Cybercrime

Defense Contractor Employee Sentenced for Selling 8 Zero Days to Russian Broker

A former employee of U.S. defense contractor L3Harris has been sentenced to more than seven years in federal prison after admitting to selling eight highly sensitive zero-day exploits to a Russian exploit brokerage firm in exchange for millions in cryptocurrency. Peter Williams, 39, an Australian national, pleaded guilty in October 2025 to two counts of […]

Defense Contractor Employee Sentenced for Selling 8 Zero Days to Russian Broker Read More »

Ukrainian National Sentenced to 5 Years in North Korea IT Worker Fraud Scheme

A 29 year old Ukrainian citizen has been sentenced to five years in a U.S. federal prison for helping facilitate North Korea’s fraudulent IT worker operation that infiltrated dozens of American companies. Oleksandr “Alexander” Didenko pleaded guilty in November 2025 to wire fraud conspiracy and aggravated identity theft. Authorities say he stole the identities of

Ukrainian National Sentenced to 5 Years in North Korea IT Worker Fraud Scheme Read More »

FBI Reports 1,900 ATM Jackpotting Incidents Since 2020, $20M Lost in 2025

The Federal Bureau of Investigation (FBI) has issued a fresh warning about the surge in ATM jackpotting attacks across the United States, revealing that financial losses exceeded $20 million in 2025 alone. According to federal data, approximately 1,900 jackpotting incidents have been reported since 2020, with 700 of those occurring in 2024. In December 2025, the U.S. Department

FBI Reports 1,900 ATM Jackpotting Incidents Since 2020, $20M Lost in 2025 Read More »

INTERPOL Operation Red Card 2.0 Leads to 651 Arrests in African Cybercrime Crackdown

An international cybercrime operation targeting online scams has resulted in 651 arrests and the recovery of over $4.3 million, coordinated by law enforcement agencies from 16 African countries. The initiative, named Operation Red Card 2.0, ran from December 8, 2025 to January 30, 2026, focusing on high-yield investment scams, mobile money fraud, and fraudulent mobile

INTERPOL Operation Red Card 2.0 Leads to 651 Arrests in African Cybercrime Crackdown Read More »

Fake IPTV Apps Distribute Massiv Android Malware Targeting Mobile Banking Users

Cybersecurity experts have identified a new Android banking trojan called Massiv, designed to conduct device takeover (DTO) attacks for financial theft. The malware hides inside seemingly legitimate IPTV apps, luring users who are searching for online TV services and giving attackers remote control over infected devices. How Massiv Operates According to ThreatFabric, Massiv first appeared in

Fake IPTV Apps Distribute Massiv Android Malware Targeting Mobile Banking Users Read More »

SmartLoader Attack Leverages Trojanized Oura MCP Server to Deploy StealC Infostealer

Cybersecurity researchers have uncovered a sophisticated campaign using a trojanized Model Context Protocol (MCP) server linked to Oura Health to deliver the StealC information stealer. According to Straiker’s AI Research (STAR) Labs, attackers cloned the legitimate Oura MCP server—which normally connects AI assistants to Oura Ring health data—and created fake forks, contributor accounts, and a deceptive infrastructure to build

SmartLoader Attack Leverages Trojanized Oura MCP Server to Deploy StealC Infostealer Read More »

Poland Arrests Suspect Tied to Phobos Ransomware Operation

Authorities in Poland have arrested a 47-year-old man suspected of involvement with the Phobos ransomware network. During the operation, police confiscated computers and mobile devices allegedly containing stolen login credentials, payment card details, and server access information. The arrest was carried out by officers from the Central Bureau of Cybercrime Control in the Małopolska region, with support from units in Katowice

Poland Arrests Suspect Tied to Phobos Ransomware Operation Read More »

Infostealer Steals OpenClaw AI Agent Configuration Files and Gateway Tokens

Cybersecurity researchers have identified a case in which an information-stealing malware successfully extracted sensitive configuration files linked to OpenClaw, the open-source AI agent platform previously known as Clawdbot and Moltbot. According to researchers at Hudson Rock, the incident represents a turning point in infostealer evolution. Instead of focusing solely on browser credentials, threat actors are now harvesting

Infostealer Steals OpenClaw AI Agent Configuration Files and Gateway Tokens Read More »

New ZeroDayRAT Mobile Spyware Enables Real-Time Surveillance and Data Exfiltration

Cybersecurity experts have uncovered a new mobile spyware platform called ZeroDayRAT, being marketed on Telegram as a tool for stealing sensitive data and conducting real-time surveillance on Android and iOS devices. Daniel Kelley, a security researcher at iVerify, explained, “The developer operates dedicated channels for sales, customer support, and updates, giving buyers access to a fully functional

New ZeroDayRAT Mobile Spyware Enables Real-Time Surveillance and Data Exfiltration Read More »

Snail Mail Campaign Targets Trezor and Ledger Users in Cryptocurrency Theft Attacks

Cybercriminals have launched a new wave of cryptocurrency phishing attacks by sending physical letters to users of Trezor and Ledger hardware wallets. The fraudulent mail is designed to trick recipients into revealing their wallet recovery phrases, ultimately enabling attackers to steal digital assets. QR Code Scam Delivered by Post Unlike traditional email phishing, this campaign

Snail Mail Campaign Targets Trezor and Ledger Users in Cryptocurrency Theft Attacks Read More »