2025

Illicit crypto-miners pouncing on lazy DevOps configs that leave clouds vulnerable

To stop the JINX-0132 gang behind these attacks, pay attention to HashiCorp, Docker, and Gitea security settings Up to a quarter of all cloud users are at risk of having their computing resources stolen and used to illicitly mine for cryptocurrency, after crims cooked up a campaign that…

Bling slinger Cartier tells customers to be wary of phishing attacks after intrusion

Nothing terribly valuable taken in data heist, though privacy a little tarnished Global jewelry giant Cartier is writing to customers to confirm their data was exposed to cybercriminals that broke into its systems.…

Ukrainians smuggle drones hidden in cabins on trucks to strike Russian airfields

A real-world Trojan Horse attack Ukraine claims it launched a cunning drone strike on Sunday against multiple Russian airbases, hitting over 40 military aircraft and inflicting an estimated $7 billion in damage, in an operation dubbed "Spiderweb."…

US community bank says thieves drained customer data through third party hole

Disclosure at MainStreet Bancshares comes as American finance orgs beg for looser reporting requirements Community bank MainStreet Bancshares says thieves stole data belonging to some of its customers during an attack on a third-party provider.…

Lumma infostealer takedown may have inflicted only a flesh wound as crew keeps pinching and selling data

PLUS: Ransomware gang using tech support scam; Czechia accuses China of infrastructure attack; And more! Infosec In Brief  Despite last week’s FBI announcement that it helped to take down the crew behind the Lumma infostealer, the malware continues to operate.…

Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump

'It's a high-stakes intelligence war' he told El Reg exclusive  A mystery whistleblower calling himself GangExposed has exposed key figures behind the Conti and Trickbot ransomware crews, publishing a trove of internal files and naming names.…

ConnectWise customers get mysterious warning about ‘sophisticated’ nation-state hack

Pen tester on ScreenConnect bug: This one ‘terrifies’ me ConnectWise has brought in the big guns to investigate a "sophisticated nation state actor" that broke into its IT environment and then breached some of its customers.…

Feds arrest DoD techie, claim he dumped top secret files in park for foreign spies to find

28-year-old alleged to have made multiple drops to folks who turned out to be undercover FBI agents A Defense Intelligence Agency (DIA) IT specialist is scheduled to appear in court today after being caught by the FBI trying to surreptitiously drop top secret information to a foreign government…

US medical org pays $50M+ to settle case after crims raided data and threatened to swat cancer patients

Cash splashed on damages, infrastructure improvements, and fraud monitoring A Seattle cancer facility has agreed to fork out around $52.5 million as part of a class action settlement linked to a Thanksgiving 2023 cyberattack where criminals directly threatened cancer patients with swat attacks.…

Meta – yep, Facebook Meta – is now a defense contractor

Giving people the power to build community and bring the world closer together so we can shoot them Meta has partnered with Anduril Industries to build augmented and virtual reality devices for the military, eight years after it fired the defense firm's founder, Palmer Luckey.…

Copyright © 2026 Lugapel