LATEST POST
Conduent warns of further financial fallout from cyberattack
Cybersecurity Dive reports: Conduent said it may face additional financial risks related to a January 2025 attack that impacted a number of state governments and other organizations. The attack at the New Jersey-based payments contractor led to data breaches across a number of organizations, including state government agencies and insurance providers. In the state of Wisconsin, […]
Trump files $10B lawsuit against IRS over alleged tax return leaks to major news outlets
Fox News reports: President Donald Trump has filed a $10 billion lawsuit against the IRS, accusing the agency of unlawfully leaking his confidential tax returns in a politically motivated violation of federal privacy laws. A spokesman for Trump’s legal team told Fox News “a rogue, politically motivated” IRS employee disclosed private and confidential tax information involving Trump, his family […]
A Grok AI Toy Breach Exposed 50,000 Private Chats
WebProNews reports: An AI toy called Grok exposed 50,000 conversation logs between children and the device to anyone with a Gmail account due to a cloud storage misconfiguration, raising serious questions about data security, regulatory compliance, and the protection of children’s privacy in AI-enabled products. … According to Wired, the breach originated from a fundamental misconfiguration […]
Infamous RAMP cybercrime forum seized by FBI
The Record reports: Websites for the RAMP cybercrime forum, a notorious Russian marketplace widely used by ransomware groups and initial access brokers, have been replaced with a splash page declaring they have been seized by the FBI. Domain name server (DNS) records reportedly initially showed RAMP’s clearnet site redirecting to an FBI domain regularly used […]
Double Trouble: Two Gangs Both Attack and Encrypt the Same Revenue Cycle Management Firm
SuspectFile reports that two well-known ransomware gangs independently attacked and encrypted files from Resource Corporation of America (RCA), a revenue cycle management business associate headquartered in Texas. What happened next is not totally clear because neither the Qilin gang nor the victim provided any details, but SuspectFile reports that the Medusa gang provided some information […]
ShinyHunters claim to be behind SSO-account data theft attacks
BleepingComputer reports: The ShinyHunters extortion gang claims it is behind a wave of ongoing voice phishing attacks targeting single sign-on (SSO) accounts at Okta, Microsoft, and Google, enabling threat actors to breach corporate SaaS platforms and steal company data for extortion. In these attacks, threat actors impersonate IT support and call employees, tricking them into […]
Charlotte man loses more than $1 million in cryptocurrency phone scam
Action 5 News reports a real-life example of a consumer who was scammed into revealing his cryptocurrency wallet seed phrase — with all-too-sad and predictable results: A Charlotte man lost more than $1 million in cryptocurrency after falling victim to a phone scam that began with a caller claiming to be from a legitimate crypto […]
SLSH Malicious “Supergroup” Targeting 100+ Organizations via Live Phishing Panels
Silent Push reports: A massive identity-theft campaign is currently active, targeting Okta Single Sign-On (SSO) and other SSO platform accounts across 100+ high-value enterprises. Silent Push has identified a surge in infrastructure deployment that mirrors the TTPs (Tactics, Techniques, and Procedures) of SLSH—a predatory alliance between Scattered Spider, LAPSUS$, and ShinyHunters. This isn’t a standard automated spray-and-pray attack; it is a […]