The Federal Bureau of Investigation (FBI) is providing this Public Service Announcement (PSA) to warn of potential future impacts related to a cyber-attack that affected an online Learning Management System (LMS), resulting in an interruption of service to educational institutions and students across the country. The LMS platform is now fully operational.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Disrupted phishing service was after Microsoft 365 credentials
September 18, 2025
Microsoft and Cloudflare have disrupted a Phishing-as-a-Service operation, known as RaccoonO365. The primary goal of RaccoonO365 (or Storm-2246 as Microsoft calls it) was to rent out a phishing toolkit that specialized in stealing Microsoft 365 credentials. They were successful in at least 5,000 cases, spanning 94 countries since July 2024. The operation provided the cybercriminals’ customers ...
- Node Package Manager Supply Chain Attack
September 18, 2025
On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer. With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has ...
- UK: Two teenagers charged over Transport for London cyber attack
September 18, 2025
Two teenagers have been charged in connection with a massive cyber attack which caused Transport for London (TfL) months of disruption. The National Crime Agency (NCA) says it believes the hack – which began on 31 August last year – was carried out by members of the cyber-criminal group, Scattered Spider. Thalha Jubair, 19, from east ...
- RevengeHotels: a new wave of attacks leveraging LLMs and VenomRAT
September 16, 2025
RevengeHotels, also known as TA558, is a threat group that has been active since 2015, stealing credit card data from hotel guests and travelers. RevengeHotels’ modus operandi involves sending emails with phishing links which redirect victims to websites mimicking document storage. These sites, in turn, download script files to ultimately infect the targeted machines. The final ...
- Gucci, Balenciaga and Alexander McQueen private data ransomed by hackers
September 15, 2025
Cyber criminals have stolen the private details of potentially millions of Balenciaga, Gucci and Alexander McQueen customers in an attack. The stolen data includes names, email addresses, phone numbers, addresses and the total amount spent in the luxury stores around the world. Kering, the parent company of the luxury brands, has confirmed the breach and says ...
- Shiny tools, shallow checks: how the AI hype opens the door to malicious MCP servers
September 15, 2025
In this article, Kaspersky researchers explore how the Model Context Protocol (MCP) — the new “plug-in bus” for AI assistants — can be weaponized as a supply chain foothold. The researchers start with a primer on MCP, map out protocol-level and supply chain attack paths, then walk through a hands-on proof of concept: a seemingly legitimate ...