#cybercrime-at-scale
#cybercrime-at-scale

US news

Law enforcement is trying to combat abusive AI. Experts say easier said than done

Triad Nexus Evades Sanctions to Fuel Cybercrime

Triad Nexus is a cybercrime network responsible for over $200 million in losses through scams and money laundering, using various techniques to evade sanctions.

fromThe Cipher Brief

New Presidential Executive Order Targets Transnational Cybercrime

Transnational cybercrime is escalating, with significant financial losses and a need for enhanced national security measures.

fromNextgov.com

European officials highlight private sector help in major cybercrime takedowns

Private sector partners play a crucial role in cybercrime takedowns, aiding law enforcement in disrupting criminal activities and infrastructure.

European police email 75,000 people asking them to stop DDoS attacks | TechCrunch

A global law enforcement operation targeted over 75,000 alleged cybercriminals using DDoS-for-hire services, resulting in arrests and domain takedowns.

fromwww.npr.org

US news

Law enforcement is trying to combat abusive AI. Experts say easier said than done

Triad Nexus Evades Sanctions to Fuel Cybercrime

Triad Nexus is a cybercrime network responsible for over $200 million in losses through scams and money laundering, using various techniques to evade sanctions.

fromThe Cipher Brief

New Presidential Executive Order Targets Transnational Cybercrime

Transnational cybercrime is escalating, with significant financial losses and a need for enhanced national security measures.

fromNextgov.com

European officials highlight private sector help in major cybercrime takedowns

Private sector partners play a crucial role in cybercrime takedowns, aiding law enforcement in disrupting criminal activities and infrastructure.

53 DDoS Domains Taken Down by Law Enforcement

Law enforcement in 21 countries coordinated to disrupt DDoS-for-hire services, resulting in arrests and the takedown of numerous domains.

Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts

Operation PowerOFF disrupted DDoS-for-hire services, taking down 53 domains and arresting four individuals linked to over 75,000 cybercriminals.

53 DDoS Domains Taken Down by Law Enforcement

Law enforcement in 21 countries coordinated to disrupt DDoS-for-hire services, resulting in arrests and the takedown of numerous domains.

Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts

Operation PowerOFF disrupted DDoS-for-hire services, taking down 53 domains and arresting four individuals linked to over 75,000 cybercriminals.

more#ddos

#privacy

15 hours ago

Privacy technologies

Privacy, power, and encryption: why end-to-end security matters | Computer Weekly

Privacy is a fundamental human condition, and end-to-end encryption is essential for protecting communications in a surveillance-heavy world.

fromMIT Technology Review

Building trust in the AI era with privacy-led UX

Well-designed consent experiences enhance trust and business performance, evolving privacy into an ongoing relationship rather than a one-time transaction.

15 hours ago

Privacy, power, and encryption: why end-to-end security matters | Computer Weekly

Privacy is a fundamental human condition, and end-to-end encryption is essential for protecting communications in a surveillance-heavy world.

fromMIT Technology Review

Building trust in the AI era with privacy-led UX

Well-designed consent experiences enhance trust and business performance, evolving privacy into an ongoing relationship rather than a one-time transaction.

Cryptocurrency

Russia-friendly exchange says "western special service" behind $15 million cyberattack

France news

fromThe Local France

France reports over 40 cryptocurrency kidnappings so far this year

France has experienced over 40 kidnappings linked to cryptocurrencies since January, targeting wealthy individuals and their families.

Cryptocurrency

International Operation Targets Multimillion-Dollar Crypto Theft Schemes

Operation Atlantic targets multimillion-dollar cryptocurrency theft, freezing $12 million in stolen assets and identifying over $45 million in stolen funds.

9 hours ago

Cryptocurrency

Russia-friendly exchange says "western special service" behind $15 million cyberattack

France news

fromThe Local France

France reports over 40 cryptocurrency kidnappings so far this year

France has experienced over 40 kidnappings linked to cryptocurrencies since January, targeting wealthy individuals and their families.

Cryptocurrency

International Operation Targets Multimillion-Dollar Crypto Theft Schemes

Operation Atlantic targets multimillion-dollar cryptocurrency theft, freezing $12 million in stolen assets and identifying over $45 million in stolen funds.

more#cryptocurrency

Man who hacked US Supreme Court filing system sentenced to probation | TechCrunch

Nicholas Moore was sentenced to a year of probation for hacking the U.S. Supreme Court and other government systems.

17 hours ago

AI Upgrades, Security Breaches, and Industry Shifts Define This Week in Tech - TechRepublic

AI innovation and security threats are reshaping technology and corporate strategies across various platforms and applications.

7 charged in scheme that used AI tools to defraud Toronto-area stores: police | CBC News

Seven people have been charged in a fraud investigation involving AI tools used to steal login information from retail employees in Toronto.

Your tech support company runs scams. Stop-or disguise with more fraud?

Tech Live Connect defrauded Americans of $8 million through a fraudulent payment processing scheme over four years.

Canada news

fromwww.cbc.ca

6 hours ago

7 charged in scheme that used AI tools to defraud Toronto-area stores: police | CBC News

Seven people have been charged in a fraud investigation involving AI tools used to steal login information from retail employees in Toronto.

Your tech support company runs scams. Stop-or disguise with more fraud?

Tech Live Connect defrauded Americans of $8 million through a fraudulent payment processing scheme over four years.

US news

Two North Korean IT Worker Scheme Facilitators Jailed in the US

Information security

North Korean social engineering campaign targets macOS users | Computer Weekly

North Korea targets macOS users in latest heist

North Korean criminals use social engineering and fake software updates to steal Apple users' credentials and cryptocurrency.

22 hours ago

US news

Two North Korean IT Worker Scheme Facilitators Jailed in the US

North Korean social engineering campaign targets macOS users | Computer Weekly

A North Korean campaign targeting macOS users tricked victims into executing malicious files, leading to credential and data theft.

North Korea targets macOS users in latest heist

North Korean criminals use social engineering and fake software updates to steal Apple users' credentials and cryptocurrency.

Another DraftKings Hacker Sentenced to Prison

Kamerin Stokes was sentenced to 30 months in prison for a credential stuffing attack on DraftKings, involving 60,000 compromised accounts.

Marketing tech

fromSFGATE

AI is a gold mine for spammers and scammers, but Google is using it as a tool to fight back

Generative AI tools have intensified online spam and scams, prompting tech giants like Google to enhance their defenses against these threats.

fromwww.housingwire.com

Disconnected systems fueling title, wire fraud risks

Disconnected systems, inconsistent definitions of data, and the manual nature of data movement create ongoing challenges in the title industry, according to FundingShield President Adam Chaudhary.

Real estate

What "The Pitt" Gets Right About Ransomware and What Hospitals Can't Afford to Ignore

Ransomware incidents in healthcare lead to significant operational fallout, requiring extensive recovery efforts beyond just paying the ransom.

Autovista blames ransomware for service disruption

Autovista is addressing a ransomware infection affecting its systems in Europe and Australia, prioritizing the secure restoration of impacted applications.

fromFortune

As a small business owner, I never expected to pay $100,000 protecting my business from ransomware | Fortune

Ransomware attacks can severely impact small businesses, leading to significant recovery costs despite having cyber insurance.

Ransomware Hits Automotive Data Expert Autovista

Autovista is working to restore services after a ransomware attack affected its systems in Europe and Australia.

0APT ransomware gang extorts Krybit amid doxxing threat

0APT threatens to expose Krybit members, highlighting the bizarre rivalry between ransomware gangs.

fromTechzine Global

2 months ago

Information security

Western Europe is a hotbed for cybercriminals' servers

Healthcare

fromSecuritymagazine

What "The Pitt" Gets Right About Ransomware and What Hospitals Can't Afford to Ignore

Ransomware incidents in healthcare lead to significant operational fallout, requiring extensive recovery efforts beyond just paying the ransom.

Autovista blames ransomware for service disruption

Autovista is addressing a ransomware infection affecting its systems in Europe and Australia, prioritizing the secure restoration of impacted applications.

fromFortune

As a small business owner, I never expected to pay $100,000 protecting my business from ransomware | Fortune

Ransomware attacks can severely impact small businesses, leading to significant recovery costs despite having cyber insurance.

Ransomware Hits Automotive Data Expert Autovista

Autovista is working to restore services after a ransomware attack affected its systems in Europe and Australia.

0APT ransomware gang extorts Krybit amid doxxing threat

0APT threatens to expose Krybit members, highlighting the bizarre rivalry between ransomware gangs.

fromTechzine Global

2 months ago

Information security

Western Europe is a hotbed for cybercriminals' servers

EU awards its 180 million sovereign cloud contract

The European Commission awarded a €180 million sovereign cloud contract to four provider groups, emphasizing diversification and resilience in cloud services.

London startup

One year on from the M&S cyber attack: What did we learn? | Computer Weekly

Marks & Spencer experienced a significant cyber attack in April 2025, disrupting services and highlighting vulnerabilities in third-party tech suppliers.

Sweden Blames Pro-Russian Group for Cyberattack Last Year on Its Energy Infrastructure

A pro-Russian group linked to Russian intelligence was behind a failed cyberattack on a Swedish heating plant, part of broader attacks on European infrastructure.

European Commission Reports Cyber Intrusion and Data Theft

The European Commission confirmed a cyberattack that compromised its cloud infrastructure, resulting in the theft of hundreds of gigabytes of data.

European Commission confirms cyberattack after hackers claim data breach | TechCrunch

A cyberattack on the European Commission's cloud infrastructure resulted in the theft of significant data, but internal systems remain unaffected.

Europe news

Sweden Blames Pro-Russian Group for Cyberattack Last Year on Its Energy Infrastructure

A pro-Russian group linked to Russian intelligence was behind a failed cyberattack on a Swedish heating plant, part of broader attacks on European infrastructure.

European Commission Reports Cyber Intrusion and Data Theft

The European Commission confirmed a cyberattack that compromised its cloud infrastructure, resulting in the theft of hundreds of gigabytes of data.

European Commission confirms cyberattack after hackers claim data breach | TechCrunch

A cyberattack on the European Commission's cloud infrastructure resulted in the theft of significant data, but internal systems remain unaffected.

more#cyberattack

fromNature

Researchers: here's how to audit your fragmented digital identity

A search for 'Guo Wei' in ORCID returned 616 profiles, none affiliated with the Jiangsu University of Science and Technology, highlighting the difficulty in verifying academic identities.

Higher education

Digital life

fromwww.dw.com

Dangerous Apps In the Web of Data Brokers

Smartphone apps collect detailed location data, often shared with data brokers, posing security risks to users, including soldiers and government officials.

Europe politics

fromwww.independent.co.uk

Digital sovereignty isn't just a buzzword - it's the future

European governments and companies are prioritizing digital sovereignty due to concerns over US control and dependency.

UK news

Phone firms should use technology to stop children taking nudes, police chief says

Tech firms must enhance children's online safety by preventing the creation of nude images on their devices, according to law enforcement officials.

#cybersecurity

13 hours ago

Information security

Hackers are abusing unpatched Windows security flaws to hack into organizations | TechCrunch

fromLondon Business News | Londonlovesbusiness.com

Privacy professionals

Man with @ihackedthegovernment Instagram account tells judge, "I made a mistake"

18 hours ago

Information security

The rising cost of data breaches: Why backup and cyber protection must go hand in hand - London Business News | Londonlovesbusiness.com

Information security

Government Can't Win the Cyber War Without the Private Sector

fromYahoo Tech

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Russian spies exploited consumer routers to steal Microsoft 365 credentials from thousands of users, turning home devices into espionage tools.

19 hours ago

In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested

Senate legislation aims to enhance satellite cybersecurity amid rising threats and vulnerabilities in commercial satellite signals.

13 hours ago

Hackers are abusing unpatched Windows security flaws to hack into organizations | TechCrunch

Hackers exploited Windows vulnerabilities published by a researcher, affecting Windows Defender and allowing high-level access.

Man with @ihackedthegovernment Instagram account tells judge, "I made a mistake"

Moore accessed the Supreme Court's filing system and other accounts using stolen credentials, publicly posting sensitive personal information of individuals online.

fromLondon Business News | Londonlovesbusiness.com

18 hours ago

The rising cost of data breaches: Why backup and cyber protection must go hand in hand - London Business News | Londonlovesbusiness.com

Cyber incidents now lead to significant financial and reputational damage, necessitating a unified strategy for backup and cyber protection.

Government Can't Win the Cyber War Without the Private Sector

Governments must collaborate with the private sector to effectively manage the growing complexity of cyber threats.

fromYahoo Tech

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Russian spies exploited consumer routers to steal Microsoft 365 credentials from thousands of users, turning home devices into espionage tools.

19 hours ago

In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested

Senate legislation aims to enhance satellite cybersecurity amid rising threats and vulnerabilities in commercial satellite signals.

Privacy technologies

438 Experts Said Age Verification Is Dangerous. Legislators Are Moving Forward With It Anyway. - Above the Law

fromThe Verge

Age verification is a mess but we're doing it anyway

Age verification methods on the internet are flawed, leading to challenges in effectively preventing underage access to inappropriate content.

fromWIRED

Europe's Online Age Verification App Is Here

The European online age verification app ensures anonymous age verification using ID cards or passports, protecting children from harmful content.

fromAbove the Law

17 hours ago

438 Experts Said Age Verification Is Dangerous. Legislators Are Moving Forward With It Anyway. - Above the Law

Age verification mandates for the internet are technically flawed, threaten privacy, and may cause more harm than good, according to 438 researchers from 32 countries.

fromThe Verge

Age verification is a mess but we're doing it anyway

Age verification methods on the internet are flawed, leading to challenges in effectively preventing underage access to inappropriate content.

fromWIRED

Europe's Online Age Verification App Is Here

The European online age verification app ensures anonymous age verification using ID cards or passports, protecting children from harmful content.

more#age-verification

CYBERUK '26: UK lagging on legal protections for cyber pros | Computer Weekly

The outdated Computer Misuse Act hinders UK cyber security innovation and needs urgent reform to protect cyber professionals.

Cryptocurrency

fromBitcoin Magazine

When Quantum Computers Come For Your Bitcoin: What Classical Property Law Says Happens Next

Bitcoin's future is challenged by quantum computing, raising questions about ownership and legality of coins accessed through quantum-derived keys.

fromFortune

15 hours ago

AI cybersecurity capabilities require urgent international cooperation, AI godfather Bengio says | Fortune

Yoshua Bengio emphasizes the urgent need for international cooperation in addressing AI's risks, particularly with the release of Anthropic's Mythos model.

France news

French cops free mother and son after crypto kidnapping

A mother and her son were rescued after a 20-hour kidnapping related to a ransom demand from a criminal gang.

fromwww.independent.co.uk

17 hours ago

What are EU digital identity wallets? The benefits and risks explained

The Independent provides accessible journalism on critical issues like reproductive rights and digital identity, emphasizing the importance of on-the-ground reporting.

#data-breach

Clothing Retailer Patches Website Flaw Exposing Customer Data

A flaw in Express's website allowed unauthorized access to customer data through sequential order IDs in URLs.

Hackers steal and leak sensitive LAPD police documents | TechCrunch

Cybercriminals leaked sensitive LAPD documents online, including personnel files and internal investigations, allegedly by the extortion gang World Leaks.

Information security

Hackers Offer to Sell Millions of Eurail User Records

Clothing Retailer Patches Website Flaw Exposing Customer Data

A flaw in Express's website allowed unauthorized access to customer data through sequential order IDs in URLs.

Hackers steal and leak sensitive LAPD police documents | TechCrunch

Cybercriminals leaked sensitive LAPD documents online, including personnel files and internal investigations, allegedly by the extortion gang World Leaks.

Information security

Hackers Offer to Sell Millions of Eurail User Records

more#data-breach

fromThe Verge

Anthropic's new cybersecurity model could get it back in the government's good graces

Anthropic's relationship with the Trump administration has improved due to its new cybersecurity model, Claude Mythos Preview.

fromPrivacy International

20 hours ago

What is digital fingerprinting: Is my device ever truly anonymous?

Digital fingerprinting is a tracking technique that monitors how browsers and devices communicate online.

fromHarvard Gazette

Time for government, business leaders to figure out AI cybersecurity regulation - Harvard Gazette

Agentic AI poses both opportunities for cybersecurity and risks to personal data, economy, and national security, necessitating regulation by leaders.

fromWIRED

Congress Turns Up Pressure on DHS Over Palantir's Role in Immigration Crackdown

Members of Congress demand DHS and ICE disclose details on surveillance tools used in immigration enforcement.

fromwww.businessinsider.com

Claude is requiring some of its users to verify their identity. Here's Anthropic's explanation.

Anthropic is implementing identity verification for some Claude users to combat fraudulent behavior.

#data-privacy

fromZDNET

A data removal service helped me reclaim my privacy - see if you need one, too

Personal data is collected and sold by brokers, making removal services essential for protecting sensitive information.

fromElectronic Frontier Foundation

Google Broke Its Promise to Me. Now ICE Has My Data.

Google provided user data to ICE without notification, violating a promise to users.

fromZDNET

A data removal service helped me reclaim my privacy - see if you need one, too

Personal data is collected and sold by brokers, making removal services essential for protecting sensitive information.

fromElectronic Frontier Foundation

Google Broke Its Promise to Me. Now ICE Has My Data.

Google provided user data to ICE without notification, violating a promise to users.

EU age verification app announced to protect children online

A new EU age verification app will allow users to prove their age online without sharing personal data.

fromBusiness Matters

Why Trust and Verification Are Critical for Modern Online Platform Businesses

Trust is essential yet fragile in the digital economy, with platforms facing increasing challenges from sophisticated online scams.

New Phishing Attack Turns n8n Into On-Demand Malware Machine

Attackers are exploiting n8n workflows to deliver malware while evading detection and blending into normal business activities.

Information security

UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign

Information security

$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks

A sophisticated threat disguised as adware compromised over 25,000 endpoints, allowing silent control through an unregistered domain.

Information security

Fake Claude Website Distributes PlugX RAT

A fake Anthropic Claude website distributed a remote access trojan disguised as a legitimate application download.

16 hours ago

New Phishing Attack Turns n8n Into On-Demand Malware Machine

Attackers are exploiting n8n workflows to deliver malware while evading detection and blending into normal business activities.

UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign

A new malware campaign targeting Ukrainian healthcare institutions has been identified, utilizing deceptive emails to deliver malicious payloads.

$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks

A sophisticated threat disguised as adware compromised over 25,000 endpoints, allowing silent control through an unregistered domain.

Fake Claude Website Distributes PlugX RAT

A fake Anthropic Claude website distributed a remote access trojan disguised as a legitimate application download.

Cursor AI Vulnerability Exposed Developer Devices

A vulnerability in Cursor AI allows attackers to hijack developer machines via malicious repositories without user interaction.

fromSecuritymagazine

How CSOs Can Win Board Support for Gunshot Detection Technology

CSOs must effectively frame gunshot detection technology to gain executive support and align it with corporate risk priorities.

Cyber Essentials closes the MFA loophole but leaves some organisations adrift | Computer Weekly

Multi-factor authentication becomes mandatory under Cyber Essentials v3.3, with no exceptions for organizations failing to implement it.

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

A social engineering campaign exploits Obsidian to distribute PHANTOMPULSE trojan targeting financial and cryptocurrency sectors.

fromMedCity News

The Evolving Landscape of Privacy and Cybersecurity: Essential Strategies for Legal and Compliance Professionals - MedCity News

Organizations must combine strong controls with comprehensive employee training and accountability culture to effectively protect sensitive data and comply with evolving privacy laws.

FBI announces takedown of phishing operation that targeted thousands of victims | TechCrunch

The FBI dismantled a global phishing operation, W3LL, targeting over 17,000 victims and facilitating over $20 million in fraud.

UK gov's Mythos AI tests help separate cybersecurity threat from hype

Mythos outperformed previous models in TLO tests, showing capability in attacking vulnerable systems but still facing limitations in complex scenarios.

fromTechzine Global

Runtime security becomes critical as AI accelerates threats

Artificial intelligence accelerates innovation and cyber threats, necessitating a focus on runtime security for effective enterprise protection.

FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts

The FBI and Indonesian National Police dismantled a global phishing operation using the W3LL toolkit, preventing over $20 million in fraud.

The Hidden Cost of Recurring Credential Incidents

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

Stolen credentials significantly enhance ransomware attacks, enabling illegitimate access and operational disruption within networks.

Turns out most cybercriminals are old enough to know better

Middle-aged adults aged 35-44 comprise 37% of cybercrime arrests, with 25-44 year-olds accounting for nearly 60% of cases, contradicting the teenage hacker stereotype.

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.

Interpol obliterates cyber criminal infrastructure | Computer Weekly

Interpol's Operation Synergia III neutralized 45,000 malicious IP addresses and servers across 72 countries, resulting in 94 arrests and over 100 investigations targeting cyber fraud, phishing, malware, and ransomware infrastructure.