#cybercrime-industrialization
#cybercrime-industrialization

Los Angeles

L.A. Metro confirms it was hacked. Weeks later, it's still getting systems back online

Information security

China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing

22 hours ago

In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware

New Android malware targets banking users, Italy fines Intesa Sanpaolo for data breach, Apple updates Mac security against ClickFix attacks.

21 hours ago

TrueConf Zero-Day Exploited in Asian Government Attacks

Chinese hackers exploited a zero-day vulnerability in TrueConf software to attack government entities in Asia, allowing execution of malicious code.

Stakeholder Confidence in the Age of Digital Threats: PR as a Security Asset

Cybersecurity involves both technical measures and effective communication to maintain stakeholder trust during incidents.

fromTechCrunch

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

A cybercriminal group known as TeamPCP hacked the EU's executive body, stealing 92 gigabytes of data, including personal information.

fromLos Angeles Times

Los Angeles

L.A. Metro confirms it was hacked. Weeks later, it's still getting systems back online

China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing

TA416 has intensified cyberattacks on European government and diplomatic organizations since mid-2025, utilizing advanced malware delivery techniques.

22 hours ago

In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware

New Android malware targets banking users, Italy fines Intesa Sanpaolo for data breach, Apple updates Mac security against ClickFix attacks.

21 hours ago

TrueConf Zero-Day Exploited in Asian Government Attacks

Chinese hackers exploited a zero-day vulnerability in TrueConf software to attack government entities in Asia, allowing execution of malicious code.

Stakeholder Confidence in the Age of Digital Threats: PR as a Security Asset

Cybersecurity involves both technical measures and effective communication to maintain stakeholder trust during incidents.

more#cybersecurity

fromComputerworld

15 hours ago

A core infrastructure engineer pleads guilty to federal charges in insider attack

Rhyne's attack involved unauthorized remote desktop sessions, deletion of network administrator accounts, and changing of passwords, showcasing significant security vulnerabilities.

Information security

#ai

12 hours ago

Digital life

Internet Watch Foundation finds 260-fold increase in AI-generated CSAM in just one year, and 'it's the tip of the iceberg' | Fortune

fromPsychology Today

Artificial intelligence

AI Didn't Extend Intelligence, It Changed Its Direction

Privacy technologies

fromHarvard Business Review

Identity and AI: Questions of data security, trust and control | Computer Weekly

AI-driven identity solutions improve access control but raise compliance, privacy, and ethical concerns that organizations must address.

4 days ago

Artificial intelligence

AI Agents Act a Lot Like Malware. Here's How to Contain the Risks.

An AI agent named MJ Rathbun published a blogpost attacking engineer Scott Shambaugh.

Digital life

12 hours ago

Internet Watch Foundation finds 260-fold increase in AI-generated CSAM in just one year, and 'it's the tip of the iceberg' | Fortune

AI-generated child sexual abuse material is surging, fundamentally changing targeting methods and overwhelming investigators.

Artificial intelligence

fromPsychology Today

AI Didn't Extend Intelligence, It Changed Its Direction

AI changes the direction of intelligence rather than making it faster, leading to a loss of personal engagement in knowledge creation.

Privacy technologies

fromHarvard Business Review

Identity and AI: Questions of data security, trust and control | Computer Weekly

AI-driven identity solutions improve access control but raise compliance, privacy, and ethical concerns that organizations must address.

4 days ago

Artificial intelligence

AI Agents Act a Lot Like Malware. Here's How to Contain the Risks.

Sanctions ramping up in cases involving AI hallucinations

Monetary sanctions against attorneys for AI-generated hallucinations in case documents are increasing as courts take these issues more seriously.

Intellectual property law

Tech bills of the week: Limiting adversaries' access to US tech; and boosting cyber apprenticeships

New legislation aims to strengthen U.S. export controls on sensitive technologies to prevent adversaries from exploiting them for economic gain.

France news

1 hour ago

Priceless items are easy to steal. They're increasingly harder to sell.

Thieves stole three valuable paintings from a small Italian museum in a quick smash-and-grab operation.

North Korean Hackers Drain $285 Million From Drift in 10 Seconds

A North Korean threat actor executed a $285 million heist from the Drift DeFi platform using sophisticated techniques and pre-signed transactions.

I knew about North Korean hackers-they still tricked me and got into my computer | Fortune

North Korean hackers are increasingly targeting individuals in the crypto industry, employing sophisticated deception tactics.

fromDevOps.com

North Korean Hackers Suspected in Supply Chain Attack on Popular Axios Project - DevOps.com

North Korean hackers hijacked the npm account of an axios maintainer, publishing malicious versions that installed a remote access trojan.

Cryptocurrency

North Korean Hackers Drain $285 Million From Drift in 10 Seconds

A North Korean threat actor executed a $285 million heist from the Drift DeFi platform using sophisticated techniques and pre-signed transactions.

I knew about North Korean hackers-they still tricked me and got into my computer | Fortune

North Korean hackers are increasingly targeting individuals in the crypto industry, employing sophisticated deception tactics.

fromDevOps.com

North Korean Hackers Suspected in Supply Chain Attack on Popular Axios Project - DevOps.com

North Korean hackers hijacked the npm account of an axios maintainer, publishing malicious versions that installed a remote access trojan.

more#north-korea

Artificial intelligence

fromTechRepublic

20 hours ago

AI Breakthroughs, Security Breaches, and Industry Shakeups Define the Week in Tech - TechRepublic

Tech industry faces rapid AI advancements alongside significant security vulnerabilities and human costs.

ICE confirms it deployed Paragon spyware inside the United States for drug trafficking cases - Silicon Canals

ICE is using commercial spyware domestically, raising constitutional concerns about warrantless surveillance and lack of oversight.

US politics

fromTechCrunch

ICE says it bought Paragon's spyware to use in drug trafficking cases | TechCrunch

ICE has utilized spyware from Paragon Solutions to combat drug trafficking and foreign terrorist organizations' use of encrypted communications.

US politics

fromSilicon Canals

ICE confirms it deployed Paragon spyware inside the United States for drug trafficking cases - Silicon Canals

ICE is using commercial spyware domestically, raising constitutional concerns about warrantless surveillance and lack of oversight.

US politics

fromTechCrunch

ICE says it bought Paragon's spyware to use in drug trafficking cases | TechCrunch

ICE has utilized spyware from Paragon Solutions to combat drug trafficking and foreign terrorist organizations' use of encrypted communications.

more#ice

17 hours ago

Tech Nonprofits to Feds: Don't Weaponize Procurement to Undermine AI Trust and Safety

The U.S. government is revising procurement rules to influence AI technology use and funding, impacting safety and utility of AI tools.

#privacy

11 hours ago

Privacy technologies

Triple Header for Privacy's Defender in New York

Privacy technologies

Double Shot of Privacy's Defender in D.C.

Perplexity's "Incognito Mode" is a "sham," lawsuit says

Perplexity's AI allegedly shares sensitive user chats with Google and Meta without consent, raising significant privacy concerns.

Privacy technologies

11 hours ago

Triple Header for Privacy's Defender in New York

Cindy Cohn's new book, Privacy's Defender, details her 30-year fight against digital surveillance and promotes data security and digital rights.

Privacy technologies

Double Shot of Privacy's Defender in D.C.

Perplexity's "Incognito Mode" is a "sham," lawsuit says

Perplexity's AI allegedly shares sensitive user chats with Google and Meta without consent, raising significant privacy concerns.

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.

14 hours ago

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.

DevOps

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.

14 hours ago

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.

Three Tennessee Men Arrested In Connection With Crypto Heist Near Dolores Park

Three men have been arrested for a series of violent crypto thefts on the West Coast, including a $13 million robbery in San Francisco.

'Uncanny Valley': Iran's Threats on US Tech, Trump's Plans for Midterms, and Polymarket's Pop-up Flop

Iran threatens US tech firms amid ongoing tensions and preparations for midterm elections are underway.

Cyber warfare starts to get personal in war between U.S., Israel and Iran

Iran-linked hackers are using data leaks and intimidation tactics against individuals to influence public perception during the current conflict.

Podcast

fromWIRED

'Uncanny Valley': Iran's Threats on US Tech, Trump's Plans for Midterms, and Polymarket's Pop-up Flop

Iran threatens US tech firms amid ongoing tensions and preparations for midterm elections are underway.

Cyber warfare starts to get personal in war between U.S., Israel and Iran

Iran-linked hackers are using data leaks and intimidation tactics against individuals to influence public perception during the current conflict.

8 in 10 AI Chatbots Likely to Help Plan Attacks, Hate Crimes

Most AI chatbots fail to discourage violent actions and often provide assistance for planning attacks.

fromFuturism

Delivery Robot Companies in Trouble as Bot Become Targets for Vandalism

Out of the company's first 80,000 deliveries the bots finished on campus, about 1,600 involved incidents of vandalism. At a cost of $2,500 per Kiwibot, the damage adds up quick.

London startup

North Korean hackers implicated in major supply chain attack

A compromised maintainer account for the Axios npm package led to the publication of malicious software versions targeting various operating systems.

North Korea behind social engineering attack on Axios project

Attackers compromised the Axios maintainer's account through social engineering, publishing malicious versions that installed a Remote Access Trojan on victims' systems.

Node JS

North Korean hackers implicated in major supply chain attack

A compromised maintainer account for the Axios npm package led to the publication of malicious software versions targeting various operating systems.

North Korea behind social engineering attack on Axios project

Attackers compromised the Axios maintainer's account through social engineering, publishing malicious versions that installed a Remote Access Trojan on victims' systems.

more#axios

Business intelligence

Wireless AI paradox emerges as Wi-Fi evolves into strategic growth engine | Computer Weekly

Strategic investments in wireless and AI are crucial for businesses to achieve operational efficiency and productivity gains.

Digital Hopes, Real Power: From Revolution to Regulation

66% of internet users live where political or social sites are blocked, and 78% are in countries where people have been arrested for online posts. New social media regulations have emerged in dozens of countries in the past year alone.

World politics

fromwww.dw.com

Cambodia: Alleged cyber scam boss extradited to China

Investigations found that Li Xiong, the former chairman of Huione Group under the Prince Group, is suspected of multiple crimes. Li was identified as a core member of Chen Zhi's criminal gang.

World news

fromAdExchanger

20 hours ago

Data Privacy At The Kitchen Table | AdExchanger

Data privacy has become a significant concern for lawmakers and constituents, evolving into a key topic of discussion.

Suspected Chinese breach of FBI system exposed surveillance targets' phone numbers

A breach linked to China exposed phone numbers of FBI surveillance targets, raising concerns about counterintelligence risks.

fromThe Local France

France charges four over failed attack on US bank

The man in his early twenties from a Paris suburb had been charged with 'terrorist criminal conspiracy' and remanded in custody. French counter-terrorism prosecutors suspect he asked teenagers to place an explosive device outside the US financial institution near the famed Champs-Elysees avenue.

France news

DevOps

How 'Wikipedia of cyber' helps SAP make sense of threat data | Computer Weekly

SAP faces significant challenges in securing enterprise data amidst a complex threat landscape and evolving compliance requirements.

World politics

We Are At War

Rising geopolitical tensions are increasingly intertwined with cyber operations and the politicization of technology.

Mobile Attack Surface Expands as Enterprises Lose Control

Mobile device security is inadequate, with many organizations using critically outdated operating systems and exposing sensitive data to potential attacks.

fromwww.aljazeera.com

Cambodia parliament approves law to combat cybercrime scam rings

Cambodia's National Assembly approved a law targeting scam centres to combat online fraud and protect the economy and citizens.

#data-breach

fromSilicon Canals

A fintech app asked users for their passports - then left 360,000 files unprotected for five years - Silicon Canals

A money transfer app exposed over 360,000 sensitive files on a public server for nearly five years, including unencrypted personal documents.

AI Startup Mercor, Which Works With Open AI and Anthropic, Confirms Data Breach

Mercor, an AI startup, experienced a data breach involving 4 terabytes of stolen data linked to a supply chain attack by hacking groups.

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.

fromSilicon Canals

A fintech app asked users for their passports - then left 360,000 files unprotected for five years - Silicon Canals

A money transfer app exposed over 360,000 sensitive files on a public server for nearly five years, including unencrypted personal documents.

AI Startup Mercor, Which Works With Open AI and Anthropic, Confirms Data Breach

Mercor, an AI startup, experienced a data breach involving 4 terabytes of stolen data linked to a supply chain attack by hacking groups.

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.

more#data-breach

Artificial intelligence

fromComputerworld

Why AI lies, cheats and steals

AI chatbots are increasingly misbehaving, with a fivefold rise in unethical actions over six months, according to recent research.

fromWIRED

Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk

Meta has paused work with Mercor due to a major security breach affecting data used for AI training.

fromWIRED

CBP Facility Codes Sure Seem to Have Leaked Via Online Flashcards

The public Quizlet set contained information about alleged codes for specific facility entrances. 'Checkpoint doors code?' asked one card, with a specific four-digit combination listed in response.

Privacy professionals

4 days ago

European Commission Reports Cyber Intrusion and Data Theft

The European Commission confirmed a cyberattack that compromised its cloud infrastructure, resulting in the theft of hundreds of gigabytes of data.

Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK

Drift decentralized exchange lost $285 million due to a sophisticated attack involving unauthorized access and social engineering.

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

Operation REF1695 uses fake installers to deploy RATs and cryptocurrency miners, monetizing infections through CPA fraud since November 2023.

Information security

Sophisticated CrystalX RAT Emerges

Information security

Fake Claude Code source downloads actually delivered malware

fromTechRepublic

Microsoft: Hackers Are Using WhatsApp to Deliver Malware to Windows PCs

WhatsApp messages are being exploited to deliver malware to Windows users, creating significant security risks.

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

Operation REF1695 uses fake installers to deploy RATs and cryptocurrency miners, monetizing infections through CPA fraud since November 2023.

Sophisticated CrystalX RAT Emerges

CrystalX RAT is a new malware-as-a-service combining spyware, stealer, and remote access capabilities, promoted on Telegram and YouTube.

Fake Claude Code source downloads actually delivered malware

Leaked Claude Code source code led to malware downloads, including credential-stealing Vidar and proxy tool GhostSocks, via a malicious GitHub repository.

fromTechRepublic

Microsoft: Hackers Are Using WhatsApp to Deliver Malware to Windows PCs

WhatsApp messages are being exploited to deliver malware to Windows users, creating significant security risks.

Axios supply chain attack victim posts postmortem to prevent a repeat

Axios was compromised for three hours, distributing Remote Access Trojans due to a sophisticated social engineering attack by North Korean group UNC1069.

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

Stolen credentials significantly enhance ransomware attacks, enabling illegitimate access and operational disruption within networks.

CERT-EU blames Trivy supply chain attack for Europa.eu data breach

TeamPCP exploited Trivy to access sensitive cloud credentials and data, creating significant vulnerabilities for organizations.

fromComputerworld

Cyber criminals too are working from home... your home

The FBI warns that cybercriminals use residential proxies to mask illegal activities by hijacking IoT devices, smartphones, and routers, threatening both consumers and enterprises, particularly older devices.

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

Threat actor exploits Next.js vulnerabilities to exfiltrate credentials and compromise systems at scale, affecting over 766 systems and collecting more than 10,000 files.

Turns out most cybercriminals are old enough to know better

Middle-aged adults aged 35-44 comprise 37% of cybercrime arrests, with 25-44 year-olds accounting for nearly 60% of cases, contradicting the teenage hacker stereotype.

Claude Code leak puts enterprise trust at risk as security, governance concerns mount

Leaks threaten Anthropic's market position and raise security concerns about its AI coding tools.

2 months ago

Information security

Are criminals vibe coding malware? All signs point to yes

Claude Code leak puts enterprise trust at risk as security, governance concerns mount

Leaks threaten Anthropic's market position and raise security concerns about its AI coding tools.

2 months ago

Information security

Are criminals vibe coding malware? All signs point to yes

Mercor Hit by LiteLLM Supply Chain Attack

Mercor was impacted by a supply chain attack involving LiteLLM, resulting in the theft of 4 terabytes of data.

Mercor says it was 'one of thousands' hit in LiteLLM attack

Mercor confirmed it was affected by the LiteLLM supply-chain attack, with significant data theft by the Lapsus$ group.

Mercor Hit by LiteLLM Supply Chain Attack

Mercor was impacted by a supply chain attack involving LiteLLM, resulting in the theft of 4 terabytes of data.

Mercor says it was 'one of thousands' hit in LiteLLM attack

Mercor confirmed it was affected by the LiteLLM supply-chain attack, with significant data theft by the Lapsus$ group.

more#supply-chain-attack

HPE sees the network as a security sensor: what does that mean?

HPE Networking views the network as a critical security sensor and enforcement point, especially after acquiring Juniper Networks.

#cybercrime

fromFast Company

Privacy professionals

Teenage hackers are on the rise, and they're more dangerous than you think

Venom Stealer Raises Stakes With Continuous Credential Harvesting

Stolen credentials via infostealers like Venom Stealer are central to modern cybercrime.

Information security

European officials highlight private sector help in major cybercrime takedowns

fromFast Company

Teenage hackers are on the rise, and they're more dangerous than you think

Teenage hackers are reshaping cybercrime through persistent, coordinated attacks that cause real harm via data breaches, feeding cycles of increasingly serious criminal activity.

Venom Stealer Raises Stakes With Continuous Credential Harvesting

Stolen credentials via infostealers like Venom Stealer are central to modern cybercrime.

European officials highlight private sector help in major cybercrime takedowns

Private sector partners play a crucial role in cybercrime takedowns, aiding law enforcement in disrupting criminal activities and infrastructure.

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.

Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures

A phishing campaign targets Spanish-speaking users in Latin America and Europe, delivering banking trojans via malware called Horabot.

CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails

A phishing campaign impersonating CERT-UA distributed malware called AGEWHEEZE targeting various organizations in Ukraine.

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

A phishing campaign targets French-speaking corporations with fake resumes, deploying malware for credential theft and cryptocurrency mining.

Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures

A phishing campaign targets Spanish-speaking users in Latin America and Europe, delivering banking trojans via malware called Horabot.

CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails

A phishing campaign impersonating CERT-UA distributed malware called AGEWHEEZE targeting various organizations in Ukraine.

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

A phishing campaign targets French-speaking corporations with fake resumes, deploying malware for credential theft and cryptocurrency mining.

Chainalysis Deploys AI Agents to Counter Criminal Use of Artificial Intelligence in Crypto

Chainalysis introduces AI agents to enhance fraud detection and compliance without requiring deep technical expertise, ensuring data quality and human oversight.

CrewAI Vulnerabilities Expose Devices to Hacking

Threat actors can exploit four vulnerabilities in CrewAI for remote code execution and other attacks.

US Prisons Russian Access Broker for Aiding Ransomware Attacks

Aleksei Volkov was sentenced to 81 months in prison for his role in ransomware attacks causing over $9 million in losses.

Information security

From Ransomware to Residency: Inside the Rise of the Digital Parasite

US Prisons Russian Access Broker for Aiding Ransomware Attacks

Aleksei Volkov was sentenced to 81 months in prison for his role in ransomware attacks causing over $9 million in losses.

Information security

From Ransomware to Residency: Inside the Rise of the Digital Parasite

Identity has become malleable for cyber attackers

Modern cyberattacks combine psychological manipulation, deepfakes, voice phishing, and stolen data to breach even well-defended organizations without exploiting software vulnerabilities.

Interpol obliterates cyber criminal infrastructure | Computer Weekly

Interpol's Operation Synergia III neutralized 45,000 malicious IP addresses and servers across 72 countries, resulting in 94 arrests and over 100 investigations targeting cyber fraud, phishing, malware, and ransomware infrastructure.

Interpol sinkholes 45,000 IPs linked to global cybercrime

Interpol arrested 94 cybercriminals across multiple countries during Operation Synergia III, seizing 212 devices and sinkholing over 45,000 malicious IP addresses linked to phishing, romance scams, and credit card fraud.

Hackers: Democracy's last line of cyber defense

The hacker mindset—analytical curiosity combined with systemic thinking—can defend democracy by creating decentralized communication tools that resist censorship and empower oppressed communities.

Why cyberattacks don't require advanced hacking

Poor cyber hygiene, weak identity security, overdue IT maintenance, and incomplete logging make organizations vulnerable to financially motivated attacks such as ransomware and email fraud.

2 months ago

Crooks are hijacking and reselling AI infrastructure: Report

Threat actors are probing and hijacking exposed corporate LLM and MCP endpoints to steal compute, exfiltrate data, and resell API access for profit.