A 29-year-old Polish man has been charged in connection with a data breach that exposed the personal details of around 2.5 million customers of the popular Polish e-commerce website Morele.net. Read more in my article on the Hot for Security blog.
Category: Guest blog
AI, Global Security News, Guest blog, Law & order, Nigeria, romance scam, Scam
Fake Dubai Crown Prince tracked to Nigerian mansion after $2.5M romance scam
When a Romanian businesswoman fell for a fake Dubai Crown Prince in a $2.5 million romance scam, investigators tracked the fraudster to his Nigerian mansion – only to discover he was masquerading as a campaigning philanthropist. Read more in my article on the Hot for Security blog.
AI, CryptoCurrency, dark web, Global Security News, Guest blog, Incognito Market, Law & order
Incognito Market admin sentenced to 30 years for running $105 million dark web drug empire
He promised “the best security there is” to hundreds of thousands of drug buyers, while quietly making the kind of mistake that guaranteed a 30-year sentence. And maybe training police on cryptocurrency while running a running a vast Tor-hidden drug bazaar wasn’t such a good idea. Read more in my article on the Hot for…
fbi, Global Security News, Guest blog, Law & order, Ransomware
FBI takes notorious RAMP ransomware forum offline
The FBI has seized control of RAMP, a notorious cybercrime online forum that bragged to be the only place that allowed ransomware, and boasted over 14,000 active users. Now some of those users’ details are likely to be in the hands of the police… Read more in my article on the Bitdefender blog.
discord, Global Security News, Guest blog, Hungary, Law & order
Four arrested in crackdown on Discord-based SWATting and doxing
How badly do you want to win an online argument? I certainly hope it’s not enough to put the life of the other person at risk. Police in Hungary and Romania have arrested four young men suspected of making hoax bomb threats and terrorising internet users through SWATting and doxing attacks. Read more in my…
Browser, ChatGPT, Global Security News, Google Chrome, Guest blog, malware
Beware! Fake ChatGPT browser extensions are stealing your login credentials
If you’ve installed a browser extension to enhance your ChatGPT experience, you might want to think again. Read more in my article on the Hot for Security blog.
data breach, Data loss, ESA, Europe, Global Security News, Guest blog
European Space Agency’s cybersecurity in freefall as yet another breach exposes spacecraft and mission data
It has just been a few weeks since reports emerged of the Christmas cyber attack suffered by the European Space Agency (ESA), and the situation has already become worse. Read more in my article on the Hot for Security blog.
Botnet, DDoS, Denial of Service, Global Security News, Guest blog
Pro-Russian denial-of-service attacks target UK, NCSC warns
The UK’s National Cyber Security Centre (NCSC) has issued a warning about the threat posed by distributed denial-of-service (DDoS) attacks from Russia-linked hacking groups who are reported to be continuing to target British organisations. Are you prepared? Read more in my article on the Hot for Security blog.
AI, Artificial Intelligence, Global Security News, Guest blog, Security threats
WEF: AI overtakes ransomware as fastest-growing cyber risk
We can no longer say that artificial intelligence is a “future risk”, lurking somewhere on a speculative threat horizon. The truth is that it is a fast-growing cybersecurity risk that organizations are facing today. That’s not just my opinion, that’s also the message that comes loud and clear from the World Economic Forum’s newly-published “Global…
BreachForums, data breach, Data loss, Global Security News, Guest blog, ShinyHunters
Hackers get hacked, as BreachForums database is leaked
Have you ever stolen data, traded a hacking tool, or just lurked on a dark web forum believing that you are anonymous? If so, I might have some unsettling news for you. Read more in my article on the Hot for Security blog.
Data loss, Global Security News, Guest blog, Law & order, privacy, vulnerability
pcTattletale founder pleads guilty in rare stalkerware prosecution
The founder of a spyware company that encouraged customers to secretly monitor their romantic partners has pleaded guilty to federal charges – marking one of the few successful US prosecutions of a stalkerware operator. Read more in my article on the Hot for Security blog.
Data loss, Global Security News, Guest blog, Law & order, privacy, vulnerability
pcTattletale founder pleads guilty in rare stalkerware prosecution
The founder of a spyware company that encouraged customers to secretly monitor their romantic partners has pleaded guilty to federal charges – marking one of the few successful US prosecutions of a stalkerware operator. Read more in my article on the Hot for Security blog.
Data loss, Global Security News, Guest blog, Law & order, privacy, vulnerability
pcTattletale founder pleads guilty in rare stalkerware prosecution
The founder of a spyware company that encouraged customers to secretly monitor their romantic partners has pleaded guilty to federal charges – marking one of the few successful US prosecutions of a stalkerware operator. Read more in my article on the Hot for Security blog.
Data loss, Global Security News, Guest blog, Law & order, privacy, vulnerability
pcTattletale founder pleads guilty in rare stalkerware prosecution
The founder of a spyware company that encouraged customers to secretly monitor their romantic partners has pleaded guilty to federal charges – marking one of the few successful US prosecutions of a stalkerware operator. Read more in my article on the Hot for Security blog.
Data loss, Global Security News, Guest blog, Law & order, privacy, vulnerability
pcTattletale founder pleads guilty in rare stalkerware prosecution
The founder of a spyware company that encouraged customers to secretly monitor their romantic partners has pleaded guilty to federal charges – marking one of the few successful US prosecutions of a stalkerware operator. Read more in my article on the Hot for Security blog.
Data loss, Global Security News, Guest blog, Law & order, privacy, vulnerability
pcTattletale founder pleads guilty in rare stalkerware prosecution
The founder of a spyware company that encouraged customers to secretly monitor their romantic partners has pleaded guilty to federal charges – marking one of the few successful US prosecutions of a stalkerware operator. Read more in my article on the Hot for Security blog.
Data loss, Global Security News, Guest blog, Law & order, privacy, vulnerability
pcTattletale founder pleads guilty in rare stalkerware prosecution
The founder of a spyware company that encouraged customers to secretly monitor their romantic partners has pleaded guilty to federal charges – marking one of the few successful US prosecutions of a stalkerware operator. Read more in my article on the Hot for Security blog.
Data loss, Global Security News, Guest blog, Law & order, privacy, vulnerability
pcTattletale founder pleads guilty in rare stalkerware prosecution
The founder of a spyware company that encouraged customers to secretly monitor their romantic partners has pleaded guilty to federal charges – marking one of the few successful US prosecutions of a stalkerware operator. Read more in my article on the Hot for Security blog.
Data loss, Global Security News, Guest blog, Law & order, privacy, vulnerability
pcTattletale founder pleads guilty in rare stalkerware prosecution
The founder of a spyware company that encouraged customers to secretly monitor their romantic partners has pleaded guilty to federal charges – marking one of the few successful US prosecutions of a stalkerware operator. Read more in my article on the Hot for Security blog.
Data loss, Global Security News, Guest blog, Law & order, privacy, vulnerability
pcTattletale founder pleads guilty in rare stalkerware prosecution
The founder of a spyware company that encouraged customers to secretly monitor their romantic partners has pleaded guilty to federal charges – marking one of the few successful US prosecutions of a stalkerware operator. Read more in my article on the Hot for Security blog.
Data loss, Global Security News, Guest blog, Law & order, privacy, vulnerability
pcTattletale founder pleads guilty in rare stalkerware prosecution
The founder of a spyware company that encouraged customers to secretly monitor their romantic partners has pleaded guilty to federal charges – marking one of the few successful US prosecutions of a stalkerware operator. Read more in my article on the Hot for Security blog.
Data loss, Global Security News, Guest blog, Law & order, privacy, vulnerability
pcTattletale founder pleads guilty in rare stalkerware prosecution
The founder of a spyware company that encouraged customers to secretly monitor their romantic partners has pleaded guilty to federal charges – marking one of the few successful US prosecutions of a stalkerware operator. Read more in my article on the Hot for Security blog.
Data loss, Global Security News, Guest blog, Law & order, privacy, vulnerability
pcTattletale founder pleads guilty in rare stalkerware prosecution
The founder of a spyware company that encouraged customers to secretly monitor their romantic partners has pleaded guilty to federal charges – marking one of the few successful US prosecutions of a stalkerware operator. Read more in my article on the Hot for Security blog.
Coinbase, CryptoCurrency, data breach, Data loss, Global Security News, Guest blog
Coinbase insider who sold customer data to criminals arrested in India
Police in India have arrested a former Coinbase customer service agent who is believed to have been bribed by cybercriminal gangs to access sensitive customer information. Read more in my article on the Hot for Security blog.
Facebook, Global Security News, Google, Guest blog, privacy, Ray-Ban
Surveillance at sea: Cruise firm bans smart glasses to curb covert recording
If you’re planning a cruise for your holidays, and cannot bear the idea of being parted from your Ray-Ban Meta smart glasses, you may want to avoid sailing with MSC Cruises. The cruise line has updated its list of prohibited items, specifically banning smart glasses and similar wearable devices from public areas. Read more in…
Global Security News, Guest blog, Law & order, malware, Spyware
Man jailed for teaching criminals how to use malware
A 49-year-old man has received a five-and-a-half year jail sentence after admitting to creating detailed video tutorials that showed members of a criminal gang how to infect Android phones with spyware and drain their bank accounts. Read more in my article on the Hot for Security blog.
AI, Data loss, Global Security News, Guest blog, phishing, Security threats
Gartner tells businesses to block AI browsers now
Analyst firm Gartner has issued a blunt warning to organizations: Agentic AI browsers introduce serious new security risks and should be blocked “for the foreseeable future.” Read more in my article on the Fortra blog.
FinCEN, Global Security News, Guest blog, North America, Ransomware
Ransomware may have extorted over $2.1 billion between 2022-2024, but it’s not all bad news, claims FinCEN report
A new report from the United States’s Financial Crimes Enforcement Network (FinCEN) has shone a revealing light on the state of the criminal industry of ransomware. The report, which examines ransomware incidents from 2022 to 2024, reveals that attackers extorted more than $2.1 billion over the three-year period. Yes, that number is enormous – but…
data breach, Data loss, Global Security News, Guest blog, Ireland
Four years later, Irish health service offers €750 to victims of ransomware attack
Remember when a notorious ransomware gang hit the Irish Health Service back in May 2021? Four years on, and it seems victims who had their data exposed will finally receive compensation. Read more in my article on the Hot for Security blog.
CryptoCurrency, Global Security News, Guest blog, Law & order, Social Engineering
California man admits role in $263 million cryptocurrency theft that funded lavish lifestyle
When you spend half a million dollars in a single night at a nightclub, purchase exotic cars worth millions, and rent mansions under false names, you are risking drawing attention to yourself… Read more in my article on the Hot for Security blog.
DDoS, Denial of Service, Global Security News, Guest blog
Why the record-breaking 30 Tbps DDoS attack should concern every business
A new warning about the threat posed by Distributed Denial of Service (DDoS) attacks should make you sit up and listen. Read more in my article on the Fortra blog.
Global Security News, Guest blog, Law & order, malware, phishing
FBI warns of surge in account takeover (ATO) fraud schemes – what you need to know
The FBI has recently issued a public service announcement that warns that since January 2025 there have been more than 5,100 complaints of account takeover fraud, and total reported losses in excess of US $262 million. Read more in my article on the Fortra blog.
data breach, Data loss, Global Security News, Guest blog, malware, Ransomware
Asahi cyber attack spirals into massive data breach impacting almost 2 million people
Asahi Group Holdings, the makers of the popular Japanese beer Asahi Super Dry, has confirmed that the ransomware attack that disrupted its operations in late September also saw a significant data breach that affects more than 1.5 million customers and approximately 275,000 current and former employees and their families. Read more in my article on…
Data loss, Global Security News, Guest blog, Law & order, malware, Mobile
State-backed spyware attacks are targeting Signal and WhatsApp users, CISA warns
CISA, the US Cybersecurity and Infrastructure Security Agency, has issued a new warning that cybercriminals and state-backed hacking groups are using spyware to compromise smartphones belonging to users of popular encrypted messaging apps such as Signal, WhatsApp, and Telegram. Read more in my article on the Hot for Security blog.
AI, Artificial Intelligence, Data loss, Global Security News, Guest blog, Security threats
Shadow AI security breaches will hit 40% of all companies by 2030, warns Gartner
Shadow AI – the use of artificial intelligence tools by employees without a company’s approval and oversight – is becoming a significant cybersecurity risk. Read more in my article on the Fortra blog.
Botnet, Europol, Global Security News, Guest blog, Law & order, malware
Operation Endgame disrupts Rhadamanthys information-stealing malware
International cybercrime-fighting agencies, co-ordinated by Europol, took down over 1000 servers and seized 20 domains earlier this month as part of Operation Endgame 3.0. Their target? Three major malware platforms: the infostealer known as Rhadamanthys, the VenomRAT remote access trojan, and the Elysium botnet. Read more in my article on the Hot for Security blog.
Global Security News, Guest blog, Law & order, Ransomware, Security threats
UK’s new cybersecurity bill takes aim at ransomware gangs and state-backed hackers
After years of delays, the UK government has finally introduced landmark cybersecurity legislation that could reshape how British organisations defend against digital attacks. Read more in my article on the Fortra blog.
energy, Global Security News, Guest blog, Law & order
Wind farm worker sentenced after turning turbines into a secret crypto mine
A technical manager at a Dutch wind farm operator has been sentenced after it was discovered he had secretly installed cryptocurrency mining rigs at two wind farm sites – just as the company was recovering from a ransomware attack. Read more in my article on the Hot for Security blog.
data breach, Data loss, extortion, Global Security News, Guest blog, Ransom
A miracle: A company says sorry after a cyber attack – and donates the ransom to cybersecurity research
One of the sad truths about this world of seemingly endless hacks and data breaches is that companies just won’t apologise. Even when customers, partners, and employees are left wondering when their data will be published by malicious hackers on the dark web, breached organisations will seemingly do everything they can to avoid saying what…
AI, api, Artificial Intelligence, Data loss, Global Security News, Guest blog
Leading AI companies accidentally leak their passwords and digital keys on GitHub – what you need to know
Many of the world’s top artificial intelligence companies are making a simple but dangerous mistake. They are accidentally publishing their passwords and digital keys on GitHub, the popular code-sharing website that is used by millions of developers every day. Read more in my article on the Fortra blog.
Global Security News, Guest blog, Law & order, malware, North America, Ransomware
Russian hacker admits helping Yanluowang ransomware infect companies
A Russian hacker accused of helping ransomware gangs break into businesses across the United States is set to plead guilty, according to recently filed federal court documents. 25-year-old Aleksey Olegovich Volkov worked as an “initial access broker”, a cybercriminal specialist who focuses on the earliest stage of an attack: gaining the first foothold inside a…
Global Security News, Guest blog, radio, Ransomware, tv
Hack halts Dutch broadcaster, forcing radio hosts back to LPs
A Dutch TV and radio broadcaster has found itself at the mercy of cybercriminals after suffering a cyber attack, and leaving it scrambling to find ways to play music to its listeners. Read more in my article on the Hot for Security blog.
Global Security News, Guest blog, Security threats, water supply
The rising tide of cyber attacks against the UK water sector
Critical infrastructure is once again in the spotlight, as it is revealed that several UK water suppliers have reported cybersecurity incidents over the last two years. Read more in my article on the Fortra blog.
Data loss, Global Security News, Guest blog, Law & order, malware
“Pay up or we share the tapes”: Hackers target massage parlour clients in blackmail scheme
South Korean police have uncovered a hacking operation that stole sensitive data from massage parlours and blackmailed their male clientele. Read more in my article on the Hot for Security blog.
Global Security News, Guest blog, Law & order, Mobile, SMS, spam
Spam text scammer fined £200,000 for targeting people in debt, after sending nearly one million messages
The UK Information Commissioner’s Office (ICO) has levied a fine of £200,000 against a sole trader who sent almost one million spam text messages to people across the country – many of whom were already struggling with debt. Read more in my article on the Hot for Security blog.
AI, Artificial Intelligence, Global Security News, Guest blog, LinkedIn, Microsoft
LinkedIn gives you until Monday to stop AI from training on your profile
If you live in the UK/EU/Canada/Hong Kong, LinkedIn has given you until Monday to stop AI from training on your profile. You have to opt-out if you don’t want this to happen to your data. Take action now, and tell your friends. Read more in my article on the Hot for Security blog.
Data loss, Global Security News, Guest blog, Law & order, Podcast, Security threats
Smashing Security podcast #440: How to hack a prison, and the hidden threat of online checkouts
A literal insider threat: we head to a Romanian prison where “self-service” web kiosks allowed inmates to run wild. Then we head to the checkout aisle to ask why JavaScript on payment pages went feral, and how new PCI DSS rules are finally muzzling Magecart-style skimmers. Plus: Graham reveals his new-found superpower with Keyboard Maestro,…
Global Security News, Guest blog, Lumma Stealer, malware
Cybercriminals turn on each other: the story of Lumma Stealer’s collapse
Normally when we write about a malware operation being disrupted, it’s because it has been shut down by law enforcement. But in the case of Lumma Stealer, a notorious malware-as-a-service (MaaS) operation used to steal passwords and sensitive data, it appears to have been sabotaged by other cybercriminals. Read more in my article on the…
data breach, Data loss, Global Security News, Guest blog, Law & order
John Bolton charged over classified emails after Iranian hack of his AOL account
Former US national security adviser John Bolton is the latest in a line of Donald Trump’s critics to find themselves on the sharp end of charges from the US Department of Justice. Bolton, who left the White Hose in 2021 and wrote a tell-all memoir describing Trump as unfit for office and “stunningly uninformed,” has…
data breach, Data loss, Global Security News, Guest blog, Law & order
Hundreds of masked ICE agents doxxed by hackers, as personal details posted on Telegram
Hundreds of US government officials working for the FBI, ICE, and Department of Justice have had their personal data leaked by a notorious hacking group. Read more in my article on the Hot for Security blog.
CryptoCurrency, Europe, Germany, Global Security News, Guest blog, Law & order
Operation Heracles strikes blow against massive network of fraudulent crypto trading sites
In a significant crackdown against online cybercriminals, German authorities have successfully dismantled a network of fraudulent cryptocurrency investment sites that has targeted millions of unsuspecting people across Europe. Read more in my article on the Hot for Security blog.
Global Security News, Guest blog, Incident Response, Law & order, Ransomware, Security threats
NCSC warns companies to prepare for a day when your screens go dark
The UK’s National Cyber Security Centre warns that the country now faces four nationally significant cyberattacks every week – a 129% jump in a year. Some headlines claim the NCSC is urging organisations to “go back to pen and paper,” but the full report tells a more practical story about resilience, preparedness, and surviving a…
BreachForums, data breach, Data loss, Global Security News, Guest blog, Law & order
BreachForums seized, but hackers say they will still leak Salesforce data
Read more in my article on the Hot for Security blog.
data breach, Data loss, Global Security News, Guest blog, Salesforce, vishing
Salesforce data breach: what you need to know
The Scattered LAPSUS$ Hunters hacking group claims to have accessed data from around 40 customers of Salesforce, the cloud-based customer relationship management service, stealing almost one billion records. Read more in my article on the Fortra blog.
data breach, Data loss, discord, Global Security News, Guest blog
Discord users’ data stolen by hackers in third-party data breach
Discord has confirmed that users who contacted its customer support service have had their data stolen by hackers, who have attempted to extort a ransom from the company. Read more in my article on the Hot for Security blog.
Global Security News, Guest blog, malware, Ransomware
Japan running dry: Ransomware attack leaves nation days away from Asahi beer shortage
Beer lovers will be sobbing into their pints at the news that a ransomware attack has brought Japan’s largest brewer to its knees and left the country days away from running out of its most popular beverage. Read more in my article on the Hot for Security blog.
Android, Data loss, encryption, Exploits, Global Security News, Guest blog, iOS
Your favourite phone apps might be leaking your company’s secrets
Most of the apps on your phone are talking to a server somewhere – sending and receiving data through messages sent through APIs, the underlying infrastructure that allows apps to communicate. And here’s the problem – hackers have determined that the APIs of mobile apps, when left visible and exploitable, can be a goldmine. Read…
Global Security News, Guest blog, Law & order, romance scam, Scam, Sextortion
From fake lovers to sextortionists: 260 scammers arrested across Africa
INTERPOL has announced the arrest of 260 alleged romance scammers, sextortionists, and online fraudsters as part of a multi-national operation across Africa. Read more in my article on the Hot for Security blog.
Global Security News, Guest blog, Law & order, Netherlands, Russia, Telegram
Dutch teens recruited on Telegram, accused of Russia-backed hacking plot
Two 17-year-olds have been arrested by Dutch authorities on suspicion of spying for pro-Russian hackers. The teenagers, who are said to have been recruited as “disposable agents” via Telegram, were reportedly arrested last week “on suspicion that are linked to government-sponsored interference.” Read more in my article on the Hot for Security blog.
data breach, Data loss, Global Security News, Guest blog, malware, Ransomware
INC ransomware: what you need to know
INC is the name of a ransomware-as-a-service (RaaS) operation that first appeared in late summer 2023. Learn more about what it has been up to, and how to protect against its attacks, in my article on the Fortra blog.
data breach, Data loss, Global Security News, Guest blog, Law & order, privacy
Vastaamo psychotherapy hack: US citizen charged in latest twist of notorious data breach
28-year-old Daniel Lee Newhard, an American citizen living in Estonia, has been charged in relation to the notorious hack of Vastaamo, the biggest data breach in Finnish history. Read more in my article on the Hot for Security blog.
BreachForums, Data loss, Global Security News, Guest blog, Law & order, malware
“Pompompurin” resentenced: BreachForums creator heads back behind bars
Conor Brian Fitzpatrick, the creator of the notorious BreachForums hacking forum, has been resentenced to three years in prison after a US appeals court overturned his prior sentence of time served and 20 years of supervised release. Read more in my article on the Hot for Security blog.
Global Security News, Guest blog, hacking, Law & order, Security threats
From mischief to malware: ICO warns schools about student hackers
Recent research released by the ICO say that school pupils should be considered as an “insider threat” by schools. Read more in my article on the Fortra blog.
data breach, Data loss, Global Security News, Gucci, Guest blog, Ransomware
Luxury fashion brands Gucci, Balenciaga and Alexander McQueen hacked – customer data stolen
Luxury fashion group Kering – owner of the prestigious Gucci, Balenciaga, and Alexander McQueen brands, amongst others – has confirmed that hackers stole customer data from its systems in June 2025. Read more in my article on the Hot for Security blog.
data breach, Data loss, Global Security News, Guest blog, rail
British rail passengers urged to stay on guard after hack signals failure
Passengers of the UK’s state-owned London North Eastern Railway (LNER) have been warned to be vigilant after cybercriminals accessed traveller’s contact details and some information about past journeys. Read more in my article on the Hot for Security blog.
Data loss, Global Security News, Guest blog, Law & order, malware, Ransomware
US charges suspected ransomware kingpin, and offers $10 million bounty for his capture
A US federal court has unssealed charges against a Ukrainian national who authorities allege was a key figure behind several strains of ransomware, including LockerGoga, MegaCortex, and Nefilim. Read more in my article on the Fortra blog.
data breach, Data loss, Global Security News, Guest blog, RansomHub, Ransomware
Lovesac warns customers their data was breached after suspected RansomHub attack six months ago
American furniture maker Lovesac, known for its modular couches and comfy beanbags, has warned customers that their data was breached by hackers earlier this year, and that they should remain vigilant to the threat of identity theft. Read more in my article on the Hot for Security blog.
critical infrastructure, Data loss, Global Security News, Guest blog, Law & order, Security threats
Germany charges hacker with Rosneft cyberattack in latest wake-up call for critical infrastructure
A 30‑year‑old man has been charged with launching a cyberattack on the German subsidiary of Russia’s state-owned oil giant Rosneft. The cyberattack, which happened in March 2022 in the aftermath of Russia’s invasion of Ukraine, crippled the company’s operations and cost millions of euros in damages. Read more in my article on the Exponential-e blog.
children, Global Security News, Guest blog, Law & order, location tracking, North America, privacy
Parents warned that robot toys spied on children’s location without consent
Parents are being reminded to exercise caution about the toys that they purchase their children, after the United States Federal Trade Commission (FTC) announced it had taken action against a robot toy maker. Read more in my article on the Hot for Security blog.
Global Security News, Guest blog, Scam, technical support scam
FBI warns seniors are being targeted in three-phase Phantom Hacker scams
The FBI’s Internet Crime Complaint Center (IC3) says that the elderly are more at risk from falling victim to online fraud and internet scammers than ever before. Read more in my article on the Fortra blog.
Global Security News, grades, Guest blog, Law & order, school
Hacker suspected of trying to cheat his way into university is arrested in Spain
Spanish police have arrested a suspected hacker for accessing a government website in order to alter the high school and university entrance exam grades of not only himself, but also some of his closest classmates. Read more in my article on the Hot for Security blog.
data breach, Data loss, Global Security News, Guest blog, malware, Ransomware
Cephalus ransomware: What you need to know
Cephalus is a relatively new ransomware operation that emerged in mid-2025, and has already been linked to a wave of high-profile data leaks. Read more about it in my article on the Fortra blog.
CryptoCurrency, Global Security News, Guest blog, Hacked celebrities, Law & order
Alleged mastermind behind K-Pop celebrity stock heist extradited to South Korea
A suspected hacker, believed to be the mastermind behind an organised campaign of attacks that stole millions of dollars worth of stocks from celebrities, including BTS singer Jung Kook, has been extradited to South Korea. Read more in my article on the Hot for Security blog.
Global Security News, Guest blog, Law & order, malware, Ransomware
Europol says Telegram post about $50,000 Qilin ransomware award is fake
Some cybersecurity news outlets were duped a few days ago by a claim that Europol was offering a $50,000 bounty for information about two members of the Qilin ransomware group. Turns out it was all a hoax. Read more details about what happened in my article on the Hot for Security blog
Data loss, Global Security News, Guest blog, malware, Ransomware
Blue Locker ransomware hits critical infrastructure – is your organisation ready?
Critical infrastructure organisations are once again being warned of the threat posed by malicious cybercriminals, following a ransomware attack against a state-owned energy company in Pakistan. Read more in my article on the Exponential-e blog.
Data loss, Global Security News, Guest blog, malware, Ransomware
Warlock ransomware: What you need to know
The Warlock ransomware has hit a number of organisations including government agencies and departments, and most recently UK-based telecoms firm Colt. Read more in my article on the Fortra blog.
citrix, Global Security News, Guest blog, Law & order, vulnerability
Speed cameras knocked out after cyber attack
A hack of the Netherlands’ Public Prosecution Service has had an unusual side effect – causing some speed cameras to be no longer capturing evidence of motorists breaking the rules of the road. Read more in my article on the Hot for Security blog.
Global Security News, Guest blog, MedusaLocker, penetration testing, Ransomware, vulnerability
The MedusaLocker ransomware gang is hiring penetration testers
MedusaLocker, the ransomware-as-a-service group that has been active since 2019 is openly recruiting for penetration testers to help it compromise more businesses. Read more in my article on the Fortra blog.
CryptoCurrency, Global Security News, Guest blog, Law & order, North America, Ransomware
US reveals it seized $1 million worth of Bitcoin from Russian BlackSuit ransomware gang
The United States Department of Justice has revealed that the recent takedown of the BlackSuit ransomware gang’s servers, domains, and dark web extortion site, also saw the seizure of US $1,091,453 worth of cryptocurrency. Read more in my article on the Hot for Security blog.
Data loss, Global Security News, Guest blog, Law & order, malware, Ransomware
Ransomware plunges insurance company into bankruptcy
Collapsed company’s founder says that its fortunes were hampered by the refusal of authorities to release the criminals’ seized funds to victims. Read more in my article on the Fortra blog.
data breach, Data loss, Global Security News, Guest blog, Russia, submarine
Ukraine claims to have hacked secrets from Russia’s newest nuclear submarine
Ukraine’s Defence Intelligence agency (HUR) claims that its hackers have successfully stolen secret files and classified data on a state-of-the-art Russian nuclear submarine, the “Knyaz Pozharsky.” Read more in my article on the Hot for Security blog.
Global Security News, Guest blog, vulnerability, wordpress
200,000 WordPress websites at risk of being hijacked due to vulnerable Post SMTP plugin
Over 200,000 websites running a vulnerable version of a popular WordPress plugin could be at risk of being hijacked by hackers. Read more in my article on the Hot for Security blog.
data breach, Data loss, Europe, Global Security News, Guest blog, submarine
French submarine secrets surface after cyber attack
European defence giant Naval Group has confirmed that it is investigating an alleged cyber attack which has seen what purports to be sensitive internal data published on the internet by hackers. Read more in my article on the Hot for Security blog.
encryption, Global Security News, Guest blog, malware, phobos, Ransomware
Free decryptor for victims of Phobos ransomware released
There is good news for any organisation which has been hit by the Phobos ransomware. Japanese police have released a free decryptor capable of recovering files encrypted by both the notorious Phobos ransomware, and its offshoot 8Base. Read more in my article on the Fortra blog.
Global Security News, Guest blog, Law & order, Ransomware
UK to ban public sector from paying ransomware demands
Ransomware, considered by British authorities to be the UK’s greatest cybercrime threat, costing the nation billions of pounds and with the capbility to bring essential services to a standstill, is in the gunsights of government. Read more in my article on the Hot for Security blog.
DDoS, Denial of Service, Europe, Global Security News, Guest blog, Law & order, Russia
Europol targets Kremlin-backed cybercrime gang NoName057(16)
The hacking group NoName057(16) has been operating since 2022, launching cyber attacks on government organisations, media bodies, critical infrastructure, and private companies in Ukraine, America, Canada, and across Europe in a seeming attempt to silence voices that the group considers anti-Russian. Read more in my article on the Hot for Security blog.
Global Security News, Guest blog, Law & order, malware, NAS, Ransomware
Police dismantle DiskStation ransomware gang targeting NAS devices, arrest suspected ringleader
Police have struck a blow against the DiskStation ransomware gang which targets Synology NAS devices, and arresting its suspected ringleader. Make sure that you have properly hardened the security of your Network Access Storage devices to reduce the chances of your data being locked up by a ransomware attack. Read more in my article on…
CryptoCurrency, Global Security News, Guest blog, Law & order, Mobile, Nicholas Truglia
SIM scammer’s sentence increased to 12 years, after failing to pay back victim $20 million
Read more in my article on the Hot for Security blog.
France, Global Security News, Guest blog, Law & order, Ransomware
Russian basketball player arrested in ransomware case despite being “useless with computers”
A Russian professional basketball player has been arrested for allegedly acting as a negotiator for a ransomware gang… and despite his lawyer claiming he’s “useless” with computers. Read more in my article on the Hot for Security blog.
Global Security News, Guest blog, malware, Ransomware
AiLock ransomware: What you need to know
The AiLock ransomware gang gives its victims just 72 hours to respond and five days to pay up… or else. If you don’t comply? They will grass you up to regulators, email your competitors, and leak your data for good measure. What a lovely bunch of cybercriminals… Read more in my article on the Fortra…
Banking, Global Security News, Guest blog, Law & order
Employee arrested after Brazil’s central bank service provider hacked for US $140 million
This month could barely have started any worse for some financial institutions in Brazil. Approximately US $140 million was stolen from the reserve accounts of six financial institutions after a cyber attack hit a service provider. Read more in my article on the Hot for Security blog.
Data loss, Global Security News, Guest blog, Hunters International, malware, Ransomware
Hunters International ransomware group shuts down – but will it regroup under a new guise?
The notorious Hunters International ransomware-as-a-service operation has announced that it has shut down, in a message posted on its dark web leak site. In a statement on its extortion site, the ransomware group says that it has not only “decided to close the Hunters International project” but is also offering free decryption tools to its…
data breach, Data loss, Global Security News, Guest blog, malware, Ransomware
Swiss government warns attackers have stolen sensitive data, after ransomware attack at Radix
The Swiss government has issued a warning after a third-party service provider suffered a ransomware attack, which saw sensitive information stolen from its systems and leaked onto the dark web. Read more in my article on the Fortra blog.
France, Global Security News, Guest blog, Law & order, Mobile, sim swap
50 customers of French bank hit after insider helped SIM swap scammers
French police have arrested a business student interning at the bank Société Générale who is accused of helping SIM-swapping scammers to defraud 50 of its clients. Read more in my article on the Hot for Security blog.
BreachForums, data breach, Data loss, Global Security News, Guest blog, Law & order
BreachForums broken up? French police arrest five members of notorious cybercrime site
Suspected high-ranking members of one of the world’s largest online marketplaces for leaked data have been arrested by French police. Read more in my article on the Hot for Security blog.
Data loss, Global Security News, Guest blog, malware, Ransomware
SafePay ransomware: What you need to know
SafePay is a relatively new ransomware that is making a big impact. Find out how it is different from other ransomware, and read more in my article on the Fortra blog.
Global Security News, Guest blog, malware, phishing, Ransomware
Cybercrime is surging across Africa
A new INTERPOL report has sounded the alarm over a dramatic increase in cybercrime across Africa, with digital crime now accounting for a significant proportional of all criminal activity across the continent. Read more in my article on the Hot for Security blog.
data breach, Data loss, Global Security News, Guest blog, Krispy Kreme
Krispy Kreme hack exposed sensitive data of over 160,000 people
Krispy Kreme, the dispenser of delectable doughnuts, has revealed that an astonishingly wide range of personal information belonging to past and present employees, as well as members of their families, was accessed by hackers during a cyber attack last year. Read more in my article on the Hot for Security blog.
Global Security News, Guest blog, malware, Qilin, Ransomware
Qilin offers “Call a lawyer” button for affiliates attempting to extort ransoms from victims who won’t pay
Imagine for one moment that you are a cybercriminal. You have compromised an organisation’s network, you have stolen their data, you have encrypted their network, and you are now knee-deep in the ransomware negotiation. However, there’s a problem. Your target is stalling for time. Who can you, as the perpetrator of the crime rather than…
Global Security News, Guest blog, Law & order, malware, Ransomware
Ransomware gang busted in Thailand hotel raid
In a dramatic raid at a hotel in central Pattaya this week, Thai police have unearthed a criminal gang that was operating a ransomware and illicit gambling operation. Read more in my article on the Hot for Security blog.