Two Americans plead guilty to assisting India-based tech support scam centers
The Record reports: Two men are facing years in prison for providing services to a tech-support fraud scheme in India
May 22, 2026
The Record reports: Two men are facing years in prison for providing services to a tech-support fraud scheme in India
From Dutch police news: On May 19 and 20, the criminal VPN service First VPN was taken offline in an
A client alert from Womble Bond Dickinson (US) discusses what it describes as a first-of-its-kind ruling: a California court did
This client alert is based on a longer article Patrick Emerson McCormick wrote for the Conference on Consumer Finance Law Quarterly
The Record reports: A Chinese national accused of being a member of a state-backed hacking group has been extradited to
Miscellaneous News
DysruptionHub reports: A cybersecurity event has disrupted calibration systems at Des Moines, Iowa-based Intoxalock since March 14, leaving some court-ordered
The International Business Times reports: Discord is preparing to enforce a global age verification system from early March that will
Technology.org reports: The group behind it, a fast-rising crew called TeamPCP, says it reached roughly 4,000 of GitHub’s code repositories. GitHub confirmed the breach Tuesday night and counted at least 3,800 compromised repositories, all of them holding GitHub’s own code rather than customer data, according to what it has found so far. For years, supply chain attacks were the rare horror story of security work. One corrupted application could quietly become an attacker’s doorway into an entire network. TeamPCP turned
TechCrunch reports: New York public health provider NYC Health + Hospitals says a months-long data breach that allowed hackers to steal personal data, medical records, and fingerprints scans affects at least 1.8 million people. NYCHHC is the largest public health system in the United States and provides healthcare to over a million New Yorkers, the majority of whom are uninsured or receive state healthcare benefits, such as Medicaid. The healthcare system reported the number to the U.S. Department of Health and Human Services,
When the federal agency that directs organizations and agencies to quickly attend to vulnerabilities and breaches has its own breach, people notice. Brian Krebs reports: Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the
CNN reports: US officials suspect Iranian hackers are behind a series of breaches of systems that monitor the amount of fuel in storage tanks serving gas stations in multiple states, according to multiple sources briefed on the activity. The hackers responsible have exploited automatic tank gauge (ATG) systems that were sitting online and unprotected by passwords, allowing them in some cases to tinker with display readings on the tanks but not the actual levels of fuel in them, the sources said. The cyber
When education software giant Instructure announced on May 1 that its widely used Canvas software was unavailable as it investigated a data security incident, it suggested the breach was mostly contained. That turned out to be overly optimistic. While the firm posted updates on its site as its services returned to service, the ShinyHunters group that attacked them continued to issue threats to leak data from thousands of schools and millions of students. On May 7, in the middle of Finals week at many schools
Technology.org reports: The group behind it, a fast-rising crew called TeamPCP, says it reached roughly 4,000 of GitHub’s code repositories.
NL Times reports: FIOD arrested two men in the Netherlands on Monday for aiding and facilitating pro-Russian cyberattacks and violating
CPO Magazine reports that the Nitrogen ransomware-as-as-service (RaaS) group has claimed responsibility for an attack on a major electronics manufacture
Does it matter whether President Trump calls the situation with Iran a “war” or an “excursion” or something else if
From the Hunton Insurance Recovery Blog: In the rarely litigated space of cyber insurance, the Northern District of Texas issued
When the federal agency that directs organizations and agencies to quickly attend to vulnerabilities and breaches has its own breach,
Technology.org reports: The group behind it, a fast-rising crew called TeamPCP, says it reached roughly 4,000 of GitHub’s code repositories. GitHub confirmed the breach Tuesday night and counted at least 3,800 compromised repositories, all of them holding GitHub’s own code rather than customer data, according to what it has found so far. For years, supply chain attacks were the rare horror story of security work. One corrupted application could quietly become an attacker’s doorway into an entire network. TeamPCP turned
TechCrunch reports: New York public health provider NYC Health + Hospitals says a months-long data breach that allowed hackers to steal personal data, medical records, and fingerprints scans affects at least 1.8 million people. NYCHHC is the largest public health system in the United States and provides healthcare to over a million New Yorkers, the majority of whom are uninsured or receive state healthcare benefits, such as Medicaid. The healthcare system reported the number to the U.S. Department of Health and Human Services,
When the federal agency that directs organizations and agencies to quickly attend to vulnerabilities and breaches has its own breach, people notice. Brian Krebs reports: Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the
CNN reports: US officials suspect Iranian hackers are behind a series of breaches of systems that monitor the amount of fuel in storage tanks serving gas stations in multiple states, according to multiple sources briefed on the activity. The hackers responsible have exploited automatic tank gauge (ATG) systems that were sitting online and unprotected by passwords, allowing them in some cases to tinker with display readings on the tanks but not the actual levels of fuel in them, the sources said. The cyber
The Record reports: Two men are facing years in prison for providing services to a tech-support fraud scheme in India
From Dutch police news: On May 19 and 20, the criminal VPN service First VPN was taken offline in an
A client alert from Womble Bond Dickinson (US) discusses what it describes as a first-of-its-kind ruling: a California court did
This client alert is based on a longer article Patrick Emerson McCormick wrote for the Conference on Consumer Finance Law Quarterly
The Record reports: A Chinese national accused of being a member of a state-backed hacking group has been extradited to
Miscellaneous News
DysruptionHub reports: A cybersecurity event has disrupted calibration systems at Des Moines, Iowa-based Intoxalock since March 14, leaving some court-ordered
The International Business Times reports: Discord is preparing to enforce a global age verification system from early March that will
Technology.org reports: The group behind it, a fast-rising crew called TeamPCP, says it reached roughly 4,000 of GitHub’s code repositories.
NL Times reports: FIOD arrested two men in the Netherlands on Monday for aiding and facilitating pro-Russian cyberattacks and violating
CPO Magazine reports that the Nitrogen ransomware-as-as-service (RaaS) group has claimed responsibility for an attack on a major electronics manufacture
Does it matter whether President Trump calls the situation with Iran a “war” or an “excursion” or something else if
From the Hunton Insurance Recovery Blog: In the rarely litigated space of cyber insurance, the Northern District of Texas issued
When the federal agency that directs organizations and agencies to quickly attend to vulnerabilities and breaches has its own breach,