Cyber-crime News • The Register

Cyber-crime

FBI is investigating breach that may have hit its wiretapping tools

Infosec In Brief PLUS: Europol takes down two crime gangs; LastPass users phished (again); Crooks increase crypto hauls; And more

Security08 Mar 2026 | 4

Spyware disguised as emergency-alert app sent to Israeli smartphones

Steals SMS messages, location data, contacts … and delivers it to Hamas-linked crew

Cyber-crime06 Mar 2026 | 25

Cisco warns of two more SD-WAN bugs under active attack

Switchzilla says flaws could allow file overwrites or privilege escalation

Cyber-crime06 Mar 2026 | 4

Microsoft spots ClickFix campaign getting users to self-pwn on Windows Terminal

Crooks tweak familiar copy-paste ruse so that victims run malicious commands themselves

Cyber-crime06 Mar 2026 | 3

Transport for London says 2024 breach affected 7M customers, not 5,000

Attackers accessed systems holding data tied to millions of Oyster and contactless users

Cyber-crime06 Mar 2026 | 12

Iran intelligence backdoored US bank, airport, software outfit networks

MOIS-linked MuddyWater crew has a new, custom implant

Cyber-crime05 Mar 2026 | 18

'Hundreds' of Iranian hacking attempts have hit surveillance cameras since the missile strikes

Attack infrastructure attributed to 'several Iran-nexus threat actors'

Cyber-crime04 Mar 2026 | 33

Malware-laced OpenClaw installers get Bing AI search boost

Think before you download

Cyber-crime04 Mar 2026 | 6

LexisNexis confirms data breach at Legal & Professional arm, some customer records affected

Crooks claim 2 GB haul from AWS instance via React2Shell exploit

Cyber-crime04 Mar 2026 | 8

Kaspersky dismisses claims Coruna iPhone exploit kit is connected to NSA-linked operation

Follows suggestions iPhone-pwning toolset bears hallmarks of zero-days that targeted Russian diplomats

Security04 Mar 2026 | 8

Dev stunned by $82K Gemini bill after unknown API key thief goes to town

Probably not an isolated incident only as researchers have already found 2,863 live API keys exposed

Security03 Mar 2026 | 44

Turns out most cybercriminals are old enough to know better

Law enforcement data shows profit-driven cybercrime is dominated by 35- to 44-year-olds, not script kiddies

Cyber-crime03 Mar 2026 | 15

Cybercriminals swipe 15.8M medical records from French doctors ministry

Third-party software supplier breached leading to leak of notes

Cyber-crime03 Mar 2026 | 4

Phish of the day: Microsoft OAuth scams abuse redirects for malware delivery

Crims hope for payday from malicious payloads rather than stealing access tokens

Security03 Mar 2026 | 3

Iran's cyberwar has begun

'Expect elevated activity for the foreseeable future'

Cyber-crime02 Mar 2026 | 14

UK businesses told to brace cyber defenses amid Iran conflict risk

NCSC urges all to review posture as escalating tensions increase risk of indirect digital spillover

Cyber-crime02 Mar 2026 | 5

Scammers try to SIM-swap Dubai citizens hours after Iranian missile strikes

Vulnerable citizens targeted by criminals purporting to represent fake police crisis department

Cyber-crime02 Mar 2026 | 6

South Korea’s tax office apologizes for leaking seed phrase to seized crypto

Went from triumph at having busted tax dodgers to embarrassment at losing the proceeds

Cyber-crime02 Mar 2026 | 5

Double whammy: Steaelite RAT bundles data theft, ransomware in one evil tool

Credential and cryptocurrency theft, live surveillance, ransomware - an attacker's Swiss Army knife

Cyber-crime27 Feb 2026 |

Suspected Nork digital intruders caught breaking into US healthcare, education orgs

Who is knocking at the Dohdoor?

Cyber-crime27 Feb 2026 | 3

Popular

Unpacking the deceptively simple science of tokenomics

feature Inference at scale is much more complex than more GPUs, more tokens, more profits

Bundle of human neurons hooked to silicon learns to stumble through Doom

What hath science wrought?

AI agents now help attackers, including North Korea, manage their drudge work

interview Crims 'will do what gets them their objective easiest and fastest,' Microsoft threat intel boss tells The Reg

FBI is investigating breach that may have hit its wiretapping tools

Infosec In Brief PLUS: Europol takes down two crime gangs; LastPass users phished (again); Crooks increase crypto hauls; And more

Iran is the first out-loud cyberwar the US has fought

Kettle Cyber is no longer the hush-hush thing it used to be, as team Trump invades Iran with hackers taking the lead

Beijing warns of more chip supply worries after Nexperia China claims it was cut off from SAP

PLUS: Indonesia joins kids social media ban; China frets about AI job impacts; India’s PC market fails to launch, again; And more

Bug that wiped customer data saved the day – and a contract

Who, Me? Ignorance really was the way to achieve bliss

NASA’s asteroid defence mission slowed targets by 1.7 inches per hour

You gotta start somewhere, and in this case astroboffins would have been nowhere without help from intrepid volunteers

Lenovo, Nintendo sue US government seeking tariff refunds

World War Fee Tech-adjacent Dyson, Epson, and Whoop also have a crack

Royal Navy races to arm ships against drone threat

Britain's Ministry of Defence wants a counter-drone system designed, contracted, and delivered within weeks

MORE
STORIES

Ransomware payments cratered in 2025, but attacks surged to record highs

Smaller crews piled in as old names splintered and rebranded

Research27 Feb 2026 | 5

French DIY etailer ManoMano admits customer data stolen

Updated Crooks claim they helped themselves to over 37M accounts during January hit on subcontractor

Cyber-crime27 Feb 2026 | 9

Cops back Dutch telco Odido after second wave of ShinyHunters leaks

Company refuses to pay ransom as attackers threaten larger daily dumps

Cyber-crime27 Feb 2026 | 6

Scattered Lapsus$ Hunters auditioning female voices to sharpen social engineering

Telegram posts promise up to $1,000 per call as gang refines IT helpdesk ruse

Cyber-crime26 Feb 2026 | 4

Google catches Beijing spies using Sheets to spread espionage across 4 continents

UNC2814 historically targets governments and telcos

Cyber-crime25 Feb 2026 | 8

Ex-L3Harris exec jailed 7 years for selling exploits to Russia

Former Trenchant manager profited millions from cyber tools reserved for the US

Cyber-crime25 Feb 2026 | 8

Wynn Resorts takes attacker's word for it that stolen staff data was deleted

Security pros question assurances as company offers staff credit monitoring

Cyber-crime25 Feb 2026 | 6

OpenAI says Chinese cops used ChatGPT to plan and track smear ops against opponents

Note to secret agents: ChatGPT is NOT a private diary

Cyber-crime25 Feb 2026 | 7

North Korea's Lazarus Group targets healthcare orgs with Medusa ransomware

New ransomware of choice, same critical targets

Cyber-crime24 Feb 2026 | 3

Korean cops charge teens over bike hire breach that exposed data on 4.62M riders

Public prosecutor mulls sentencing following investigations into two separate attacks

Cyber-crime24 Feb 2026 | 4

Suspected Anonymous members detained in Spain over post-flood DDoS blitz

Quartet accused of attacking public institutions, claiming the government was responsible for 2024 tragedy

Cyber-crime23 Feb 2026 | 3

AWS says more than 600 FortiGate firewalls hit in AI-augmented campaign

Off-the-shelf tools helped Russian-speaking cybercrime group run riot

Cyber-crime23 Feb 2026 | 6

Attacker gets into France's database listing all bank accounts, makes off with 1.2 million records

Infosec In Brief PLUS: Unpatched Ivanti boxes under attack; 0APT might not be a scam; AI gets better at helping cyber-scum; And more

Security22 Feb 2026 | 39

PayPal app code error leaked personal info and a 'few' unauthorized transactions

About 100 customers affected

Cyber-crime20 Feb 2026 | 15

ShinyHunters demands $1.5M not to leak Vegas casino and resort chain data

What happens in Vegas…

Cyber-crime20 Feb 2026 | 11

Ukrainian gets five years for helping North Koreans secure US tech jobs

Polish arrest leads to extradition and federal prison sentence

Cyber-crime20 Feb 2026 | 3

Crims create fake remote management vendor that actually sells a RAT

$300 a month buys you a backdoor that looks like legit software

Cyber-crime19 Feb 2026 | 13

Crims hit a $20M jackpot via malware-stuffed ATMs

FBI warns these cyber-physical attacks are on the rise

Cyber-crime19 Feb 2026 | 17

Adidas investigates third-party data breach after criminals claim they pwned the sportswear giant

'Potential data protection incident' at an 'independent licensing partner,' we're told

Cyber-crime18 Feb 2026 | 3

ShinyHunters claims it drove off with 1.7M CarGurus records

updated Latest in a rash of grab-and-leak data incidents

Cyber-crime18 Feb 2026 |

Fraudster hacked hotel system, paid 1 cent for luxury rooms, Spanish cops say

'First time we have detected a crime using this method,' cops say

Cyber-crime18 Feb 2026 | 19

Deutsche Bahn back on track after DDoS yanks the brakes

National rail bookings and timetables disrupted for nearly 24 hours

Cyber-crime18 Feb 2026 | 7

China-linked snoops have been exploiting Dell 0-day since mid-2024, using 'ghost NICs' to avoid detection

Full scale of infections remains 'unknown'

Cyber-crime18 Feb 2026 | 10

China remains embedded in US energy networks 'for the purpose of taking it down'

Plus 3 new goon squads targeted critical infrastructure last year

Cyber-crime17 Feb 2026 | 13

Polish cops nab 47-year-old man in Phobos ransomware raid

Police say seized kit contained logins, passwords, and server IP addresses

Cyber-crime17 Feb 2026 | 1

Canada Goose ruffles feathers over 600K record dump, says leak is old news

Fashion brand latest to succumb to ShinyHunters' tricks

Cyber-crime16 Feb 2026 | 7

Google patches Chrome zero-day as in-the-wild exploits surface

High-severity CSS flaw let malicious webpages run code inside the sandbox

Security16 Feb 2026 | 6

Infosec exec sold eight zero-day exploit kits to Russia, says DoJ

Infosec in Brief PLUS: Fake ransomware group exposed; EC blesses Google's big Wiz deal; Alleged sewage hacker cuffed; And more

Security15 Feb 2026 | 12

Top Dutch telco Odido admits 6.2M customers caught in contact system caper

Names, addresses, bank account numbers accessed – but biz insists passwords and call data untouched

Cyber-crime13 Feb 2026 | 7

Who's the bossware? Ransomware slingers like employee monitoring tools, too

As if snooping on your workers wasn't bad enough

Cyber-crime12 Feb 2026 | 12

Apple patches decade-old iOS zero-day, possibly exploited by commercial spyware

Flaw abused 'in an extremely sophisticated attack against specific targeted individuals'

Cyber-crime12 Feb 2026 | 31

Supply chain attacks now fuel a 'self-reinforcing' cybercrime economy

Researchers say breaches link identity abuse, SaaS compromise, and ransomware into a cascading cycle

Cyber-crime12 Feb 2026 | 2

Google: China's APT31 used Gemini to plan cyberattacks against US orgs

Meanwhile, IP-stealing 'distillation attacks' on the rise

Cyber-crime12 Feb 2026 | 10

Payroll pirates are conning help desks to steal workers' identities and redirect paychecks

Exclusive Attackers using social engineering to exploit business processes, rather than tunnelling in via tech

Cyber-crime11 Feb 2026 | 19

Singapore spent 11 months booting China-linked snoops out of telco networks

Operation Cyber Guardian involved 100-plus staff across government and industry

Cyber-crime10 Feb 2026 | 7

Nearly 17,000 Volvo staff dinged in supplier breach

HR outsourcer Conduent confirms intruders accessed benefits-related records tied to US personnel

Cyber-crime10 Feb 2026 | 9

Someone's attacking SolarWinds WHD to steal high‑privilege credentials - but we don't know who or how

So many CVEs, so little time

Cyber-crime09 Feb 2026 | 5

Dutch data watchdog snitches on itself after getting caught in Ivanti zero-day attacks

Staff data belonging to the regulator and judiciary's governing body accessed

Cyber-crime09 Feb 2026 | 1

European Commission probes intrusion into staff mobile management backend

Officials explore issue affecting infrastructure after CERT-EU detected suspicious activity

Cyber-crime09 Feb 2026 | 3

Flickr emails users about data breach, pins it on third party

Attackers may have snapped user locations and activity information, message warns

Cyber-crime06 Feb 2026 | 5

Substack says intruder lifted emails, phone numbers in months-old breach

Contact details were accessed in an intrusion that went undetected for months, the blogging outfit says

Cyber-crime05 Feb 2026 | 7

Asia-based government spies quietly broke into critical networks across 37 countries

And their toolkit includes a new, Linux kernel rootkit

Cyber-crime05 Feb 2026 | 17

Betterment breach may expose 1.4M users after social engineering attack

Breach-tracking site flags dataset following impersonation-based intrusion

Cyber-crime05 Feb 2026 | 2

Italy claims cyberattacks 'of Russian origin' are pelting Winter Olympics

Right on cue, petulant hacktivists attempt to disrupt yet another global sporting event

Cyber-crime05 Feb 2026 | 33

AWS intruder achieved admin access in under 10 minutes thanks to AI assist, researchers say

UPDATED LLMs automated most phases of the attack

Cyber-crime04 Feb 2026 | 31

Nitrogen ransomware is so broken even the crooks can't unlock your files

Gang walks away with nothing, victims are left with irreparable hypervisors

Cyber-crime04 Feb 2026 | 46

CISA updated ransomware intel on 59 bugs last year without telling defenders

GreyNoise's Glenn Thorpe counts the cost of missed opportunities

CSO03 Feb 2026 | 4

Polish cops bail 20-year-old bedroom botnet operator

DDoSer of 'strategically important' websites admitted to most charges

Cyber-crime03 Feb 2026 | 4

Notepad++ hijacking blamed on Chinese Lotus Blossom crew behind Chrysalis backdoor

The group targets telecoms, critical infrastructure - all the usual high-value orgs

Cyber-crime02 Feb 2026 | 15

Russia-linked APT28 attackers already abusing new Microsoft Office zero-day

Ukraine’s CERT says the bug went from disclosure to active exploitation in days

Cyber-crime02 Feb 2026 | 12

Notepad++ update service hijacked in targeted state-linked attack

Breach lingered for months before stronger signature checks shut the door

Cyber-crime02 Feb 2026 | 59

Infrastructure cyberattacks are suddenly in fashion. We can buck the trend

Opinion Don't be scared of the digital dark – learn how to keep the lights on

Cyber-crime02 Feb 2026 | 8

Thousands more Oregon residents learn their health data was stolen in TriZetto breach

Parent company Cognizant hit with multiple lawsuits

Cyber-crime30 Jan 2026 | 11

To stop crims, Google starts dismantling residential proxy network they use to hide

The Chocolate Factory strikes again, targeting the infrastructure attackers use to stay anonymous

Cyber-crime29 Jan 2026 | 18

ShinyHunters swipes right on 10M records in alleged dating app data grab

Extortion crew says it's found love in someone else's info as Match Group plays down the impact

Cyber-crime29 Jan 2026 | 1

Cyberattack on Poland's power grid could have turned deadly in winter cold

Close call after an apparently deliberate attempt to starve a country of energy at the worst time

Cyber-crime29 Jan 2026 | 8

Ransomware crims forced to take off-RAMP as FBI seizes forum

Cybercrime solved. The end

Cyber-crime28 Jan 2026 | 1

Everybody is WinRAR phishing, dropping RATs as fast as lightning

Russians, Chinese spies, run-of-the-mill crims …

Cyber-crime28 Jan 2026 | 27

Let them eat sourdough: ShinyHunters claims Panera Bread as stolen credentials victim

Plus, the gang says it got in via Microsoft Entra SSO

Cyber-crime27 Jan 2026 | 3

China-linked group accused of spying on phones of UK prime ministers' aides – for years

Reports say Salt Typhoon attackers accessed handsets of senior govt folk

Cyber-crime27 Jan 2026 | 31

Canva among ~100 targets of ShinyHunters Okta identity-theft campaign

Atlassian, RingCentral, ZoomInfo also among tech targets

Cyber-crime26 Jan 2026 | 3

Data thieves borrow Nike's 'Just Do It' mantra, claim they ran off with 1.4TB

US sports brand launches probe after extortion crew WorldLeaks claims it stole huge dataset

Cyber-crime26 Jan 2026 | 4

Moscow likely behind wiper attack on Poland’s power grid, experts say

Cyber sleuths believe Sandworm up to its old tricks with a brand-new sabotage toy

Cyber-crime26 Jan 2026 | 38

ShinyHunters claims Okta customer breaches, leaks data belonging to 3 orgs

'A lot more' victims to come, we're told

Cyber-crime23 Jan 2026 | 6

London boroughs limping back online months after cyberattack

Direct debits? Maybe February. Birth certificates? Dream on. Council tax bills? Oh, those are coming

Cyber-crime23 Jan 2026 | 12

Crims hit the easy button for Scattered-Spider style helpdesk scams

Teach a crook to phish…

Cyber-crime22 Jan 2026 |

Crims compromised energy firms' Microsoft accounts, sent 600 phishing emails

Logging in, not breaking in

Cyber-crime22 Jan 2026 | 2

FortiGate firewalls hit by silent SSO intrusions and config theft

Admins say attackers are still getting in despite recent patches

Cyber-crime22 Jan 2026 | 4

Don't click on the LastPass 'create backup' link - it's a scam

updated Phishing campaign tries to reel in master passwords

Cyber-crime21 Jan 2026 | 20

Everest ransomware gang said to be sitting on mountain of Under Armour data

Have I Been Pwned reckons 72.7M customer accounts affected, sportswear firm remains silent

Cyber-crime21 Jan 2026 | 6

For the price of Netflix, crooks can now rent AI to run cybercrime

Group-IB says crims forking out for Dark LLMs, deepfakes, and more at subscription prices

Research20 Jan 2026 | 4

Akamai CEO wants help to defeat piracy, reckons he can handle edge AI alone

Interview OG CDN boss says fighting illegal streams is about stopping criminals cashing in, not free speech

Legal20 Jan 2026 | 12

Broker who sold malware to the FBI set for sentencing

Feras Albashiti faces 10 years after $20,000 in sales to undercover agent exposed ransomware ties

Cyber-crime19 Jan 2026 | 11

Don't underestimate pro-Russia hacktivists, warns UK's cyber crew

They’re not the most sophisticated, but even simple attacks can lead to costly consequences

Cyber-crime19 Jan 2026 | 25

Ingram Micro admits summer ransomware raid exposed thousands of staff records

Maine filing confirms July attack affected 42,521 employees and job applicants

Cyber-crime19 Jan 2026 |

Warwickshire school to reopen after cyberattack crippled IT

Kids return to classrooms after safety infrastructure knocked out

Cyber-crime19 Jan 2026 | 45

German cops add Black Basta boss to EU most-wanted list

Ransomware kingpin who escaped Armenian custody is believed to be lying low back home

Cyber-crime16 Jan 2026 | 1

RondoDox botnet linked to large-scale exploit of critical HPE OneView bug

Check Point observes 40K+ attack attempts in 4 hours, with government organizations under fire

Cyber-crime16 Jan 2026 | 2

Chinese spies used Maduro's capture as a lure to phish US govt agencies

What's next for Venezuela? Click on the file and see

Cyber-crime15 Jan 2026 | 20

Microsoft taps UK courts to dismantle cybercrime host RedVDS

Redmond says cheap virtual desktops powered a global wave of phishing and fraud

Cyber-crime15 Jan 2026 | 4

The Register Biting the hand that feeds IT

About Us

Our Websites

Your Privacy

Situation Publishing

Copyright. All rights reserved © 1998–2025