Two members of the Scattered Spider cybercrime group have been sentenced to jail in the United Kingdom, the country’s National Crime Agency (NCA) announced on Thursday. Thalha Jubair, 20, and Owen Flowers, 18, were charged over their role in a 2024 cyberattack targeting Transport for London (TfL), which caused significant disruptions and generated costs of ..
Tag : Cybercrime
A government entity in the US reportedly paid a $1 million ransom to the Kairos cyber extortion group to prevent the public dissemination of information stolen in a May 2025 intrusion, Ransom-ISAC reports. A leaked negotiation transcript shows that the extortion group demanded $3 million in cryptocurrency from the victim organization, but eventually settled for ..
A recently discovered advanced persistent threat (APT) actor has been targeting government and electric power organizations in multiple countries, Kaspersky reports. Dubbed Armored Likho, the APT engages both in financially motivated attacks against individuals and in cyber-espionage operations against organizations in Russia, Brazil, and Kazakhstan. The threat actor’s arsenal includes modular remote access trojans (RATs) ..
Threat actors are using prompt injection attacks embedded in malicious websites and manipulated search results to trick AI agents into making payments or trusting fraudulent cryptocurrency platforms. Zscaler says it identified two campaigns relying on indirect prompt injection, including a payment scam hiding behind API documentation, and a typosquatting operation promoting a crypto platform that ..
SecurityWeek’s cybersecurity news weekly roundup offers a concise overview of important developments that may not receive full standalone coverage but remain relevant to the broader threat landscape. This curated summary highlights key stories across vulnerability disclosures, emerging attack methods, policy updates, industry reports, and other noteworthy events to help readers maintain a well-rounded awareness of ..
Medical technology giant Medtronic is notifying more than 3.8 million individuals that their personal and medical information was compromised in a recent data breach. The incident occurred in April 2026, when the infamous extortion group ShinyHunters accessed the company’s corporate IT systems. Medtronic confirmed the attack in late April, noting that its products and manufacturing ..
A dual US-Estonian citizen was extradited to the US to face charges for his alleged involvement in the activities of the infamous hacking group Scattered Spider. The individual, Peter Stokes, 19, also known as ‘Bouquet’, was arrested in Finland in April while boarding a flight to Japan. He was indicted with counts of conspiracy, computer ..
Google, the FBI, and other organizations coordinated in a joint effort to dismantle NetNut, a massive residential proxy network. Also known as Popa, NetNut is believed to consist of more than 2 million Android devices such as smart TVs and streaming boxes, that have been infected through trojanized applications and malware such as Badbox 2.0. ..
L’intelligence ucraina conferma e amplia l’allarme statunitense: i servizi russi non rompono la crittografia delle app di messaggistica, ma convincono le vittime a consegnare le chiavi che proteggono i loro backup. Il bersaglio sono funzionari, militari, politici e attivisti in Ucraina, Europa e Stati Uniti. La svolta operativa più recente riguarda in modo specifico Signal; ..
More than 200,000 websites are using investment scam templates built with the Chinese open source framework Uni-App, Infoblox reports. A cross-platform development toolkit, Uni-App allows developers to create Vue.js codebases that can be deployed as mobile and desktop applications, or as mobile-optimized websites simultaneously. Widely used in China and supported by a developer ecosystem, the ..


