This week: A hacker claims to have 20 million OpenAI logins, Sweden clears ship in Baltic cable damage, researchers find ways to bypass GitHub Copilot's protections, Netgear patches router flaws, undetectable Mac backdoor raises alarms, Spain nabs hacker, and Deloitte pays $5M for RIBridges breach.
This week's stories include a critical Ethereum vulnerability, conviction in a £1.5M fraud, sentencing in a torture and crypto theft case, SEC's new roadmap, Jan crypto stats, Coinbase social engineering victims, and U.S. lawmakers' digital assets working group.
Ransomware may still be raking in massive cryptocurrency profits for practitioners, but 2024 turned out to be less of a banner year than predicted, with blockchain researchers reporting that the sum total of known ransom payments to ransomware groups in 2024 plummeted by 35%.
Security researchers predict threat actors will use artificial intelligence and large language models to enhance phishing attacks and create convincing fake personas, while defensive AI enters a new phase of semiautonomous operations.
In a drastic move to curb fraud along the Myanmar border, Thailand announced plans to cut power and telecommunications in border areas of Myanmar linked to scam operations. The move is aimed at crippling criminal syndicates running notorious call centers that orchestrate scams, financial fraud and human trafficking.
The slice of organizations opting to pay extortion after being hit by ransomware dropped to an all-time low of 25%. Underpinning the drop is a combination of better defenses, improved business resilience as well as organizations simply deciding to not pay criminals.
Banks are struggling to keep up with evolving KYC expectations. Despite efforts to modernize, outdated processes continue to leave compliance gaps, leading to increased regulatory action. Penalties for financial institutions surged with KYC-related fines more than doubling to $51 million.
Russian hackers targeting Ukrainian government agencies and businesses - including a major automotive manufacturer - have been targeting a zero-day vulnerability in the open source and widely used 7-Zip archive utility, to infect systems with credential-stealing SmokeLoader malware.
Singapore has vowed to investigate allegations that Chinese artificial intelligence company DeepSeek flouted U.S. export controls to obtain high-performance Nvidia chips to power its flagship R1 reasoning application through intermediaries based in the island nation.
Community Health Center, which has a dozen primary care, dental and other clinics in Connecticut, is notifying nearly 1.1 million people - including pediatric patients and their parents and guardians - that their information was potentially stolen in a cyberattack detected earlier this month.
The accelerated adoption of eKYC solutions is exposing critical data to unprecedented risks, warns Kartik Lalan, a security researcher set to speak at Nullcon 2025. He identified vulnerabilities across industries, including finance, telecom, healthcare and small private agencies.
A New York blood center and its divisions that serves hospitals in several states are dealing with ransomware attack disrupting donations and other activities. The attack - the latest assault on a blood supplier - comes just days after the center declared a blood shortage emergency.
Operators of cybercrime forums had a bad day on Thursday after European and U.S. law enforcement announced server seizures and arrests. The websites of the Nulled, Cracked and HeartSender markets no longer work. They served millions of users.
This week, Trump issued an executive order on digital assets, Brazil halted the World ID project from collecting biometrics, Binance's CZ lands an "intern" position, KuCoin pleaded guilty in the United States, and France investigated Binance.
If you're the victim of a scam in Australia, the chances of being reimbursed for your stolen funds are low. In fact, the AFCA ruled in favor of full reimbursement for victims in only 4.8% of its cases in 2024, highlighting the difficulty consumers face in disputing fraud-related losses with banks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing paymentsecurity.io, you agree to our use of cookies.
