Tag: theft
-
Cybercrime Groups ShinyHunters, Scattered Spider Join Forces in Extortion Attacks on Businesses
Tags: attack, credentials, cybercrime, data, extortion, finance, group, service, tactics, technology, theftAn ongoing data extortion campaign targeting Salesforce customers may soon turn its attention to financial services and technology service providers, as ShinyHunters and Scattered Spider appear to be working hand in hand, new findings show.”This latest wave of ShinyHunters-attributed attacks reveals a dramatic shift in tactics, moving beyond the group’s previous credential theft and database…
-
Hyundai: Want cyber-secure car locks? That’ll be £49, please
Automaker’s answer to spate of car thefts is to charge customers for extra First seen on theregister.com Jump to article: www.theregister.com/2025/08/12/hyundai_want_secure_locks_on/
-
Hyundai: Want cyber-secure car locks? That’ll be £49, please
Automaker’s answer to spate of car thefts is to charge customers for extra First seen on theregister.com Jump to article: www.theregister.com/2025/08/12/hyundai_want_secure_locks_on/
-
Pediatric Practice, IT Vendor Settle $5.15M Breach Suit
At Least 918K Affected in 2024 BianLian Data Theft Attack. A New York-based pediatric practice and its managed services vendor have agreed to pay $5.15 million to settle a proposed class action lawsuit stemming from a 2024 data theft attack affecting more than 918,000 people and allegedly carried out by cybercrime gang BianLian. First seen…
-
Romance scam suspects extradited from Ghana, charged with more than $100 million in thefts
Three Ghanaian men face charges in the U.S. related to a multimillion-dollar operation that defrauded individuals online and ran business email compromise scams. First seen on therecord.media Jump to article: therecord.media/ghana-romance-scams-bec-suspects-extradited-us
-
How ShinyHunters Hacking Group Stole Customer Data from Salesforce
Hackers posed as Salesforce IT staff, using vishing to trick employees into installing malicious software for data theft and extortion. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-salesforce-vishing-attack-shinyhunters/
-
Research shows AI agents are highly vulnerable to hijacking attacks
Experts from Zenity Labs demonstrated how attackers could exploit widely deployed AI technologies for data theft and manipulation. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/research-shows-ai-agents-are-highly-vulnerable-to-hijacking-attacks/757319/
-
âš¡ Weekly Recap: BadCam Attack, WinRAR 0-Day, EDR Killer, NVIDIA Flaws, Ransomware Attacks & More
This week, cyber attackers are moving quickly, and businesses need to stay alert. They’re finding new weaknesses in popular software and coming up with clever ways to get around security. Even one unpatched flaw could let attackers in, leading to data theft or even taking control of your systems. The clock is ticking”, if defenses…
-
‘Chairmen’ of $100 million scam operation extradited to US
The U.S. Department of Justice charged four Ghanaian nationals for their roles in a massive fraud ring linked to the theft of over $100 million in romance scams and business email compromise attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-charges-ghanaians-linked-to-theft-of-100-million-in-romance-scams-bec-attacks/
-
Nigerian man extradited from France to US over hacking and fraud allegations
A Nigerian man has been extradited from France to face hacking, identity theft, and fraud charges in the… First seen on hackread.com Jump to article: hackread.com/nigerian-extradited-france-us-hacking-fraud-allegations/
-
Insurance Firm Notifies 156K Victims – 1 Year After the Hack
What Makes Timely and Accurate Breach Reporting So Difficult for Some Organizations?. An Illinois-based brokerage firm that works with employers, businesses and consumers to obtain various types of insurance coverage is notifying nearly 156,000 people that their protected health information was compromised in a data theft hack that occurred more than a year ago. Why…
-
Typosquatted PyPI Packages Used by Threat Actors to Steal Cryptocurrency from Bittensor Wallets
GitLab’s Vulnerability Research team has uncovered a highly sophisticated cryptocurrency theft campaign exploiting typosquatted Python packages on the Python Package Index (PyPI) to target the Bittensor decentralized AI network. The operation, detected through GitLab’s automated package monitoring system, involved the deployment of malicious packages mimicking legitimate Bittensor components, specifically designed to siphon funds from developers…
-
Still Dangerous After All These Years
Ransomware isn’t dying, it’s evolving, swapping encryption for aggressive extortion as attacks and data theft hit record highs. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/ransomware-still-dangerous-after-all-these-years/
-
Cryptohack Roundup: Verdict in Tornado Cash Founder’s Case
Also: Samourai Wallet Co-Founders’ Guilty Plea, Coinbase Loss From Data Theft. This week, Tornado Cash co-founder convicted, Samourai Wallet guilty plea, Coinbase insider data theft, a U.S. court overturned an OpenSea executive’s fraud conviction, AI-written malware stole crypto, Credix exploit, CZ sought dismissal of FTX claim, July hacks and a FinCEN crypto ATM warning. First…
-
Hacker Extradited to U.S. for $2.5 Million Tax Fraud Scheme
Chukwuemeka Victor Amachukwu, also known as Chukwuemeka Victor Eletuo and So Kwan Leung, was extradited from France to the United States to face charges related to sophisticated hacking, wire fraud, and aggravated identity theft operations. The 39-year-old Nigerian national was presented before U.S. Magistrate Judge Robert W. Lehrburger in the Southern District of New York,…
-
Google Among Victims in Ongoing Salesforce Data Theft Campaign
Google confirms it was among the victims of an ongoing data theft campaign targeting Salesforce instances, where publicly available business names and contact details were retrieved by the threat actor First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/google-salesforce-data-theft/
-
‘We too were breached,’ says Google, months after revealing Salesforce attacks
Attackers may have claimed a Google breach, too: GTIG had also disclosed extortion activities related to UNC6040 intrusions, sometimes carried out several months after the initial data theft, by another threat group, UNC6240, which identified themselves as the notorious BreachForums admin ‘ShinyHunters’.At the time, the GTIG team had presumed the claim to be a stunt…
-
Dialysis Firm Attack Affects 1 Million, Costs $13.5M to Date
Interlock Claims to Have 1.5TB of DaVita’s Data as Expenses Mount. DaVita Inc., one of the largest kidney dialysis providers in the world, told regulators that an April cyberattack has cost the company $13.5 million so far and has affected more than one million people in the U.S., and counting. Interlock says it’s behind the…
-
Researchers Uncover ECScape Flaw in Amazon ECS Enabling Cross-Task Credential Theft
Cybersecurity researchers have demonstrated an “end-to-end privilege escalation chain” in Amazon Elastic Container Service (ECS) that could be exploited by an attacker to conduct lateral movement, access sensitive data, and seize control of the cloud environment.The attack technique has been codenamed ECScape by Sweet Security researcher Naor Haziz, who presented the findings today at the…
-
Hacker extradited to US for stealing $3.3 million from taxpayers
Nigerian national Chukwuemeka Victor Amachukwu has been extradited from France to the U.S. to face charges of hacking, fraud, and identity theft for suspected spearphishing attacks on U.S. tax preparation businesses. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hacker-extradited-to-us-for-stealing-33-million-from-taxpayers/
-
5 Things To Know On Salesforce Data Theft Attacks
A wave of data-theft attacks against Salesforce CRM customers have now compromised Google in addition to numerous other major companies. First seen on crn.com Jump to article: www.crn.com/news/security/2025/5-things-to-know-on-salesforce-data-theft-attacks
-
US Authorities Extradite Nigerian Man Accused of Hacking and Fraud
A Nigerian man accused of hacking, fraud and identity theft has been extradited from France to the US to face charges First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/us-authorities-extradite-nigerian/
-
APT36 Targets Indian Government: Credential Theft Campaign Uncovered
A sophisticated phishing campaign attributed with medium confidence to the Pakistan-linked APT36 group, also known as Transparent Tribe or Mythic Leopard, has been uncovered targeting Indian defense organizations and government entities. This operation employs typo-squatted domains that mimic official Indian government platforms, such as mail.mgovcloud.in and virtualeoffice.cloud, to deceive users into surrendering credentials. The campaign…
-
North Korean Hackers Exploit NPM Packages to Steal Cryptocurrency and Sensitive Data
Veracode Threat Research has uncovered a sophisticated North Korean cryptocurrency theft operation that continues to evolve, building on campaigns previously reported in February and June 2024. This latest iteration involves twelve malicious NPM packages, including cloud-binary, json-cookie-csv, cloudmedia, and nodemailer-enhancer, which were flagged by automated monitoring systems and subsequently removed from the NPM registry. The…
-
Fashion giant Chanel hit in wave of Salesforce data theft attacks
French fashion giant Chanel is the latest company to suffer a data breach in an ongoing wave of Salesforce data theft attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fashion-giant-chanel-hit-in-wave-of-salesforce-data-theft-attacks/
-
Nvidia Patches Critical RCE Vulnerability Chain
The flaws in the company’s Triton Inference Server enables model theft, data leaks, and response manipulation. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/nvidia-patches-critical-rce-vulnerability-chain
-
Biggest-Ever Bitcoin Hack Uncovered: $3.5B Stolen in Silent Breach
A massive cryptocurrency theft that remained hidden for over four years has been uncovered, revealing what may be the largest Bitcoin hack in history. LuBian, once one of the world’s most prominent Bitcoin mining pools, lost approximately $3.5 billion in a sophisticated attack that went largely undetected since December 2020. The breach began on December…