North Korean Labyrinth Chollima is morphing into three separate entities

One of the largest and most successful North Korean state-sponsored threat actors has split into three separate entities, each with their own tactics, malware tools, targets, and goals, experts have warned. In a recent in-depth analysis, researchers from CrowdStrike expalined Read More …

Marquis confirms data breach, point finger of blame at SonicWall firewall

Marquis, a US fintech company building software for banks and credit unions, has confirmed suffering a ransomware attack and losing sensitive customer data, but shifted the blame onto its firewall provider, SonicWall. In mid-September 2025, SonicWall warned its firewall customers Read More …

Prioritising post-quantum cryptography migration activities in financial services

As post-quantum cryptography (PQC) becomes integrated into mainstream information technology (IT) products and services, financial services institutions must begin to execute their transition strategies. This document provides actionable guidelines to incorporate quantum safety into existing risk management frameworks by assessing Read More …

Peruvian Peaks: The digital loan illusion

Crossing the Andes, we found ourselves in the digital valleys of Peru, where a new variation of the loan scam awaited us. Much like the schemes in Brazil, these operations played on hope and desperation, luring victims with promises of Read More …

Canadian Investment Regulatory Organization data breach reveals info on 750,000 investors

The 2025 cyberattack at the Canadian Investment Regulatory Organization (CIRO) affected roughly 750,000 Canadians, it has now confirmed. Founded in 2023, CIRO is Canada’s national self-regulatory body that oversees investment dealers, trading activity, and market integrity. In mid-August 2025, CIRO Read More …

South Korea: Shinhan Card reports massive data breaches

Shinhan Card, one of the country’s top credit card issuers, reported a massive data leak Tuesday. The Seoul-based company said more than 190,000 cases of potential data exposure have been identified that involve merchant partners’ personal and business information. The Read More …

France’s postal and banking services disrupted by suspected DDoS attack

France’s national postal and banking services were knocked offline by a suspected distributed denial-of-service (DDoS) attack on Monday, according to an announcement by La Poste. The postal service called the attack “a major network incident” that was disrupting “all of Read More …

Data breach exposes 400,000 bank customers’ information

A major data breach tied to U.S. fintech firm Marquis is rippling through banks, credit unions and their customers. Hackers broke into Marquis systems by exploiting a known but unpatched vulnerability in a SonicWall firewall, gaining access to deeply sensitive Read More …

U.S. DOJ: Tren De Aragua Members and Leaders Indicted in Multi-Million Dollar ATM Jackpotting Scheme

United States Attorney Lesley A. Woods announced that a federal grand jury in the District of Nebraska has returned two indictments charging 54 individuals for their roles in a large conspiracy to deploy malware and steal millions of dollars from Read More …

PayPal closes loophole that let scammers send real emails with fake purchase notices

After an investigation by BleepingComputer, PayPal closed a loophole that allowed scammers to send emails from the legitimate [email protected] email address. Following reports from people who received emails claiming an automatic payment had been cancelled, BleepingComputer found that cybercriminals were Read More …