united states
Hackers switch to targeting U.S. insurance companies
Threat intelligence researchers are warning of hackers breaching multiple U.S. companies in the insurance industry using all the tactics observed with Scattered Spider activity. Typically, the threat group has a sector-by-sector focus. Previously, they targeted retail organizations in the United Kingdom and then switched to targets in the same sector in the United States. “Google […]
Grocery wholesale giant United Natural Foods hit by cyberattack
United Natural Foods (UNFI), North America’s largest publicly traded wholesale distributor, was forced to shut down some systems following a recent cyberattack. The Rhode Island-based company operates 53 distribution centers and delivers fresh and frozen products to over 30,000 locations across the United States and Canada, including supermarket chains, e-commerce providers, natural product superstores, independent […]
US sanctions firm linked to cyber scams behind $200 million in losses
The U.S. Treasury Department has sanctioned Funnull Technology, a Philippines-based company that supports hundreds of thousands of malicious websites behind cyber scams linked to over $200 million in losses for Americans. Funnull facilitated virtual currency investment scams (also known as romance baiting and pig butchering) by buying IP addresses in bulk from various cloud service providers. The company […]
Iranian pleads guilty to RobbinHood ransomware attacks, faces 30 years
An Iranian national has pleaded guilty to participating in the Robbinhood ransomware operation, which was used to breach the networks, steal data, and encrypt devices of U.S. cities and organizations in an attempt to extort millions of dollars over a five-year span. According to a U.S. Department of Justice and an unsealed indictment, 39-year-old man named Sina Gholinejad, also known […]
US indicts leader of Qakbot botnet linked to ransomware attacks
The U.S. government has indicted Russian national Rustam Rafailevich Gallyamov, the leader of the Qakbot botnet malware operation that compromised over 700,000 computers and enabled ransomware attacks. As per court documents, Gallyamov started to develop Qakbot (also known as Qbot and Pinkslipbot) in 2008 and deployed it to create a network of thousands of infected […]
Chinese hackers breach US local governments using Cityworks zero-day
Chinese-speaking hackers have exploited a now-patched Trimble Cityworks zero-day to breach multiple local governing bodies across the United States. Trimble Cityworks is a Geographic Information System (GIS)-based asset management and work order management software primarily used by local governments, utilities, and public works organizations and designed to help infrastructure agencies and municipalities manage public assets, […]
FBI: US officials targeted in voice deepfake attacks since April
The FBI warned that cybercriminals using AI-generated audio deepfakes to target U.S. officials in voice phishing attacks that started in April. This warning is part of a public service announcement issued on Thursday that also provides mitigation measures to help the public spot and block attacks using audio deepfakes (also known as voice deepfakes). “Since April 2025, […]
Hackers behind UK retail attacks now targeting US companies
Google warned today that hackers using Scattered Spider tactics against retail chains in the United Kingdom have also started targeting retailers in the United States. “The US retail sector is currently being targeted in ransomware and extortion operations that we suspect are linked to UNC3944, also known as Scattered Spider,” John Hultquist, Chief Analyst at […]
Kosovo extradites BlackDB admin to face US cybercrime charges
A Kosovo national has been extradited to the United States to face charges of running an online cybercrime marketplace active since 2018. Kosovar authorities arrested the 33-year-old Liridon Masurica (also known as @blackdb) on December 14th, 2024, and he was extradited to the United States earlier this month, on May 9th. Masurica was detained following […]
Israel arrests new suspect behind Nomad Bridge $190M crypto hack
An American-Israeli national named Osei Morrell has been arrested in Israel for his alleged involvement in exploiting the Nomad bridge smart-contract in August 2022 that allowed hackers to siphon $190 million. Blockchain intelligence platform TRM Labs supplied key information to international law enforcement authorities, leading to the identification of Morrell, who is believed to have played a central role […]