Cybercrime

Nearly a year after attack, US medical scanning biz gets clear image of stolen patient data

No fraud monitoring and no apology after miscreants make off with medical, financial data

Cyber-crime07 Oct 2025 | 5

OpenAI bans suspected Chinese accounts using ChatGPT to plan surveillance

It also banned some suspected Russian accounts trying to create influence campaigns and malware

Cyber-crime07 Oct 2025 | 5

Microsoft blames Medusa ransomware affiliates for GoAnywhere exploits while Fortra keeps head buried

You can't find anything bad if you don't look, right?

Cybersecurity Month06 Oct 2025 | 1

Scattered Lapsus$ Hunters offering $10 in Bitcoin to 'endlessly harass' execs

Crime group claims to have already doled out $1K to those in it 'for money and for the love of the game'

Cybersecurity Month06 Oct 2025 | 20

Radiant Group won't touch kids' data now, but apparently hospitals are fair game

Ransomware crooks utterly fail to find moral compass

Cybersecurity Month06 Oct 2025 | 3

Jaguar Land Rover engines ready to roar again after weeks-long cyber stall

No confirmed date but workers expected to return in the coming days

Cyber-crime06 Oct 2025 | 14

'Retired' cybercrime group demands ransom not to leak 1B Salesforce records

CRM giant insists its platform wasn’t breached

Cybersecurity Month03 Oct 2025 | 4

Red Hat fesses up to GitLab breach after attackers brag of data theft

Open source giant admits intruders broke into dedicated consulting instance, but insists core products untouched

Cybersecurity Month03 Oct 2025 | 5

Oracle tells Clop-targeted EBS users to apply July patch, problem solved

Researchers suggest internet-facing portals are exposing 'thousands' of orgs

Cybersecurity Month03 Oct 2025 |

Criminals take Renault UK customer data for a joyride

Names, numbers, and reg plates exposed in latest auto industry cyber-shunt

Cybersecurity Month03 Oct 2025 | 22

Clop-linked crims shake down Oracle execs with data theft claims

Extortion emails name-drop Big Red's E-Business Suite, though Google and Mandiant yet to find proof of any breach

Cybersecurity Month02 Oct 2025 |

Cybercrims claim raid on 28,000 Red Hat repos, say they have sensitive customer files

570GB of data claimed to be stolen by the Crimson Collective

Cybersecurity Month02 Oct 2025 | 19

Schools are swotting up on security yet still flunk recovery when cyberattacks strike

Coursework 'gone forever' as 10% report critical damage

Cybersecurity Month01 Oct 2025 | 10

Fake North Korean IT workers sneaking into healthcare, finance, and AI

It's not just big tech anymore

Security30 Sep 2025 | 8

£5.5B Bitcoin fraudster pleads guilty after years on the run

Zhimin Qian recruited takeaway worker to launder funds through property overseas

Legal30 Sep 2025 | 7

Greg Kroah-Hartman explains the Cyber Resilience Act for open source developers

Opinion Impact? Nope, don't worry, be happy, says Linux veteran

Security30 Sep 2025 | 34

One line of malicious npm code led to massive Postmark email heist

MCP plus open source plus typosquatting equals trouble

Cyber-crime29 Sep 2025 | 7

Harrods blames its supplier after crims steal 430k customers’ data in fresh attack

Attackers make contact but negotiations fall on deaf ears

Cyber-crime29 Sep 2025 | 12

Hunt for RedNovember: Beijing hacked critical orgs in year-long snooping campaign

Not to be confused with all the other reports of Chinese intruders on US networks that came to light this week

Research27 Sep 2025 | 14

‘An attacker's playground:’ Crims exploit GoAnywhere perfect-10 bug

Researchers say tens of thousands of instances remain publicly reachable

Patches26 Sep 2025 | 3

North Korea's Lazarus Group shares its malware with IT work scammers

Keeping Pyongyang's coffers full

Cyber-crime25 Sep 2025 |

Callous crims break into preschool network, publish toddlers' data

Images of toddlers and home addresses leaked in reprehensible landmark attack

Cyber-crime25 Sep 2025 | 23

Empty shelves, empty coffers: Co-op pegs cyber hit at £80m

Supermarket says the hack that shut down systems and emptied shelves has turned profits into losses

Cyber-crime25 Sep 2025 | 25

New string of phishing attacks targets Python developers

If you recently got an email asking you to verify your credentials to a PyPI site, better change that password

Cyber-crime24 Sep 2025 | 3

Google warns China-linked spies lurking in 'numerous' enterprises

Mandiant CTO anticipates 'hearing about this campaign for the next one to two years'

Research24 Sep 2025 | 8

Cybercriminals cash out with casino giant's employee data

Attackers hit jackpot after targeting Boyd Gaming

Cyber-crime24 Sep 2025 | 3

Kaspersky: RevengeHotels checks back in with AI-coded malware

Old hotel scam gets an AI facelift, leaving travellers’ card details even more at risk

Research23 Sep 2025 | 2

Workers fear for their jobs as JLR's latest shutdown extended

With no idea when engines restart, families gear down on spending ahead of Christmas

Cyber-crime23 Sep 2025 | 31

Suspected Iran-backed attackers targeting European aerospace sector with novel malware

Instead of job offers, victims get MiniJunk backdoor and MiniBrowse stealer

Cyber-crime23 Sep 2025 | 9

UK chancellor Putin the blame on Russia for cyber chaos, but evidence says otherwise

Reeves points finger at Moscow in interview when authorities reckon it's local lads

Cyber-crime23 Sep 2025 | 88

Cops cuff another teen over alleged Scattered Spider attack that broke Vegas casinos

Not old enough to drink, old enough to be accused of causing millions in damage

Cyber-crime22 Sep 2025 | 3

Car giant Stellantis says customer data nicked after partner vendor pwned

Automaker insists only names and emails exposed, no financials

Cyber-crime22 Sep 2025 | 11

Ivanti EPMM holes let miscreants plant shady listeners, CISA says

Unnamed org compromised with two malware sets

Cyber-crime19 Sep 2025 |

Alleged Scattered Spider teen cuffed after extortion Bitcoin used to buy games, meals

Feds say gift card splurges tied suspect to multimillion-dollar ransomware crew

Cyber-crime19 Sep 2025 | 50

Crims bust through SonicWall to grab sensitive config data

Vendor pulls plug on cloud backup feature, urges admins to reset passwords and re-secure devices

Cyber-crime18 Sep 2025 | 6

Cybercriminals pwn 850k+ Americans' healthcare data

Three US medical centers fess up to serious breaches

Cyber-crime18 Sep 2025 | 10

Two Scattered Spider teens charged over attack on London’s transport network

Decisive action comes nearly a year after the attack and first arrest took place

Cyber-crime18 Sep 2025 | 14

Scattered Spider gang feigns retirement, breaks into bank instead

You didn't really trust the crims to keep their word, did you?

Cyber-crime17 Sep 2025 | 5

BreachForums kingpin goes from walk-free deal to 3-year stretch

Prosecutors say Conor Fitzpatrick's crimes caused 'incalculable' damage

Cyber-crime17 Sep 2025 | 4

UK telco Colt’s recovery from August cyberattack pushes into November

Pentesters confirm key system is safe but core products remain unavailable

Cyber-crime17 Sep 2025 | 3

Microsoft blocks bait for ‘fastest-growing’ 365 phish kit, seizes 338 domains

Redmond names alleged ringleader, claims 5K+ creds stolen and $100k pocketed

Cyber-crime16 Sep 2025 | 5

Criminals broke into the system Google uses to share info with cops

Talk about an inside job

Cyber-crime16 Sep 2025 | 11

FileFix attacks use fake Facebook security alerts to trick victims into running infostealers

Tech evolved from PoC to global campaign in under two months

Security16 Sep 2025 | 6

JLR stuck in neutral as losses skyrocket amid cyberattack cleanup

Latest extension to factory closures takes incident response into fourth week

Cyber-crime16 Sep 2025 | 59

China slaps 1-hour deadline on reporting serious cyber incidents

Cyberspace watchdog tightens reporting regime, leaving little time to hide incidents

Cybersecurity Month16 Sep 2025 | 16

Careless engineer stored recovery codes in plaintext, got whole org pwned

Cautionary tale from the recent SonicWall attacks

Cyber-crime15 Sep 2025 | 40

Former FinWise employee may have accessed nearly 700K customer records

Bank says incident went undetected for over a year before discovery in June

Cyber-crime15 Sep 2025 | 4

Nork snoops whip up fake South Korean military ID with help from ChatGPT

Kimsuky gang proves that with the right wording, you can turn generative AI into a counterfeit factory

AI + ML15 Sep 2025 | 9

Cyber-scam camp operators shift operations to vulnerable countries as sanctions strike

Asia in Brief PLUS: Japan woos Micron, again; China launches chip dumping probe; Mitsubishi expands opsec empire; and more!

Cyber-crime15 Sep 2025 |

Samsung fixes Android 0-day that may have been used to spy on WhatsApp messages

A similar vuln on Apple devices was used against 'specific targeted users'

Patches12 Sep 2025 | 7

Hack to school: Parents told to keep their little script kiddies in line

UK data watchdog says students behind most education cyberattacks

Cyber-crime12 Sep 2025 | 54

Hijacker helper VoidProxy boosts Google, Microsoft accounts on demand

Okta uncovers new phishing-as-a-service operation with 'multiple entities' falling victim

Cyber-crime11 Sep 2025 | 1

AI-powered penetration tool, an attacker's dream, downloaded 10K times in 2 months

Shady, China-based company, all the apps needed for a fully automated attack - sounds totally legit

Research11 Sep 2025 |

Akira ransomware crims abusing trifecta of SonicWall security holes for extortion attacks

Patch, turn on MFA, and restrict access to trusted networks…or else

Cyber-crime10 Sep 2025 |

Apple slips up on ChillyHell macOS malware, lets it past security . . . for 4 years

'We do believe that this was likely the creation of a cybercrime group,' threat hunter tells The Reg

Research10 Sep 2025 | 15

Jaguar Land Rover U-turns to confirm 'some data' affected after cyber prang

Systems offline as specialists continue to comb through wreckage

Cyber-crime10 Sep 2025 | 29