT systems and obtain sensitive defense-related data. Polish police arrested three Ukrainian nationals for allegedly trying to damage IT systems and obtaining sensitive defense-related data using advanced hacking equipment. The police arrested three Ukrainian men after finding Flipper hacking gear, spy-device detectors, SIM…
Breaking News, cyber crime, Cybercrime, Global Security News, malware, Security
FinCEN data shows $4.5B in ransomware payments, record spike in 2023
Ransomware payments reported to FinCEN exceeded $4.5B by 2024, with 2023 marking a record year at $1.1B across 1,512 incidents. FinCEN analyzed ransomware trends using Bank Secrecy Act (BSA) reports filed from January 2022 to February 2025. During this period, organizations reported 4,194 ransomware incidents and more than $2.1 billion in payments. For comparison, from…
Cybercrime, Cybersecurity, Financial, Global Security News, Money, Ransomware
Is ransomware finally on the decline? Treasury data offers cautious hope
Ransomware is on the decline, according to a study the Treasury Department released Thursday, pointing to fewer attacks and payments following an all-time spike in activity in 2023. The Financial Crimes Enforcement Network (FinCEN) report on ransomware trends concluded more positive development in payments — the critical and most visible layer of attacks that have…
Breaking News, cyber crime, Cybercrime, Exploits, fbi, Global Security News, Security
FBI: Crooks manipulate online photos to fuel virtual kidnapping ransoms
The FBI warns of criminals altering images shared on social media and using them as fake proof of life photos in virtual kidnapping ransom scams. The FBI warns that criminals are altering publicly available photos to create fake “proof-of-life” images used in virtual kidnapping scams, posing as kidnappers and demanding ransom. “The Federal Bureau of…
Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, malware, Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 74
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Analysis of ShadowPad Attack Exploiting WSUS Remote Code Execution Vulnerability (CVE-2025-59287) Shai-Hulud 2.0 Supply Chain Attack: 25K+ npm Repos Exposed Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications Morphisec Thwarts Russian-Linked…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, Uncategorized
Security Affairs newsletter Round 553 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs Maximum-severity XXE vulnerability discovered in Apache…
Breaking News, Cybercrime, Global Security News, GlobalProtect, hacking, Security
Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs
A hacking campaign is targeting GlobalProtect logins and scannig SonicWall APIs since December 2, 2025. A campaign began on December 2 targeting Palo Alto GlobalProtect portals with login attempts and scanning SonicWall SonicOS API endpoints. The activity came from over 7,000 IPs tied to German hosting provider 3xK GmbH, which operates its own BGP network…
Cybercrime, Cybersecurity, Exploits, Global Security News, Research, Threats
Attackers hit React defect as researchers quibble over proof
Attackers of different origins and motivations swiftly exploited a critical vulnerability dubbed React2Shell, affecting React Server Components shortly after Meta and the React team publicly disclosed the flaw with a patch Wednesday. Multiple security firms are actively responding to active exploitation in the wild as a scrum of reports conclude the malicious activity is limited…
Cybercrime, Cybersecurity, Data Breaches, Global Security News, Government
Twins with hacking history charged in insider data breach affecting multiple federal agencies
Twin brothers Muneeb and Sohaib Akhter were arrested in Alexandria, Va., Wednesday for allegedly stealing and destroying government data held by a government contractor minutes after they were fired from the company earlier this year, the Justice Department said. Prosecutors accuse the 34-year-old brothers of the crimes during a weeklong spree in February, compromising data…
Cybercrime, Cybersecurity, Exploits, Global Security News, Meta, Research, Threats
Developers scramble as critical React flaw threatens major apps
Security researchers and code developers are scrambling to patch and investigate a critical vulnerability affecting React Server Components, an open-source library used widely across the internet and embedded into many essential software frameworks. The rapid response underscores the potential consequences of exploitation. Although no attacks have been observed or reported, researchers expect them soon and…
california, Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Threats
University of Pennsylvania joins growing pool of Oracle customers impacted by Clop attacks
The University of Pennsylvania joined the steadily growing number of victim organizations impacted by the widespread data theft and extortion campaign involving a notorious ransomware group’s exploitation of a zero-day vulnerability and other defects in Oracle E-Business Suite earlier this year. The university filed a data breach notification in Maine Monday, confirming nearly 1,500 Maine…
Crypto, Cybercrime, Cybersecurity, Financial, Global Security News, Money
Authorities take down Cryptomixer, seize $28M in Switzerland
European authorities shut down and seized the assets of Cryptomixer, a cryptocurrency mixing service that allegedly facilitated more than $1.5 billion in money laundering for cybercriminals and other illegal activity, Europol said Monday. The weeklong operation, part of “Operation Olympia,” netted the seizure of nearly $28 million in Bitcoin, three servers in Switzerland, the cryptomixer.io…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, hacking news
Security Affairs newsletter Round 552 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Attackers stole member data from French Soccer Federation Thousands of sensitive secrets published on JSONFormatter and…
Breaking News, Cybercrime, data breach, Global Security News, hacking
OpenAI data may have been exposed after a cyberattack on analytics firm Mixpanel
OpenAI warns some users that a cyberattack on analytics firm Mixpanel may have exposed their data. Mixpanel is a product analytics platform that companies use to understand how people interact with their apps or websites. Many tech companies use Mixpanel to make data-driven decisions about features, performance, and customer journeys. OpenAI is alerting some users about…
Cybercrime, Cybersecurity, Data Breaches, Global Security News, Threats
Crisis24 shuts down emergency notification system in wake of ransomware attack
OnSolve CodeRED, a voluntary, opt-in emergency notification system used by law enforcement agencies and municipalities across the country, has been permanently shut down in the wake of a ransomware attack. Crisis24, the company behind the service, said it decommissioned the platform after the cyberattack damaged the OnSolve CodeRED environment earlier this month. “Current forensic analysis…
AI, Artificial Intelligence (AI), Congress, Cybercrime, Cybersecurity, Global Security News
New legislation targets scammers that use AI to deceive
A new bipartisan bill introduced in the House would increase the criminal penalties for committing fraud and impersonation with the assistance of AI tools. The AI Fraud Deterrence Act, introduced by Reps. Ted Lieu, D-Calif., and Neal Dunn, R-Md., would raise the overall ceiling for criminal fines and prison time for fraudsters who use AI…
Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, malware
Dissecting a new malspam chain delivering Purelogs infostealer
The AISI Research Center’s Cybersecurity Observatory publishes the report “Dissecting a new malspam chain delivering Purelogs infostealer” – November 25, 2025. Organizational and personal security remains under constant threat from increasingly sophisticated attack vectors, with malspam continuing to represent one of the most widespread and effective initial infection vectors for distributing malware on a large…
Breaking News, cyber crime, Cybercrime, Global Security News, hacking
FBI: bank impersonators fuel $262M surge in account takeover fraud
Cybercriminals posing as banks drove a major spike in account takeover fraud this year, stealing over $262 million, the FBI warned. The FBI warns of a surge in account takeover fraud, with criminals posing as financial institutions and stealing over $262M since January 2025. Cybercriminals breach online financial, payroll, or health-savings accounts to steal money…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, hacking
SitusAMC confirms data breach affecting customer information
SitusAMC says a recent breach exposed customer data; the real-estate financing firm provides back-office services for banks and lenders. SitusAMC, a leading real-estate financing services provider for banks and lenders, disclosed a data breach discovered earlier this month that exposed customer information. The firm manages back-office functions such as mortgage origination, servicing, and compliance for…
Breaking News, cyber crime, Cybercrime, data breach, Exploits, Global Security News, Security
Harvard reports vishing breach exposing alumni and donor contact data
Harvard revealed its Alumni Affairs systems suffered a vishing breach, exposing emails, phone numbers, addresses, donation data and biographical info. Harvard revealed that threat actors breached its Alumni Affairs and Development systems through a vishing attack, exposing contact, donation, and biographical data of students, staff, alumni. Harvard says the breached systems held no Social Security…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News
Delta Dental of Virginia data breach impacts 145,918 customers
Delta Dental of Virginia suffered a data breach that exposed personal and health data of about 146,000 customers after the hack of an email account. A security breach at the dental care provider Delta Dental of Virginia (DDVA) exposed data of about 146,000 people, including names, Social Security numbers, ID numbers, and health information, after…
Breaking News, cyber crime, Cybercrime, Global Security News, hacking, Security
Scattered Spider alleged members deny TfL charges
Two UK teens linked to Scattered Spider pleaded not guilty to charges over last year’s TfL cyberattack at a Southwark Crown Court hearing. Two British teens accused of Computer Misuse Act offenses for a cyberattack on Transport for London pleaded not guilty in court. Thalha Jubair (aka EarthtoStar, Brad, Austin, and @autistic), 19, and Owen…
Asia Pacific, Breaking News, cyber crime, Cybercrime, data breach, Global Security News
Iberia discloses security incident tied to supplier breach
Iberia warns customers of a supplier-related data breach as a threat actor claims to hold 77GB of stolen airline data. Iberia is warning customers about a data breach after a third-party supplier was hacked by a threat actor who claims to have stolen 77 GB of airline data. Iberia is the flag carrier airline of…
Breaking News, Cybercrime, data breach, Emerging Tech, Global Security News, hacking, malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 72
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Contagious Interview Actors Now Utilize JSON Storage Services for Malware Delivery RONINGLOADER: DragonBreath’s New Path to PPL Abuse npm Malware Campaign Uses Adspect Cloaking to Deliver Malicious Redirects GPT Trade: Fake Google Play Store…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, hacking news
Security Affairs newsletter Round 551 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. BadAudio malware: how APT24 scaled its cyberespionage through supply chain attacks U.S. CISA adds an Oracle…
Breaking News, crowdstrike, Cybercrime, Global Security News, hacking, Security
CrowdStrike denies breach after insider sent internal screenshots to hackers
CrowdStrike says an insider shared internal screenshots with hackers but confirms no system breach and no customer data exposure. BleepingComputer first reported that CrowdStrike said an insider shared internal system screenshots with hackers, after Scattered Lapsus$ Hunters leaked them on Telegram. The company stresses that no systems were breached and no customer data was exposed.…
Cybercrime, Cybersecurity, Data Breaches, Global Security News, Threats
Hundreds of Salesforce customers hit by yet another third-party vendor breach
Salesforce said yet another breach involving a third-party vendor has compromised customers’ data, warning in a security advisory late Wednesday that it detected unusual activity in Gainsight applications connected to Salesforce customer environments. “Google Threat Intelligence Group is aware of more than 200 potentially affected Salesforce instances,” Austin Larsen, principal analyst at GTIG, told CyberScoop. …
Breaking News, cyber crime, Cybercrime, Global Security News, Security
Coordinated sanctions hit Russian bulletproof hosting providers enabling top ransomware Ops
US, Australia and UK sanctioned 2 Russian bulletproof hosting providers accused of aiding groups like LockBit, BlackSuit and Play. US, Australia and UK sanctioned two Russian bulletproof hosting providers accused of aiding groups like LockBit, BlackSuit and Play. Coordinated sanctions hit Russia-based provider Media Land, its leaders, and sister firms for supplying bulletproof hosting that…
Commentary, Cybercrime, Financial, Geopolitics, Global Security News, Government
Five Eyes just made life harder for bulletproof hosting providers
The Treasury Department, along with officials from the United Kingdom and Australia, imposed sanctions Wednesday against two bulletproof hosting providers and key people involved in their operations, in a globally coordinated effort aimed at thwarting the role these services have in enabling ransomware, phishing operations, and data extortion campaigns around the world. Authorities sanctioned Media…
Cyber Threats, CyberBust, Cybercrime, Global Security News, Tips & Hacks
Essential Cyber Security Plan for Small Business
Want to make cyber security plan for your small business? Read on! Many small business owners underestimate the importance of implementing robust cybersecurity measures for their enterprises, often dismissing the notion of cyber threats as irrelevant to the scale of their operations. This mindset neglects the critical need for a comprehensive cybersecurity plan tailored to…
CyberBust, Cybercrime, Editor's Pick, Global Security News
What To Do If You’ve Been Scammed Online: A Comprehensive Guide
Are you wondering what to do next after being scammed online? We will show you the ideal steps to take. In today’s digital age, online scams have become increasingly prevalent, and many people fall victim to them. It can be a profoundly distressing experience if you’ve been scammed online. However, it’s important to remember that…
Breaking News, cyber crime, Cybercrime, data breach, Exploits, Global Security News, Security
Eurofiber confirms November 13 hack, data theft, and extortion attempt
Eurofiber says hackers exploited a flaw on November 13, breached its ticket and customer portals, stole data, and attempted extortion. On November 13, threat actors exploited a vulnerability to breach its ticketing system and ATE customer portal of the European fiber operator Eurofiber. Attackers stole data and attempted extortion. Eurofiber focuses on B2B digital infrastructure,…
Breaking News, cyber crime, Cybercrime, data breach, Exploits, Global Security News
Pennsylvania Office of the Attorney General (OAG) confirms data breach after August attack
The Pennsylvania Office of the Attorney General (“OAG”) confirms a data breach following a ransomware attack by Inc Ransom group. The Pennsylvania Office of the Attorney General (“OAG”) confirmed a data breach following a ransomware attack attributed to Inc Ransom group. However, the organization did not share details about the security breach, either the number…
Breaking News, cyber crime, Cybercrime, Global Security News, Security
Dutch police takes down bulletproof hosting hub linked to 80+ cybercrime cases
Dutch police seized 250 servers running a bulletproof hosting service tied to cybercriminals and linked to over 80 investigations since 2022. Dutch police Politie, seized 250 servers running an unnamed bulletproof hosting service used solely by cybercriminals. Active since 2022, it appeared in over 80 cybercrime investigations. “In an investigation into a rogue hosting company,…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 71
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter 9 Malicious NuGet Packages Deliver Time-Delayed Destructive Payloads GlassWorm Returns: New Wave Strikes as We Expose Attacker Infrastructure Gootloader Returns: What Goodies Did They Bring? Active Water Saci Campaign Spreading Via WhatsApp Features Multi-Vector…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, Security
Security Affairs newsletter Round 550 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Multiple Vulnerabilities in GoSign Desktop lead to Remote Code Execution U.S. CISA adds Fortinet FortiWeb flaw to…
Cybercrime, Cybersecurity, Financial, Global Security News, Government, Money, North America
DOJ lauds series of gains against North Korean IT worker scheme, crypto thefts
The Justice Department notched a few more wins in the fight against North Korean cryptocurrency heists and the regime’s expansive scheme to get remote IT workers hired at U.S. businesses. Officials’ countermeasures to these schemes, which ultimately launder ill-gotten money to North Korea’s government, involve the targeting of U.S.-based facilitators who provide forged or stolen…
Breaking News, cyber crime, Cybercrime, data breach, Exploits, Global Security News, hacking
Washington Post notifies 10,000 individuals affected in Oracle-linked data theft
The Washington Post alerts nearly 10,000 employees and contractors that personal and financial data was exposed in the Oracle breach. The Washington Post warns nearly 10,000 staff and contractors that personal and financial data was exposed in the Oracle breach. The popular newspaper has approximately 2.5M digital subscribers. Between July 10 and August 22, threat…
Cybercrime, Cybersecurity, Exploits, Global Security News, Government, Ransomware
FBI calls Akira ‘top five’ ransomware variant out of 130 targeting US businesses
Federal cyber authorities shared new details Thursday about the Akira ransomware group’s techniques, the tools it uses and vulnerabilities it exploits for initial access alongside the release of a joint cybersecurity advisory. Members of the financially motivated group, which initially appeared in March 2023, are associated with other threat groups, including Storm-1567, Howling Scorpius, Punk…
Clop, Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Uncategorized
Washington Post confirms data on nearly 10,000 people stolen from its Oracle environment
The Washington Post said it, too, was impacted by the data theft and extortion campaign targeting Oracle E-Business Suite customers, compromising human resources data on nearly 10,000 current and former employers and contractors. The company was first alerted to the attack and launched an investigation when a “bad actor” contacted the media company Sept. 29…
Botnet, crowdstrike, Cybercrime, Department of Justice (DOJ), Global Security News
Operation Endgame targets malware networks in global crackdown
In a sweeping international crackdown coordinated from Europol’s headquarters, law enforcement agencies from the United States and 10 other countries have disrupted three of the world’s most widely used cybercriminal malware operations. Conducted Nov. 10-13, Operation Endgame focused on neutralizing the Rhadamanthys info-stealing malware, the VenomRAT remote access trojan, and the Elysium botnet — tools…
Asia Pacific, Breaking News, cyber crime, Cybercrime, Global Security News, Google, Security
Google sues cybercriminal group Smishing Triad
Google sues China-based group using “Lighthouse” phishing kit in large-scale smishing attacks to steal victims’ financial data. Google filed a lawsuit against a cybercriminal group largely based in China that is behind a massive text message phishing operation, or “smishing.” The organization uses a phishing-as-a-service kit named “Lighthouse” to steal sensitive financial information by sending…
Botnet, Breaking News, cyber crime, Cybercrime, Global Security News, malware, North America
New Danabot Windows version appears in the threat landscape after May disruption
DanaBot returns after 6 months with a new Windows variant (v669), marking its comeback after being disrupted by Operation Endgame in May. DanaBot has resurfaced with a new variant (version 669) targeting Windows systems, six months after Operation Endgame disrupted its activity in May, according to Zscaler ThreatLabz. The researchers identified a set of command…
Cybercrime, Financial, Geopolitics, Global Security News, North America, Policy, Threats
Google files lawsuit against Lighthouse ‘phishing for dummies’ text scammers
Google on Wednesday filed a lawsuit against pesky text message scammers — like those who flood targets with notices that they have unpaid road tolls, or have a package waiting — in an attempt to disrupt a “phishing for dummies” operation the company accuses of victimizing more than 1 million people. The lawsuit against 25…
Amazon, Cybercrime, Cybersecurity, Exploits, Global Security News, Research, Threats
Amazon pins Cisco, Citrix zero-day attacks to APT group
Amazon’s threat intelligence team said it observed an advanced persistent threat group exploiting zero-day vulnerabilities affecting Cisco Identity Service Engine and Citrix NetScaler products before the vendors disclosed and patched the defects last summer. Amazon’s MadPot honeypot service detected active exploitation of the critical defects — CVE-2025-5777 in Citrix and CVE-2025-20337 in Cisco — and…
Cybercrime, Cybersecurity, Exploits, Global Security News, Threats
Maryland man faces federal charges for crimes allegedly linked to 764
A 20-year-old Maryland man allegedly associated with violent extremist group 764 is in federal custody, facing charges for sexual exploitation of children, online coercement and enticement, and cyberstalking. Erik Lee Madison, of Halethorpe, Maryland, is accused of victimizing at least five children this fall, including one as young as 13 at the time. His alleged…
Clop, Cybercrime, Cybersecurity, Global Security News, Ransomware
Hitachi subsidiary GlobalLogic impacted by Clop’s attack spree on Oracle customers
GlobalLogic, a digital engineering and product design company, said it was impacted by a widespread data theft and extortion campaign linked to a zero-day vulnerability in Oracle E-Business Suite. The company, which was acquired by Hitachi in 2021 and has a current customer base of nearly 600 clients, filed data breach notifications with authorities in…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 70
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter SesameOp: Novel backdoor uses OpenAI Assistants API for command and control Weaponized Military Documents Deliver Advanced SSH-Tor Backdoor to Defense Sector Gootloader Returns: What Goodies Did They Bring? Ransomvibing appears in VS Code extensions …
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, Security
Security Affairs newsletter Round 549 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. China-linked hackers target U.S. non-profit in long-term espionage campaign A new Italian citizen was targeted with…
cisco, Cybercrime, Cybersecurity, Global Security News, North America, Ransomware
Russian national pleads guilty to breaking into networks for Yanluowang ransomware attacks
A 25-year-old Russian national pleaded guilty to multiple charges stemming from their participation in ransomware attacks and faces a maximum penalty up to 53 years in prison. Aleksei Olegovich Volkov, also known as “chubaka.kor,” served as the initial access broker for the Yanluowang ransomware group while living in Russia from July 2021 through November 2022,…
Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Technology, Threats
SonicWall pins attack on customer portal to undisclosed nation-state
SonicWall said a state-sponsored threat actor was behind the brute-force attack that exposed firewall configuration files of every customer that used the company’s cloud backup service. The vendor pinned the responsibility for the attack on an undisclosed nation state Tuesday, after Mandiant concluded its investigation into the incident. SonicWall did not attribute the attack to…
Cybercrime, Cybersecurity, Department of Justice (DOJ), Exploits, Global Security News
Court reimposes original sentence for Capital One hacker
A federal judge has reimposed a sentence on Paige Thompson, the former Amazon Web Services engineer convicted in the 2019 Capital One data breach that compromised the personal information of more than 100 million people. U.S. District Judge Robert Lasnik sentenced Thompson to time served, plus five years of supervised release with three years of…
antivirus, Cybercrime, Global Security News, Hacks, malware, Tips & Hacks
31 Best Safety Tips For Online Shopping
This post will show you our compilation of the best safety tips for online shopping. In today’s digital age, online shopping has revolutionized the way we acquire goods and services. The convenience of browsing an endless array of products from the comfort of our homes and having them delivered to our doorstep is unparalleled. However,…
Breaking News, cyber crime, Cybercrime, Global Security News, hacking
Former cybersecurity firm experts attempted to extort five U.S. companies in 2023 using BlackCat ransomware attacks
U.S. prosecutors charged three Florida men for using BlackCat ransomware to hack and extort five U.S. companies in 2023. U.S. prosecutors charged Ryan Clifford Goldberg, Kevin Tyler Martin, and another Florida-based accomplice (aka “Co-Conspirator 1”) for using BlackCat ransomware to hack and extort five U.S. companies in 2023. According to Federal prosecutors, the attacks occurred…
Breaking News, cyber crime, Cybercrime, Global Security News, hacking
Former cybersecurity employees attempted to extort five U.S. companies in 2023 using BlackCat ransomware attacks
U.S. prosecutors charged three Florida men for using BlackCat ransomware to hack and extort five U.S. companies in 2023. U.S. prosecutors charged Ryan Clifford Goldberg, Kevin Tyler Martin, and another Florida-based accomplice (aka “Co-Conspirator 1”) for using BlackCat ransomware to hack and extort five U.S. companies in 2023. According to Federal prosecutors, the attacks occurred…
Breaking News, cyber crime, Cybercrime, Global Security News, hacking
Nine arrested in €600M crypto laundering bust across Europe
A coordinated Eurojust-led operation led to nine arrests in Cyprus, Spain, and Germany for laundering €600M in crypto fraud. Authorities in France, Belgium, and Cyprus arrested nine people in a coordinated Eurojust-led operation against a crypto money laundering ring that stole over €600 million. The group ran dozens of fake crypto investment sites that promised…
Asia Pacific, Cybercrime, Financial, Geopolitics, Global Security News, Government, Policy
North Korean companies, people sanctioned for money laundering from cybercrime, IT worker schemes
The Treasury Department on Tuesday sanctioned eight people and two companies it accused of laundering money obtained from cybercrime and IT worker schemes to fund North Korean government objectives. According to the department, over the last three years North Korea-linked cybercriminals have stolen over $3 billion, mostly in cryptocurrency. In addition, it said, North Korean…
Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, malware
Crooks exploit RMM software to hijack trucking firms and steal cargo
Hackers target trucking firms with RMM tools to steal freight, teaming with organized crime to loot goods, mainly food and beverages. Cybercriminals are targeting trucking and logistics firms with RMM tools (remote monitoring and management software) to steal freight. Active since June 2025, the group works with organized crime to loot goods, mainly food and…
Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, malware
Crooks exploit RMM software to hijack trucking firms and steal cargo
Hackers target trucking firms with RMM tools to steal freight, teaming with organized crime to loot goods, mainly food and beverages. Cybercriminals are targeting trucking and logistics firms with RMM tools (remote monitoring and management software) to steal freight. Active since June 2025, the group works with organized crime to loot goods, mainly food and…
Cybercrime, Cybersecurity, Global Security News, North America, Ransomware
Prosecutors allege incident response pros used ALPHV/BlackCat to commit string of ransomware attacks
Federal prosecutors allege that three cybersecurity professionals, whose job was to help companies respond to ransomware attacks, instead carried out their own ransomware schemes against five U.S. businesses in 2023. Ryan Clifford Goldberg, Kevin Tyler Martin and an unnamed co–conspirator — all U.S. nationals — began using ALPHV, also known as BlackCat, ransomware to attack…
Breaking News, cyber crime, Cybercrime, Global Security News, malware, Security
Jabber Zeus developer ‘MrICQ’ extradited to US from Italy
Ukrainian Yuriy Rybtsov, aka MrICQ, a suspected Jabber Zeus developer, was extradited from Italy to the US to face cybercrime charges. Ukrainian national Yuriy Igorevich Rybtsov (41), aka MrICQ, an alleged Jabber Zeus developer, was arrested in Italy, lost his extradition appeal, and has been sent to the US to face cybercrime charges. After a…
Breaking News, Cybercrime, data breach, Global Security News, malware, Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 69
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Agenda Ransomware Deploys Linux Variant on Windows Systems Through Remote Management Tools and BYOVD Techniques Uncovering Qilin attack methods exposed through multiple cases Mem3nt0 mori – The Hacking Team is back! Insider Threats Loom…
Breaking News, Cybercrime, Exploits, Global Security News, hacking, Security, Uncategorized
Security Affairs newsletter Round 548 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. BadCandy Webshell threatens unpatched Cisco IOS XE devices, warns Australian government China-linked UNC6384 exploits Windows zero-day…
Breaking News, cyber crime, Cybercrime, Global Security News, Security
Ukrainian extradited to US over Conti ransomware involvement
Ukrainian Oleksii Lytvynenko extradited from Ireland to US for alleged role in Conti ransomware after fleeing Ukraine in 2022. Ukrainian national Oleksii Lytvynenko (43) extradited from Ireland to the US, faces charges for alleged involvement in Conti ransomware attacks after fleeing Ukraine in 2022. The man appeared in a US court and was charged with…
Cybercrime, Cybersecurity, Exploits, Global Security News, Threats
Alleged 764 leader arrested in Arizona, faces life in prison
Federal law enforcement said a leader of 764, a violent extremist group, has been in federal custody since he was arrested in December and faces 29 charges for running a loose-knit collective involved in child exploitation, cyberstalking, kidnapping, animal torture, wire fraud and murder. Baron Cain Martin, 21, of Tucson, Arizona, allegedly joined the child…
Cybercrime, Cybersecurity, Global Security News, Ransomware
Ukrainian allegedly involved in Conti ransomware attacks faces up to 25 years in jail
A 43-year-old Ukrainian national allegedly involved in the Conti ransomware group pleaded not guilty in federal court Thursday to cybercrime charges that could land him in prison for up to 25 years, according to court documents. Oleksii Oleksiyovych Lytvynenko, also known as Alexsey Alexseevich Litvinenko, was arrested in Ireland in July 2023, extradited to the…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News
Dentsu’s US subsidiary Merkle hit by cyberattack, staff and client data exposed
Dentsu said its U.S. unit Merkle was hit by a cyberattack exposing staff and client data, forcing some systems offline to mitigate the security breach. Japanese multinational advertising and public relations company Dentsu, one of the largest marketing agencies in the world, announced that its U.S.-based subsidiary Merkle suffered from a cyber attack that exposed…
Cybercrime, Cybersecurity, Exploits, Global Security News
Alleged 764 member faces up to 69 years in prison for string of suspected violent crimes
A 19-year-old California man associated with the nihilistic violent extremist group 764 pleaded not guilty to multiple charges of animal crushing, sexual exploitation of a minor, possession of child sexual abuse material (CSAM), cyberstalking and interstate extortion in a federal court Tuesday. Tony Christopher Long of Porterville, Calif., allegedly committed the various criminal acts in…
CyberBust, Cybercrime, Editor's Pick, FatCow, Global Security News, GoDaddy
Web Host Agents Scam Exposed [Eye Opener and Must Read]
What did you hear about the Web Host Agents Scam? Did you receive any email from a company called Web Host Agents? If your answer to the question above is YES, then ignore the mail and read this article to the end. There are a lot of reported cases of how people are being ripped…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News, malware
Safepay ransomware group claims the hack of professional video surveillance provider Xortec
Safepay group claims the hack of professional video surveillance provider Xortec and added the company to its data leak site. The Safepay group claimed responsibility for hacking German video surveillance provider Xortec and listed the company on its data leak site. The ransomware payment deadline is October 27, 2025. Xortec GmbH, based in Frankfurt with…
Breaking News, cyber crime, Cybercrime, Global Security News, malware, Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 68
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter TikTok videos continue to push infostealers in ClickFix attacks 131 Spamware Extensions Targeting WhatsApp Flood Chrome Web Store Salty Much: Darktrace’s view on a recent Salt Typhoon intrusion Shifts in the Underground: The Impact…
Breaking News, Cybercrime, Global Security News, hacking, hacking news, Security
Cyberattack on Jaguar Land Rover inflicts $2.5B loss on UK economy
The attack on Jaguar Land Rover costs the UK economy $2.5B, marking its most damaging cyber incident, says CMC. In early September, Jaguar Land Rover shut down systems to mitigate a cyberattack that disrupted production and retail operations. The attack also impacted systems at the Solihull production plant. UK dealers reported JLR disruptions blocking car registrations and…
Artificial Intelligence, Cybercrime, Global Security News
South Africa Suffering from AI-powered Cybercrime
There is no denying that AI (artificial intelligence) has taken on the world by storm.While there are many positive attributes of AI, there continues to be negative conditionswhere AI is being used by threat actors. These cyber criminals are seeing AI as theirlatest tool in their tool box to misrepresent and steal from private individuals…
Breaking News, cyber crime, Cybercrime, Europe, Global Security News, hacking, Security
Japanese retailer Muji halted online sales after a ransomware attack on logistics partner
Muji halted online sales after a ransomware attack on its logistics partner Askul, disrupting orders, app services, and website access. Japanese retailer giant Muji suspended online sales after a ransomware attack hit its logistics partner Askul. The cyber incident disrupted deliveries and online store functions, including orders and app services. “Due to a logistics issue…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 67
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Astaroth: Banking Trojan Abusing GitHub for Resilience North Korea’s Contagious Interview Campaign Escalates: 338 Malicious npm Packages, 50,000 Downloads New Rust Malware “ChaosBot” Uses Discord for Command and Control Weaponizing Discord for Command and…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, hacking news
Security Affairs newsletter Round 546 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Winos 4.0 hackers expand to Japan and Malaysia with new malware From Airport chaos to cyber…
Breaking News, cyber crime, Cybercrime, Europol’s SIMCARTEL operation, Global Security News, Security
SIMCARTEL operation: Europol takes down SIM-Box ring linked to 3,200 scams
Europol’s SIMCARTEL operation shut down a SIM-box network behind 3,200 frauds and €4.5M losses, using 40,000 SIMs for scams and extortion. Europol’s “SIMCARTEL” operation dismantled an illegal SIM-box network tied to over 3,200 fraud cases and €4.5M in losses. The service used 1,200 SIM-boxes with 40,000 SIM cards to supply phone numbers for phishing, investment…
Cybercrime, Cybersecurity, estonia, Europol, Global Security News
Europol dismantles cybercrime network linked to $5.8M in financial losses
European law enforcement dismantled and seized an expansive cybercrime operation used to facilitate phishing attacks via mobile networks for fraud, including account intrusions, credential and financial data theft, Europol said Friday. Investigators from Austria, Estonia and Latvia linked the cybercrime networks to more than 3,200 fraud cases, which also involved investment scams and fake emergencies…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News
Prosper disclosed a data breach impacting 17.6 million accounts
Threat actors stole personal data, including names, IDs, and financial details from Prosper, affecting over 17M users. Prosper is a U.S.-based peer-to-peer lending platform that connects individual borrowers with investors. Founded in 2005 and headquartered in San Francisco, Prosper allows people to apply for personal loans online, while investors can fund portions of those loans…
cyber crime, Cybercrime, Global Security News, hacking, malware, Security
Microsoft revokes 200+ certificates abused by Vanilla Tempest in fake Teams campaign
Microsoft revoked 200+ certificates used by Vanilla Tempest to sign fake Teams installers spreading Oyster backdoor and Rhysida ransomware. Microsoft revoked over 200 certificates used by the cybercrime group Vanilla Tempest (aka VICE SPIDER and Vice Society) to sign fake Teams installers spreading the Oyster backdoor and Rhysida ransomware. The threat actor has been active…
Breaking News, cyber crime, Cybercrime, Global Security News, hacking, Security
PowerSchool hacker got four years in prison
Matthew D. Lane, a Massachusetts student, got four years in prison for hacking and extorting $3M from PowerSchool and another company. A Massachusetts student, Matthew D. Lane, was sentenced to four years in prison for hacking and extorting about $3 million from two companies, including PowerSchool. In May, Lane pleaded guilty to hacking two U.S.…
Breaking News, cyber crime, Cybercrime, data breach, Global Security News
Auction house Sotheby’s disclosed a July data breach
Sotheby’s reported a July 24 breach exposing customer and financial data; it took two months to assess the stolen information and affected individuals. Sotheby’s reported a data breach that exposed customer information, including financial details. The company discovered the security breach on July 24, and investigators spent two months determining what data was stolen and…
Cybercrime, Cybersecurity, Exploits, Global Security News, Government, Ransomware
PowerSchool hacker sentenced to 4 years in prison
A Massachusetts man who previously pleaded guilty to a cyberattack on PowerSchool, exposing data on tens of millions of students and teachers, was sentenced to four years in prison Tuesday — half the amount federal prosecutors sought in sentencing recommendations submitted to the court. Matthew Lane, 20, stole data from PowerSchool belonging to nearly 70…
Breaking News, cyber crime, Cybercrime, Global Security News, malware, Security
Qilin Ransomware announced new victims
Resecurity’s new report details how the Qilin RaaS group relies on global bulletproof hosting networks to support its extortion operations. The following new report by Resecurity will explore the Qilin ransomware-as-a-service (RaaS) operation’s reliance on bullet-proof-hosting (BPH) infrastructures, with an emphasis on a network of rogue providers based in different parts of the world. Qilin…
Cybercrime, Cybersecurity, Financial, Global Security News, Government
Officials crack down on Southeast Asia cybercrime networks, seize $15B
Federal authorities seized 127,271 Bitcoin, valued at approximately $15 billion, from Chen Zhi, the alleged leader of a sprawling cybercrime network based in Cambodia, the Justice Department said Tuesday. Officials said it’s the largest financial seizure on record. “Today’s action represents one of the most significant strikes ever against the global scourge of human trafficking…
Cybercrime, Cybersecurity, Exploits, Global Security News, Ransomware, Research, Threats
Fortra cops to exploitation of GoAnywhere file-transfer service defect
Fortra, in its most forceful admission yet, confirmed a maximum-severity defect it disclosed in GoAnywhere MFT has been actively exploited in attacks, yet researchers are still pressing the vendor to be more forthcoming about how attackers obtained a private key required to achieve exploitation. The vendor published a summary of its investigation into CVE-2025-10035 Thursday,…
Breaking News, Cybercrime, data breach, Global Security News, Security
Customer payment data stolen in Unity Technologies’s SpeedTree website compromise
Malicious code on Unity Technologies’s SpeedTree site skimmed sensitive data from hundreds of customers, the company confirmed. Video game software development firm Unity Technologies revealed that malicious code on its SpeedTree website skimmed sensitive information from hundreds of customers, impacting users who accessed the compromised site. The company discovered on August 26, 2025, the presence…
Breaking News, cyber crime, Cybercrime, Global Security News, malware
Astaroth Trojan abuses GitHub to host configs and evade takedowns
The Astaroth banking Trojan uses GitHub to host malware configs, evade C2 takedowns and stay active by pulling new settings from the platform. McAfee discovered a new Astaroth campaign using GitHub repositories to host malware configurations. This allows attackers to evade takedowns by pulling fresh configs from GitHub whenever C2 servers are shut down, ensuring…