Warning: Scammers are using FaceTime to empty bank accounts

Apple is urging users to treat any suspicious FaceTime call or message as untrusted, especially if it involves payments, refunds, password resets, or requests for personal information. This warning appears in a broader Apple support article about scams that target iPhone and Read More …

Ghostcommit attack hides malicious AI instructions in images

Ghostcommit is a proof of concept that shows how AI assistants used to review software code can be tricked by hidden instructions embedded in images. The academic ASSET Research Group showed that an attacker can place instructions inside an image file, point Read More …

EU-UK sanctions target Russia over Europe-wide ‘vast cyber campaign’

The European Union and the UK have announced coordinated sanctions against Russia after accusing Moscow’s FSB intelligence agency of carrying out a cyber attack in December targeting Poland’s energy grid and orchestrating a wider campaign of digital sabotage across Europe. Read More …

Ukrainians are using VPNs to cause havoc in Russia by changing fuel station statuses on maps in a bid to cause chaos and confusion

A coordinated online campaign has reportedly encouraged users to alter fuel station information on digital maps across Russia, creating confusion among drivers. The activity involves changing station statuses by marking locations with available fuel as empty or showing closed stations Read More …

Supermarket chain Lidl warns customers after data leak

Unknown individuals managed to gain access to customer data held by the supermarket chain Lidl. The German company informed affected customers of this via email this week. Thus far, the supermarket chain has declined to say how many customers were Read More …

No Manners Here: The Ruthless Rise of The Gentlemen Ransomware

The Gentlemen (aka Storm-2697) is a Ransomware-as-a-Service (RaaS) program active since at least July 2025. Public reporting indicates that the operators were likely active months earlier as an affiliate (known as ArmCorp) of Qilin RaaS, which Unit 42 tracks as Read More …

Florida ransomware negotiator convicted for helping ransomware gang extort US companies

Florida man Angelo Martino has been sentenced to more than five years in prison for conspiring with hackers to deploy ransomware during his job as a ransomware negotiator for a U.S. cybersecurity company. The U.S. Department of Justice confirmed the sentence on Read More …

Accenture confirms breach after hacker steals 35GB of source code and other data

Accenture has confirmed suffering a cyberattack, days after threat actors started selling an archive allegedly coming from the firm. “We are aware of this isolated matter, and we have remediated its source. There is no impact to Accenture operations and Read More …

An unnamed US county paid $1M extortion demand to cybercriminals

A US county reportedly paid $1 million to Kairos, an extortion gang that claimed to have stolen more than 2 TB of data, but the county never received independently verifiable proof that the stolen files had been deleted – just Read More …

GigaWiper: Anatomy of a destructive backdoor assembled from multiple malware

In October 2025, Microsoft Threat Intelligence identified destructive wiping activity and uncovered a sophisticated Go programming language (Golang)-based backdoor we now track as GigaWiper, a versatile implant that combines robust command-and-control (C2) capabilities with multiple destructive payloads, including disk wiping, Read More …