- A Scattered Spider member gets 10 years in prison
A 20-year-old Scattered Spider member gets 10 years in prison and $13M restitution for SIM-swapping crypto thefts. Scattered Spider hacker, Noah Michael Urban (20), was sentenced to 10 years in U.S. prison and ordered to pay $13M restitution for SIM-swapping crypto thefts. “A 20-year-old Palm Coast man linked to a massive cybercriminal gang was sentenced
- FBI: Russia-linked group Static Tundra exploit old Cisco flaw for espionage
FBI warns FSB-linked group Static Tundra is exploiting a 7-year-old Cisco IOS/IOS XE flaw to gain persistent access for cyber espionage. The FBI warns that Russia-linked threat actor Static Tundra exploits Simple Network Management Protocol (SNMP) and end-of-life networking devices running an unpatched vulnerability (CVE-2018-0171) in Cisco Smart Install (SMI) to target organizations in the
- US CERT/CC warns of flaws in Workhorse Software accounting software used by hundreds of municipalities in Wisconsin
CERT/CC disclosed serious data exposure vulnerabilities in Workhorse Software used by hundreds of U.S. cities and towns. CERT Coordination Center (CERT/CC) at Carnegie Mellon University disclosed two serious data exposure flaws in an accounting application developed by Workhorse Software’s, and used by hundreds of U.S. cities and towns. CERT/CC disclosed the vulnerabilities only after the
- Britain targets Kyrgyz financial institutions, crypto networks aiding Kremlin
The UK has imposed new sanctions on Kyrgyz financial institutions and crypto networks accused of helping Russia evade restrictions. The UK imposed sanctions on Kyrgyz financial institutions and crypto networks accused of aiding Russian sanctions evasion, war funding, and ransomware activities. The U.K. imposed new sanctions on Kyrgyzstan’s Capital Bank and director Kantemir Chalbayev, accused
- DOJ takes action against 22-year-old running RapperBot Botnet
DOJ charges 22-year-old Ethan Foltz of Oregon for running RapperBot, a DDoS botnet behind 370K+ attacks in 80+ countries since 2021. The U.S. DOJ charged 22-year-old Ethan Foltz of Oregon for running the RapperBot botnet, used in over 370,000 DDoS-for-hire attacks since 2021. The criminal service is active in over 80 countries, RapperBot enabled large-scale
- Google fixed Chrome flaw found by Big Sleep AI
Google Chrome 139 addressed a high-severity V8 flaw, tracked as CVE-2025-9132, found by Big Sleep AI Google Chrome 139 addressed a high-severity vulnerability, tracked as CVE-2025-9132, in its open source high-performance JavaScript and WebAssembly engine V8. The vulnerability is an out-of-bounds write issue in the V8 JavaScript engine that was discovered by Big Sleep AI.
- Student Loan Breach Exposes 2.5M Records
2.5 million people were affected, in a breach that could spell more trouble down the line.
- Watering Hole Attacks Push ScanBox Keylogger
Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
- Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.
- Ransomware Attacks are on the Rise
Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.
- Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.
- Twitter Whistleblower Complaint: The TL;DR Version
Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.
Français 
English