Everest claims it breached Money Mart and stole more than 80,000 internal files from a “National Money Mart Company DataBase,” turning the attack into a major consumer financial data breach. This analysis explains how the Money Mart ransomware attack unfolded, why a payday-loan provider makes an attractive target, and what the incident means for customers and other financial-services firms.
Growing interest in a Trump-aligned tech workforce initiative highlights how AI job seekers are responding to rising demand for artificial intelligence skills across the U.S. technology sector.
BreachStars emerges as the latest reincarnation of BreachForums, pledging better infrastructure and security. However, rebooting a notorious hacker forum brings old challenges and new vulnerabilities.
A new cloud native botnet called ShadowV2 is taking aim at organizations worldwide. By abusing exposed Docker daemons and blending into legitimate cloud environments, the malware enables large scale distributed denial of service (DDoS) attacks while evading traditional defenses. With over 24,000 Docker instances exposed online, the potential for exploitation is significant What is ShadowV2?…
Mozilla’s new policy for Firefox extensions mandates that developers clearly disclose any data collection or transmission, obtain user consent and categorize the data types. This marks a major shift in add-on privacy, placing transparency at the heart of the browser-extension ecosystem.
Spanish authorities have dismantled the notorious GXC Team cybercrime syndicate, arresting its leader and several members in a joint operation with Europol.
The group allegedly ran large-scale credential theft, malware distribution, and financial fraud campaigns targeting victims across Europe and beyond.
The U.S. Secret Service dismantled a massive telecom threat in New York City, seizing 100,000 SIM cards and 300 servers hidden across abandoned apartments. Authorities say the “imminent” campaign, discovered before the UN Assembly, could have crippled cellular services, government operations, and emergency systems. Investigators believe foreign threat actors used the network for covert communication with criminal enterprises
A worm-like spam campaign flooded npm with tens of thousands of fake packages, polluting search results and straining CI/CD. Consequently, treat registries as hostile input. Enforce allowlists, verify npm provenance with Sigstore, disable lifecycle scripts by default, and promote dependencies through SLSA-aligned stages to cut risk.
The Iran-linked APT MuddyWater has resurfaced with a new, stealthy malware loader disguised as a retro Snake-style game. The loader delivers a memory-only backdoor to Israeli targets. This shift shows how APTs increasingly combine social-engineering and covert execution to bypass defenses.
A malicious npm package named “@acitons/artifact” impersonates @actions/artifact, hijacks GitHub Actions tokens via postinstall scripts, and attempts to publish artifacts as GitHub showcasing a precise software supply chain attack.