June 2025

BidenCash busted as Feds nuke stolen credit card bazaar

Dark web crime platform raked in $17M+ over three years of operation Uncle Sam has seized 145 domains tied to BidenCash, the notorious dark web market that trafficked in more than 15 million stolen credit cards.…

More than a hundred backdoored malware repos traced to single GitHub user

Someone went to great lengths to prey on the next generation of cybercrooks Sophos thinks a single person or group called "ischhfd83" is behind more than a hundred backdoored malware variants targeting novice cybercriminals and video game cheaters looking to get their hands on malicious code.…

HMRC: Crooks broke into 100k accounts, stole £43M from British taxpayer in late 2024

It’s definitely not a cyberattack though! Really! The UK's tax collections agency says cyberbaddies defrauded it of £47 million ($63 million) late last year, but insists the criminal case was not a cyberattack.…

AI kept 15-year-old zombie vuln alive, but its time is drawing near

Researchers have come up with a fix for a path traversal bug first spotted in 2010 A security bug that surfaced fifteen years ago in a public post on GitHub has survived developers' attempts on its life.…

China accuses Taiwan of running five feeble APT gangs, with US help

The authors who claimed America hacked itself to discredit Beijing are back with another report Beijing complains it’s under relentless attack by the equivalent of an ant trying to shake a tree China’s National Computer Virus Emergency Response Center on Thursday published a report in which it claims…

Fake IT support calls hit 20 orgs, end in stolen Salesforce data and extortion, Google warns

Victims include hospitality, retail and education sectors A group of financially motivated cyberscammers who specialize in Scattered-Spider-like fake IT support phone calls managed to trick employees at about 20 organizations into installing a modified version of Salesforce's Data Loader that allows the crims to steal sensitive data.…

Crims stole 40,000 people’s data from our network, admits publisher Lee Enterprises

Did somebody say ransomware? Not the newspaper group, not even to deny it Regional newspaper publisher Lee Enterprises says data belonging to around 40,000 people was stolen during an attack on its network earlier this year.…

UK CyberEM Command to spearhead new era of armed conflict

Government details latest initiative following announcement last week Revealing more details about the Cyber and Electromagnetic (CyberEM) military domain, the UK's Ministry of Defence (MoD) says "there are pockets of excellence" but improvements must be made to ensure the country's capability meets the needs of national defense.…

Ukraine war spurred infosec vet Mikko Hyppönen to pivot to drones

Why? There's a war in Europe, Finland has a belligerent neighbor, and cyber is a settled field Interview  Mikko Hyppönen has spent the last 34 years creating security software that defends against criminals and state-backed actors, but now he's moving onto drone warfare.…

‘Deliberate attack’ deletes shopping app’s AWS and GitHub resources

CEO of India's KiranaPro, which brings convenience stores online, vows to name the perp The CEO of Indian grocery ordering app KiranaPro has claimed an attacker deleted its GitHub and AWS resources in a targeted and deliberate attack and vowed to name the perpetrator.…

Copyright © 2024 Lugapel