“Bitcoin Queen” sentenced as UK recovers £5B in crypto
UK investigators seized 61,000 Bitcoin linked to Zhimin Qian’s China-based Ponzi fraud. A London court handed her 11 years and 8 months, while civil recovery fights over billions continue.
Tag: leak
Read More
npm typosquat targets GitHub Actions to steal tokens and artifacts
A malicious npm package named “@acitons/artifact” impersonates @actions/artifact, hijacks GitHub Actions tokens via postinstall scripts, and attempts to publish artifacts as GitHub showcasing a precise software supply chain attack.
Rhadamanthys disruption derails credential-theft campaigns
Rhadamanthys suffered a coordinated disruption as “customers” lost access to panels and servers. With certificate-only logins and Tor sites offline, credential theft pipelines broke. Use the lull to rotate passwords, revoke tokens, scrub loaders, and harden identity before operators relaunch under a new brand.
ChatGPT Data Leaks: Seven New Prompt Injection Paths and Real
Seven fresh techniques let attackers leak ChatGPT data through everyday workflows: poisoned search, “q=” one-click links, allowlisted ad redirects, conversation injection, markdown hiding, and memory poisoning. Because exposure rides on normal browsing and memory behavior, prevention requires policy plus proof: sanitize URLs, block bing.com/ck/a, disable Saved Memory for high-risk roles, and validate controls continuously with OWASP LLM Top 10 and MITRE ATLAS as your benchmarks.
Leak Site Tied to Scattered Spider Seized by FBI and French Police
Global law enforcement has seized a dark web leak site allegedly operated by Scattered Spider, halting a notorious pipeline of stolen corporate data. Here’s what cybersecurity experts need to know about the takedown.
MonoLock Ransomware: What Security Teams Must Know Today
Actors on underground forums are now selling a turnkey ransomware toolkit named MonoLock v1.0 designed to target small and medium organisations, disable backups, encrypt data at scale via AES-256/RSA-2048, and demand payment through an automated Tor portal. Security teams must recognise this shift in the ransomware-as-a-service (RaaS) business model and reinforce detection, defence and incident response accordingly.
China’s National Time Agency Targeted by U.S. Cyber Espionage
China’s Ministry of State Security alleges that the U.S. National Security Agency breached its National Time Service Centre over multiple years. The event signals new exposure for timing infrastructure and escalates global cyber conflict.
Silver Fox Winos 4.0 Malware Now Strikes in Japan and Malaysia
The Silver Fox group, long known for precision-targeted malware operations, has extended its Winos 4.0 campaign into Japan and Malaysia. Security experts now observe the deployment of HoldingHands RAT through malicious PDF attachments and deceptive software installers.
Oracle EBS Data Theft at Envoy Air Clop Campaign Overview
Envoy Air confirmed it was targeted in a Clop-linked campaign exploiting vulnerabilities in Oracle E-Business Suite. While the airline asserts no passenger data was affected, business records may have been stolen. This write-up breaks down the tactics, likely exploited CVEs, impacts, and what organizations must do next.
F5 BIG-IP Exposure: 266,000 Devices Still Open to Remote Attacks
Shadowserver has identified over 266,000 F5 BIG-IP devices exposed to remote attack after a breach revealed undisclosed vulnerabilities. Organizations must act now to mitigate potential exploitation.