19 Jul, 2026

New OkoBot framework deploys 20 payloads to steal data, crypto

A new malicious framework called OkoBot is delivering more than 20 payloads in attacks focused on stealing cryptocurrency wallet seed phrases, credentials, and other sensitive data. OkoBot reaches victims through ClickFix attacks or malicious GitHub repositories pretending to host legitimate software tools. In one case, a repository claimed to offer SQL Server Management Studio (SSMS) but dropped a trojanized […]

3 mins read

23andMe to pay $18 million in new genetics data breach settlement

Genetic testing company 23andMe (now Chrome Holding Co.) has agreed to pay $18 million to settle claims from a coalition of 43 attorneys general that it failed to protect customers’ genetic data. 23andMe disclosed a massive data breach in October 2023, following credential-stuffing attacks that went unnoticed for five months, from April 2023 to September 2023. During […]

3 mins read

Scattered Spider members behind TfL hack get five years in prison

Two leading members of the Scattered Spider cybercrime collective were sentenced to five years and six months in prison each for hacking Transport for London (TfL) in 2024. On September 2, 2024, TfL (which provides transportation services to more than 8.4 million Londoners) disclosed that its network was breached in August 2024, with the attack disrupting internal systems and […]

2 mins read

Windows 11 24H2 Home and Pro reach end of support in 90 days

Microsoft announced on Wednesday that systems running Windows 10 Enterprise LTSB 2016 and Home and Pro editions of Windows 11 24H2 will stop receiving updates in three months. However, as the company explains on its support website, Enterprise and Education editions will remain under mainstream support until October 12, 2027. “On October 13, 2026, Windows 11, version […]

2 mins read

CISA orders feds to patch actively exploited Oracle flaw by Saturday

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to secure their systems by Saturday against ongoing attacks exploiting a critical vulnerability in the Oracle E-Business Suite (EBS) financial application. Discovered in the File Transmission component of EBS’s Oracle Payments product and tracked as CVE-2026-46817, this security flaw allows unauthenticated threat actors with […]

3 mins read

Russian hackers trojanize WebEx, Zoom apps to push Starland malware

A financially motivated Russian threat actor tracked as UAT-11795 is using trojanized software to steal credentials and cryptocurrency by deploying a new backdoor called Starland RAT. Attacks have been occurring since at least June 2025 and have focused on users in the U.S., although victims in Germany, Romania, and Venezuela have been observed as well. […]

2 mins read

New Spirals ransomware encrypts victim network in under 24 hours

A new ransomware actor called Spirals completed a corporate intrusion, from initial access to data theft and encryption, in less than 24 hours. The attack occurred in June and breached an IT services firm in South Asia after compromising an Internet Information Services (IIS) server exposed on the public web. Researchers at Symantec’s Threat Hunter […]

2 mins read

Dutch police bust investment fraud ring stealing over €100 million

The Dutch Police announced the arrest of multiple individuals suspected of being part of an international investment fraud scheme estimated to have tens of thousands of victims. The group is believed to have operated 20 call centers, with more than 700 people posing as financial advisers. Authorities estimate that the criminal organization at one point […]

2 mins read

Google Gemini CLI abused as a hacking agent, malware botnet operator

A Russian-speaking threat actor known as “bandcampro” used Google’s open-source Gemini CLI AI tool as a hacking agent and to operate a small-scale botnet. The AI agent responded to the attacker’s prompts, troubleshooting problems on the fly and even proposing operational improvements at least 59 times. In more than 200 sessions between May 19 and […]

3 mins read