Handala Hacking Group Claims Breach of California Water Service
The Handala hacking group claims it has targeted California Water Service, leaking 5GB of customer database and GPS network files in its latest infrastructure attack.
cyber crime
Supply Chain Attack Hits Popular WordPress Plugins Through Awesome Motive CDN
Attackers compromised Awesome Motive CDN files, backdooring WordPress sites running OptinMonster, TrustPulse, and PushEngage. Sansec researchers discovered an active supply chain attack hitting WordPress sites running OptinMonster, TrustPulse, and PushEngage, three plugins operated by Awesome Motive, one of the largest WordPress plugin companies in the world. The malicious JavaScript wasn’t sitting on any victim’s server. […]
Extradited Ukrainian Man Admits Role in Conti Ransomware Attacks
Ukrainian national Oleksii Lytvynenko has pleaded guilty in the US to wire fraud conspiracy linked to Conti ransomware, which hit more than 1,000 victims and generated at least $150 million in ransom payments.
ShinyHunters Target Universities in Oracle PeopleSoft Zero-Day Attack
Google says ShinyHunters exploited Oracle PeopleSoft zero-day to steal data from 100+ organisations, with universities making up most victims.
Oracle PeopleSoft RCE Flaw Used as Zero-Day in Ongoing ShinyHunters Campaign
ShinyHunters exploited a critical Oracle PeopleSoft zero-day to breach over 100 organizations, mostly universities, before a patch was available. Mandiant and Google’s Threat Intelligence Group published an analysis of an active ShinyHunters campaign on June 11, one day after Oracle finally issued an advisory for the vulnerability being exploited. The gap matters: the activity ran […]
Feds Seize AudiA6 and Dark2Web in $389M Crypto Laundering Case
Feds seized AudiA6 and Dark2Web in a major crypto laundering case, arresting two suspects linked to over $389M in alleged illicit transactions.
ShinyHunters Leak 40GB of University of Nottingham Student Data
ShinyHunters hackers leak 40GB of University of Nottingham personal and financial data, allegedly impacting 450,000 students and staff records.
Decade-Long SniperDz Phishing Network Disrupted in Operation Ramz
Group-IB, INTERPOL and Algerian Police dismantle decade-old SniperDZ phishing network used to steal credentials, with its alleged developer arrested.
FBI Seizes China-Linked Fake Consulting Sites Targeting US Clearance Holders
The Justice Department and FBI seized 13 fake consulting websites that officials say targeted US clearance holders with paid research work designed to obtain sensitive government information.
Scammers Use TikTok and Instagram Reels to Spread Vidar Infostealer
ReversingLabs reveals how hackers exploit social media engagement metrics to deliver Vidar infostealer malware to thousands of unsuspecting users.