Hackers who gained access to heart of London transport network jailed

The data of millions of commuters was stolen, Londoners were left out of pocket and 27,000 Transport for London staff were forced to reset their passwords. Over four days in 2024 a pair of teenage hackers had London’s transport network at their Read More …

This fake Apple app can unlock your Mac’s password vault

CrashStealer is a new macOS infostealer that masquerades as Apple’s CrashReporter component, uses an Apple‑notarized installer to slip past Gatekeeper, tricks users into handing over their password, and then systematically loots browsers, password managers, crypto wallets, and Keychain secrets before Read More …

An unnamed US county paid $1M extortion demand to cybercriminals

A US county reportedly paid $1 million to Kairos, an extortion gang that claimed to have stolen more than 2 TB of data, but the county never received independently verifiable proof that the stolen files had been deleted – just Read More …

6.9 million driver’s license numbers stolen from AssuranceAmerica

Insurance provider AssuranceAmerica has confirmed a data breach affecting the personal information and driver’s license numbers of up to 6.9 million people. AssuranceAmerica provides car and rental insurance to customers across 14 US states through a network of over 9,500 Read More …

AdaptHealth says attackers sweet-talked their way into cloud systems and stole patient data

AdaptHealth says attackers used social engineering to breach its systems and steal sensitive patient data, including passwords associated with insurance billing. The medical equipment company disclosed the attack to the Securities and Exchange Commission (SEC) on Thursday, noting that attackers accessed internal Read More …

FBI: Cyber Criminal Group TeamPCP

The Federal Bureau of Investigation (FBI) is releasing this FLASH to highlight the tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with the cyber criminal group TeamPCP. TeamPCP actors have conducted large-scale software supply chain compromises by Read More …

Politician who investigated spyware abuses had his phone hacked with Pegasus spyware

Security researchers have confirmed that a European politician had his phone hacked with the Pegasus spyware while serving on an investigatory committee probing abuses of the notorious surveillance tool. This has reignited fresh controversy over governments abusing spyware to collect Read More …

Japan: Over 14 million login credentials leaked from six ISPs in major data breach

A data breach that has potentially exposed the email and password combinations for over 14 million customers across six internet service providers (ISPs) has been disclosed by Japanese telecoms provider KDDI Corporation. According to the company, hackers exploited a vulnerability Read More …

Nissan says Oracle PeopleSoft break-in may have spilled payroll records, SSNs

Nissan has joined the growing list of Oracle customers cleaning up after a cyberattack, warning employees that payroll records, bank details, Social Security numbers, and other personal data may have been stolen. In a filing submitted to the California Attorney General on Read More …