Security Affairs

JANUARY 11, 2025

. “On November 20, 2024, we were notified by a vendor of point-of-sale processing services for some of our retail locations that accounts with their organization had been compromised by an organized cybercrime group.” ” reads the notice of data breach published by the company on its website.

Data breaches

Security Affairs

MARCH 21, 2025

The company exclusively sells exploits to the Russian government and local firms. Strategic Cyber Warfare In geopolitical conflicts, access to Telegram accounts and devices could provide military and intelligence advantages, such as intercepting sensitive communications, and identifying informants. continues the announcement.

Government

Security Affairs

FEBRUARY 6, 2025

Spanish Police arrested an unnamed hacker who allegedly breached tens of government institutions in Spain and the US. Spanish National Police arrested a hacker responsible for multiple cyberattacks on government institutions in Spain and the U.S. Targe including the U.S. Army, UN, NATO, and other agencies.

Cybercrime

Security Affairs

OCTOBER 13, 2024

Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches

Security Affairs

FEBRUARY 17, 2025

Dutch police seized 127 servers of the bulletproof hosting service Zservers/XHost after government sanctions. In 2023, Zservers leased infrastructure, including a Russian IP address, to a Lockbit affiliate” Bulletproof hosting services enable global cybercrime by providing safe havens for threat actors.

Cybercrime

Security Affairs

JANUARY 14, 2025

The malware was operated by a China-linked threat actor, known as Mustang Panda (aka Twill Typhoon, to steal sensitive information from victim computers. According to court documents, the Chinese government paid Mustang Panda to develop PlugX malware, used since 2014 to target U.S., European, and Asian entities. systems. .”

Malware

Security Affairs

JULY 26, 2025

BlackSuit is believed to be a rebrand of Royal ransomware , which the FBI and CISA linked to the Conti cybercrime group, a major player in Russian cybercrime. The BlackSuit ransomware targeted various critical infrastructure sectors, including commercial facilities, healthcare, government, and manufacturing.

Ransomware

Security Boulevard

FEBRUARY 14, 2025

Meanwhile, an informal Tenable poll looks at cloud security challenges. And get the latest on ransomware trends and on cybercrime legislation and prevention! government is urging software makers to adopt secure application-development practices that help prevent buffer overflow attacks.

Banking

Security Affairs

NOVEMBER 15, 2024

The hackers stole 120,000 Bitcoin, and the Bitcoin value significantly dropped after the discovery of the security breach. Since the arrest of the couple, the government has seized another approximately $475 million tied to the cyber heist.

Cryptocurrency

Security Affairs

JUNE 6, 2025

The bounty is part of the US DoS’s Rewards for Justice program , which offers payouts for tips on foreign government hackers targeting U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act (CFAA).” ” reads the U.S. ” continues the announcement.

Malware

Security Affairs

NOVEMBER 30, 2024

Financially-motivated threat actors hacked Uganda ‘s central bank system, government officials confirmed this week. Ugandan officials confirmed on Thursday that the national central bank suffered a security breach by financially-motivated threat actors. The syndicate reportedly received $6M in Japan, according to the Monitor. “It

Banking

Security Affairs

NOVEMBER 27, 2024

Russian-based cybercrime group RomCom (aka UAT-5647 , Storm-0978 , Tropical Scorpius , UAC-0180, UNC2596 ) exploited two Firefox and Tor Browser zero-day vulnerabilities in recent attacks on users across Europe and North America. In the recent attacks, RomCom deployed an updated variant of the RomCom RAT dubbed ‘SingleCamper.’

Cybercrime

Security Affairs

JULY 18, 2025

Based on information from open sources, government experts linked multiple Phobos ransomware variants to Phobos intrusions due to observed similarities in Tactics, Techniques, and Procedures (TTPs). Phobos operation uses a ransomware-as-a-service (RaaS) model, it has been active since May 2019.

Ransomware

Security Affairs

DECEMBER 8, 2024

Hackers stole millions of dollars from Uganda Central Bank International Press Newsletter Cybercrime INTERPOL financial crime operation makes record 5,500 arrests, seizures worth over USD 400 million Hackers Stole $1.49

Artificial Intelligence

Security Affairs

MAY 4, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape io_uring Is Back, This Time as a Rootkit I StealC You: Tracking the Rapid Changes To StealC Interesting WordPress Malware Disguised as Legitimate Anti-Malware Plugin Using Trusted Protocols Against You: Gmail as a C2 (..)

Malware

SecureWorld News

NOVEMBER 14, 2024

This stolen data is often exposed on both the clear and dark web, heightening risks of identity theft and further perpetuating cybercrime. The average data theft per attack is roughly 450 GB, impacting countless individuals and putting their private health information at risk of exploitation.

Healthcare

Security Affairs

JANUARY 3, 2025

“We discovered unauthorized access to our network that resulted in the unauthorized access to, or acquisition of, certain files by an unauthorized actor.

Data breaches

Security Affairs

DECEMBER 3, 2024

Founded in 1985, ENGlobal Corporation designs automated control systems for commercial and government sectors, reporting $6 million in Q3 revenue and $18.4 Securities and Exchange Commission (SEC), the company discovered the attack on November 25. million year-to-date. According to the FORM 8-K report filed with the U.S.

Ransomware

Security Affairs

MARCH 16, 2025

A Micronesian state suffered a ransomware attack and was forced to shut down all computers of its government health agency. A state in Micronesia, the state of Yap, suffered a ransomware attack, forcing the shutdown of all computers in its government health agency. The Department will issue updates as the situation develops.”

Ransomware

Webroot

MARCH 3, 2025

March is a time for leprechauns and four-leaf clovers, and as luck would have it, its also a time to learn how to protect your private data from cybercrime. During this time, many government agencies and consumer protection organizations come together to help educate consumers on how to keep their personal and financial information secure.

Consumer Protection

Security Affairs

DECEMBER 17, 2024

One of these virtual private servers was exclusively employed in attacks against entities across Taiwan, including commercial firms and at least one municipal government organization. The threat actor hosted newly compiled malware on different procured virtual private servers (VPSs). Another VPS node was used to target a U.S.

Architecture

Security Affairs

APRIL 30, 2025

PRODAFT researchers warn of Russia-linked APT group Nebulous Mantis targeting NATO-related defense organizations Nebulous Mantis, a Russian-speaking cyber espionage group (aka Cuba, STORM-0978 , Tropical Scorpius , UNC2596 ), used RomCom RAT and Hancitor since 2019 to target critical infrastructure, governments, and NATO-linked entities.

Encryption

Security Affairs

DECEMBER 10, 2024

Once the credit card details were entered, cybercriminals used them for much higher charges at the controlled merchants registered on money mules.A

Phishing

Security Affairs

MARCH 7, 2025

Medusa demands ransoms from $100,000 to $15 million, victims are organizations in healthcare, non-profits, finance, and government sectors. The group targets known vulnerabilities, mainly in Exchange Server. The researchers speculate that the ransomware group relies on initial access brokers to access target infrastructure.

Ransomware

Security Affairs

NOVEMBER 17, 2024

CISA adds Palo Alto Networks Expedition bugs to its Known Exploited Vulnerabilities catalog Hackers target critical flaw CVE-2024-10914 in EOL D-Link NAS Devices China-linked threat actors compromised multiple telecos and spied on a limited number of U.S.

Cryptocurrency

Security Affairs

DECEMBER 21, 2024

In August 2020, the FBI has issued a security alert about Netwalker ransomware attacks targeting U.S. and foreign government organizations. In July, the FBI warned of NetWalker attacks targeting government organizations. million as a result of the offenses charged in the indictment.

Ransomware

Security Affairs

APRIL 5, 2025

The ransomware gang hit organizations in multiple industries, including education, healthcare, manufacturing, information technology, and government sectors. “The threat actors accessed and downloaded some personal information from previously used Port systems for employee, contractor, and parking data.

Data breaches

Security Affairs

FEBRUARY 9, 2025

US Justice Department says cybercrime forum allegedly affected 17 million Americans Cybercrime is increasingly complex.

Spyware

Security Affairs

JULY 13, 2025

CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog Hunters International ransomware gang shuts down and offers free decryption keys to all victims International Press – Newsletter Cybercrime From electrician to pivot of a million-dollar scam in the financial system: find out who is the IT operator who sold passwords to (..)

Data breaches

SecureWorld News

JULY 9, 2025

State Department employees and reported by The Washington Post , the impersonator used a Signal account with the display name "Marco.Rubio@state.gov," reaching out to diplomats and high-ranking government officials. The imposter was able to use publicly available information to create realistic messages.

Government

Security Affairs

MARCH 10, 2025

The governments latest action officially secures the recovered funds. Authorities seized $24M in frozen assets before they could be withdrawn. This aligns with prior findings that cybercriminals cracked master passwords from LastPass to carry out major heists.

Password Management

Security Affairs

MAY 4, 2025

Every week the best security articles from Security Affairs are free in your email box. Rhysida Ransomware gang claims the hack of the Government of Peru DragonForce group claims the theft of data after Co-op cyberattack U.S. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime

Security Affairs

MAY 1, 2025

“The platform enabled cyber criminals to impersonate more than 200 organizations, including major banks and government institutions, in an effort to collect personal information and banking credentials from unsuspecting victims worldwide. ” reads the Flash Alert published by the FBI.

Phishing

Security Affairs

DECEMBER 29, 2024

” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,data breach)

Data breaches

Security Affairs

APRIL 17, 2025

Mustang Panda has been active since at least 2012, targeting American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican. In the 2022 campaigns, threat actors used European Union reports on the conflict in Ukraine and Ukrainian government reports as lures.

Encryption

Security Affairs

JUNE 15, 2025

CISA adds Wazuh, and WebDAV flaws to its Known Exploited Vulnerabilities catalog Exposed eyes: 40,000 security cameras vulnerable to remote hacking Operation Secure: INTERPOL dismantles 20,000+ malicious IPs in major cybercrime crackdown Over 80,000 servers hit as Roundcube RCE bug gets rapidly exploited A flaw could allow recovery of the phone number (..)

Spyware

Security Affairs

JUNE 19, 2025

The data, structured by URL, login, and password, targets services like Apple, Google, Facebook, Telegram, GitHub, and even government portals. CyberNews researchers speculate that most of the 16 billion leaked records came from stealer malware, credential stuffing , and old breaches.

Data breaches