Hackers planted a Steam game with malware to steal gamers' passwords | TechCrunchValve removed the game PirateFI from Steam due to it containing malware designed to steal sensitive information.
New Mac Malware Poses as Browser UpdatesA new macOS malware, FrigidStealer, uses deceptive fake browser updates to steal sensitive user data.FrigidStealer operates through two threat actors, utilizing legitimate sites to trick users.
THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [6 Jan]Cybercriminals exploit trusted digital tools, like Chrome extensions, to steal sensitive data from users.A recent attack involved spear-phishing and malicious Chrome extensions targeting millions of devices.
Urgent warning to Google users after hackers uploaded fake adsUsers were warned about a cyberattack posing as Google Authenticator, leading to personal data theft.
$75 Million Record-Breaking Ransom Paid To Cybercriminals, Say ResearchersThe largest known ransom payment of US $75 million was made by a Fortune 50 company to the Dark Angels ransomware group.
1,000 Apps Used in Malicious Campaign Targeting Android Users in IndiaA malicious campaign named FatBoyPanel is extensively targeting Android users in India using over 1,000 apps to steal personal and banking information.
Hackers planted a Steam game with malware to steal gamers' passwords | TechCrunchValve removed the game PirateFI from Steam due to it containing malware designed to steal sensitive information.
New Mac Malware Poses as Browser UpdatesA new macOS malware, FrigidStealer, uses deceptive fake browser updates to steal sensitive user data.FrigidStealer operates through two threat actors, utilizing legitimate sites to trick users.
THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [6 Jan]Cybercriminals exploit trusted digital tools, like Chrome extensions, to steal sensitive data from users.A recent attack involved spear-phishing and malicious Chrome extensions targeting millions of devices.
Urgent warning to Google users after hackers uploaded fake adsUsers were warned about a cyberattack posing as Google Authenticator, leading to personal data theft.
$75 Million Record-Breaking Ransom Paid To Cybercriminals, Say ResearchersThe largest known ransom payment of US $75 million was made by a Fortune 50 company to the Dark Angels ransomware group.
1,000 Apps Used in Malicious Campaign Targeting Android Users in IndiaA malicious campaign named FatBoyPanel is extensively targeting Android users in India using over 1,000 apps to steal personal and banking information.
Nightclub bouncer jailed over plot to blackmail Michael SchumacherA bouncer involved in a blackmail scheme against Michael Schumacher was sentenced to three years in prison for conspiracy.
Clop ransomware gang claims responsibility for Cleo attacksClop ransomware gang exploits vulnerabilities in Cleo file transfer software to steal data from organizations.
Rydox Cybercrime Marketplace Shut Down and Three Administrators ArrestedThe Justice Department has seized the Rydox website and arrested its administrators for selling stolen personal information and cybercrime tools.
Latvian Hacker Extradited to U.S. for Role in Karakurt Cybercrime GroupDeniss Zolotarjovs has been indicted in the U.S. for cybercrimes including data theft, extortion, and money laundering since August 2021.
Meow ransomware sees surge of activity post-overhaulMeow ransomware has shifted from file encryption to pure data theft, becoming highly active in global cybercrime.
FCC staff targeted in phishing attack that cloned agency login siteThe FCC was targeted in a phishing operation using a fake login page.The phishing kit named CryptoChameleon targeted cryptocurrency exchange platforms and successfully collected sensitive information.
Brazilian police claim they've cuffed the USDoD cybercrookBrazilian police arrest a suspected hacker linked to high-profile data thefts, including attacks on the FBI and Airbus.
Europol confirms incident after data breach claimsEuropol is investigating a cybercriminal's claims of stealing data; Europol Platform for Experts affected but no core systems compromised.
Rydox Cybercrime Marketplace Shut Down and Three Administrators ArrestedThe Justice Department has seized the Rydox website and arrested its administrators for selling stolen personal information and cybercrime tools.
Latvian Hacker Extradited to U.S. for Role in Karakurt Cybercrime GroupDeniss Zolotarjovs has been indicted in the U.S. for cybercrimes including data theft, extortion, and money laundering since August 2021.
Meow ransomware sees surge of activity post-overhaulMeow ransomware has shifted from file encryption to pure data theft, becoming highly active in global cybercrime.
FCC staff targeted in phishing attack that cloned agency login siteThe FCC was targeted in a phishing operation using a fake login page.The phishing kit named CryptoChameleon targeted cryptocurrency exchange platforms and successfully collected sensitive information.
Brazilian police claim they've cuffed the USDoD cybercrookBrazilian police arrest a suspected hacker linked to high-profile data thefts, including attacks on the FBI and Airbus.
Europol confirms incident after data breach claimsEuropol is investigating a cybercriminal's claims of stealing data; Europol Platform for Experts affected but no core systems compromised.
SK hynix chip engineer gets 1.5 years in prison on IP theftA former SK hynix employee was sentenced to 18 months for stealing semiconductor technology, raising concerns about corporate espionage and data protection.
In: Former employees booked for stealing company data and sharing with competitorTwo ex-employees of Baccarose Perfume allegedly stole and shared confidential company data with a competitor.
SK hynix chip engineer gets 1.5 years in prison on IP theftA former SK hynix employee was sentenced to 18 months for stealing semiconductor technology, raising concerns about corporate espionage and data protection.
In: Former employees booked for stealing company data and sharing with competitorTwo ex-employees of Baccarose Perfume allegedly stole and shared confidential company data with a competitor.
Hazem Altal: Unraveling the Web of Fraud at a Turkish Hair Clinic - Social Media ExplorerA scandal in Istanbul exposes extensive medical fraud involving data theft and unauthorized practices by former clinic manager Hazem Altal.
Google Cloud Document AI flaw (still) allows data theftThe Google Cloud Document AI service has a serious vulnerability that remains unaddressed, enabling potential data theft from Cloud Storage.
1Password vulnerability lets attackers steal Vault itemsMac users with versions before 8.10.36 of 1Password are vulnerable to a bug allowing theft of vault items.
Google Cloud Document AI flaw (still) allows data theftThe Google Cloud Document AI service has a serious vulnerability that remains unaddressed, enabling potential data theft from Cloud Storage.
1Password vulnerability lets attackers steal Vault itemsMac users with versions before 8.10.36 of 1Password are vulnerable to a bug allowing theft of vault items.
New Malware Hits 300,000 Users with Rogue Chrome and Edge ExtensionsMalware campaign installs rogue extensions via trojan masquerading as popular software.Trojan malware distributes adware to sophisticated malicious scripts targeting private data theft.Extensions can't be disabled by users and newer scripts disable browser updates, affecting at least 300,000 Chrome and Edge users.
GitHub struggles to keep up with automated malicious forksMalware campaign started in PyPI spread to GitHub infecting 100,000 repositories.Attackers upload altered files to GitHub, cloning legitimate repos to spread malware loaders.
New Malware Hits 300,000 Users with Rogue Chrome and Edge ExtensionsMalware campaign installs rogue extensions via trojan masquerading as popular software.Trojan malware distributes adware to sophisticated malicious scripts targeting private data theft.Extensions can't be disabled by users and newer scripts disable browser updates, affecting at least 300,000 Chrome and Edge users.
GitHub struggles to keep up with automated malicious forksMalware campaign started in PyPI spread to GitHub infecting 100,000 repositories.Attackers upload altered files to GitHub, cloning legitimate repos to spread malware loaders.
Roundcube Webmail Flaws Allow Hackers to Steal Emails and PasswordsSecurity flaws in Roundcube webmail could allow theft of sensitive information through malicious JavaScript.
Facebook ads for this fake AI image editor were just an excuse to infect your PC with malwareAttackers exploit AI image editing tool popularity to distribute malware through fake applications on social media, stealing credentials and data for sale on the dark web.
Facebook Ads Lead to Fake Websites Stealing Credit Card InformationFacebook users targeted by ERIAKOS scam e-commerce network, employing fake websites for data theft.
New Nork-y cyberespionage outfit uncovered after three yearsA new cybercrime group named LilacSquid has been active for three years, targeting organizations in the US, Europe, and Asia with espionage-focused attacks.
Hackers are threatening to publish a huge stolen sanctions and financial crimes watchlist | TechCrunchThe stolen World-Check database contains 5.3 million records
185K people's data stolen in Cherry Health ransomware raidRansomware attack on US healthcare organization compromised sensitive data of nearly 185,000 individuals.
PyPI suspends registrations amid malware attackPyPI has suspended new project creation due to a malware upload campaign.Attackers are using typosquatting to distribute malicious Python packages for data theft.
Ransomware gang leaks data stolen from Scottish NHS board | Computer WeeklyInc Ransom claimed to have stolen three terabytes of data from NHS Scotland, including sensitive medical reports and patient letters.NHS Dumfries and Galloway acknowledged a cyber attack, with a small data dump disclosed and ongoing efforts to limit any data sharing.
Fired Wolves employee given supervised releaseAn ex-employee of the Minnesota Timberwolves was arrested for stealing sensitive internal information.The stolen data included strategic NBA information and the executive's personal details.
Wolves employee fired, arrested for alleged theftAn employee of the Minnesota Timberwolves was fired, arrested, and charged with felony third-degree burglary for stealing strategic NBA information.The Timberwolves executive, Sachin Gupta, had his personal and team-related information stolen from a hard drive left in his office.
Fired Wolves employee given supervised releaseAn ex-employee of the Minnesota Timberwolves was arrested for stealing sensitive internal information.The stolen data included strategic NBA information and the executive's personal details.
Wolves employee fired, arrested for alleged theftAn employee of the Minnesota Timberwolves was fired, arrested, and charged with felony third-degree burglary for stealing strategic NBA information.The Timberwolves executive, Sachin Gupta, had his personal and team-related information stolen from a hard drive left in his office.
Change Healthcare's data protection under US investigationChange Healthcare under investigation for alleged data theft by ALPHV ransomware groupUS HHS launching formal inquiry into Change Healthcare's data protection practices
Vastaamo victims' lawyer: Some took their own lives after patient record leakPatient records from Vastaamo used in extortion led to suicides.Trial of Aleksanteri Kivimäki nearing conclusion in data theft case.
Here Come the AI WormsAI worms can now spread between generative AI agents, potentially causing data theft and malware deployment.As generative AI systems become more autonomous, the risk of new cyberattacks increases.
Pharmaceutical giant Cencora says data was stolen in a cyberattackCencora, previously AmerisourceBergen, faced a cyberattack involving data theft.The company contained the incident, is cooperating with authorities, but impact on finances is undetermined.