Appears on
Articles34
Russian cybercriminal used jailbroken Gemini CLI to rebuild botnet infrastructure in six minutes
A Russian-speaking threat actor known as “bandcampro” used a jailbroken Gemini CLI, Google’s open-source terminal-based AI agent, to deploy and operate a small command-and-control (C2) botnet, according to TrendAI. Operational overview (Source: TrendAI) In more than 200 sessions between March 19 and April 21, 2026, the threat actor worked with Gemini to depl
Scattered Spider members jailed over Transport for London hack that cost £29 million
Two members of the notorious “Scattered Spider” hacking collective have been sentenced to five years and six months in prison each for a cyberattack on Transport for London (TfL) that disrupted services for thousands of commuters and cost the transport authority an estimated £29 million. Thalha Jubair, 20, of East London, and Owen Flowers, 18, of Walsall, pl
Police take down investment fraud network that stole €100 million a month
Dutch police, working alongside Belgian authorities and Europol, have dismantled a major criminal network accused of operating a global investment fraud scheme through dozens of fraudulent call centers. Investigators estimate the organization generated more than €100 million a month by targeting victims in multiple countries. The group operated around 20 cal
LabubaRAT malware infiltrates Windows systems while posing as NVIDIA software
LabubaRAT, a previously undocumented Rust-based remote access tool (RAT) masquerading as NVIDIA software that enables post-compromise operations on Windows systems, has been uncovered by Blackpoint Cyber. According to researchers, LabubaRAT creates “a reusable foothold for hands-on activity.” Once deployed, it can profile the host, identify installed securit
ClickFix is changing the economics of social engineering
ClickFix has moved from a one-off social engineering trick into an industrialized attack ecosystem that is outpacing conventional antivirus and endpoint defenses, according to ReversingLabs. The technique first showed up in late 2023 and early 2024, and Proofpoint named it in mid-2024. The method skips exploits and vulnerabilities entirely. A fake webpage, s
Spanish police dismantle €140 million cybercrime network
Spanish National Police have dismantled a cybercrime network accused of stealing and laundering about €140 million through fake investment platforms, CEO fraud, invoice fraud, and man-in-the-middle attacks. Four people were arrested as part of the operation: two in Portugal, one in Spain, and one in Panama. The investigation began after officers identified 1
New macOS malware steals passwords by posing as Apple’s crash-reporting tool
Jamf Threat Labs has uncovered a new macOS infostealer named CrashStealer that disguises itself as Apple’s crash-reporting tool to steal passwords, Keychain data, and cryptocurrency wallets. The malware was first spotted in May while it was still under development. By early July, Jamf was seeing in-the-wild detections, indicating it had moved into active use
UK charges five persons linked to fraud platform behind more than a million scam calls
Five people have been charged in the UK following a National Crime Agency (NCA) investigation into Russian Coms, a caller ID spoofing service used by fraudsters. Ayoub Sehailia, 28, Zakkaria Sehailia, 30, Usman Din, 30, Denis Ozmus, 29, and Fadila Salem, 53, all of London, are charged with offences that include conspiracy to supply articles for use in fraud,
New tutorials on underground hacking forums have roughly doubled
Underground hacking forums are producing more original tutorials again, with growing attention on financial fraud, particularly the theft and fraudulent use of payment card data, known as carding, and cash-out techniques. New tutorials per month versus reposts (Source: Radware) Fraud tutorials gain momentum Radware analyzed 8,870 tutorial posts published acr
EU and UK blacklist Russia’s cyber operators over efforts to destabilize Europe
The EU and the UK jointly sanctioned dozens of Russian individuals and entities, accusing Moscow of coordinating a malicious cyber ecosystem targeting Europe, its member states, and international partners. The UK sanctioned 24 individuals and entities, while the EU imposed restrictive measures on nine individuals and four entities. “Cybercriminals, self-proc
Hackers breach Lidl’s IT service provider, steal customer data
German discount supermarket chain Lidl has notified customers in Germany, Belgium, and the Netherlands that customer data was stolen after attackers breached one of its IT service providers. In notices published on its support websites in Belgium and the Netherlands, Lidl said it was informed of the incident last week. “Despite high IT security standards, un
Ransomware negotiator who betrayed clients sentenced to 70 months in prison
A former ransomware negotiator at incident response firm DigitalMint has been sentenced to 70 months in prison after admitting he shared confidential client information with the BlackCat ransomware group and later helped carry out ransomware attacks. Prosecutors say Angelo Martino, 41, abused his role at DigitalMint beginning in April 2023 by providing Black
A hardware security AI assistant that checks chips for hidden backdoors
Chip designers license blocks of circuitry from outside vendors and drop them into larger products. A single processor can carry components from a range of suppliers, each written by a company the buyer may never deal with directly. A malicious supplier can bury a hidden circuit in a working design, and that circuit can stay quiet until a specific input wake
Most data brokers won’t tell you what happened to your deletion request
Data brokers collect personal details on most adults in the United States and sell them to buyers that include employers, landlords, insurance companies, and government agencies. California gives residents a way to push back. You can ask a broker to delete your records, or to stop selling and sharing them. A team at UC Irvine decided to find out what happens
The open source library holding up your stack might have one maintainer
Every serious software product runs on code that someone else wrote and released for free. A web service leans on a cryptography library, a data pipeline pulls in a parser, and a mobile app ships a handful of small utilities that one person maintains in spare time. All of it carries the same label. A new paper argues that the single label hides differences l

