Cybercrime
-
Phishing campaign used RMM software to hit more than 80 organizations
A phishing campaign has targeted more than 80 organizations since at least April 2025, using legitimate remote monitoring tools to maintain access after victims opened fake Social Security Administration emails.
-
Silver Fox uses ABCDoor malware in phishing campaign targeting India and Russia
Silver Fox used tax-themed phishing emails to target organizations in Russia and India with the ABCDoor backdoor, with more than 1,600 malicious messages flagged in early 2026, according to a technical analysis by Kaspersky.
-
U.S., international agencies arrest 276 in crypto scam crackdown
International authorities arrested at least 276 suspects and shut down nine scam centers in a crackdown on cryptocurrency investment fraud schemes that targeted Americans and caused millions of dollars in losses.
-
Microsoft Defender wrongly flags DigiCert root certificates as malware
Microsoft Defender mistakenly flagged DigiCert root certificates as malware after an April 30 signature update, removing some from Windows trust stores. Microsoft says the false positives are fixed and no extra action is needed.
-
PyPI Lightning package hit by credential-stealing malware
Python package Lightning was compromised on PyPI, with two malicious releases published on April 30, 2026. Security researchers said the code targeted developer credentials and could spread through package ecosystems.
-
Python backdoor DEEP#DOOR uses tunneling service to hide remote access
Researchers disclosed DEEP#DOOR, a Python backdoor that uses a public tunneling service for command and control, steals credentials and includes multiple persistence and defense evasion features.
-
Handala claims leak of US Marines data in WhatsApp threat campaign
US Marines in the Persian Gulf received WhatsApp threats from the Iran-linked Handala hacking group, which claimed to leak personal data on 2,379 service members and said it knew their family details and routines.
-
North Korean hackers use AI to hide npm malware in Web3 supply chain
North Korean-linked hackers are using AI-generated code and layered npm packages to spread malware that steals cryptocurrency wallets and developer data, according to a technical analysis from ReversingLabs. The campaign has also expanded beyond npm to other platforms.
-
Europol-backed operation dismantles online fraud call centres in Albania
Europol-supported investigators have dismantled a Tirana-based online fraud network accused of causing at least EUR 50 million in losses. Ten people were arrested and cash, computers and phones were seized in coordinated raids.
-
Vimeo says customer data exposed after Anodot breach
Vimeo said some customer and user data was accessed without authorization after the Anodot breach, including email addresses for some customers, technical data, video titles and metadata. The company said video content and payment data were not exposed.
