Ah, more drama in the cybercrime ecosystem.  Matthew J. Schwartz reports: A ransomware organization is suffering an extreme case of turnabout is fair play through a data breach that splaying internal correspondence across the internet. “The Gentlemen” surfaced as a ransomware-as-a-service organization in mid-2025 with – as SOCRadar has noted – little intention of playing nice. Hints...

Source

Jung Da-hyun reports: A recent data breach at the National Center for the Rights of the Child (NCRC), exposing sensitive personal records of adoptees, is drawing criticism from overseas adoptee groups and raising questions about the agency’s credibility. The breach, which the NCRC said occurred between April 30 and May 2, came to light when...

Source

He’s 20 years old and has just been sentenced to 6 1/2 years in prison. The U.S. Attorney’s Office for the District of Columbia announced today: WASHINGTON – Marlon Ferro, 20, of Santa Ana, California, was sentenced today in U.S. District Court to 78 months in prison in connection with his role in a sprawling social engineering conspiracy that stole well over $250 million...

Source

PYMNTS reports: Cryptocurrency investors are reportedly exiting the decentralized finance (DeFi) space following two high-profile hacks. Close to $14 billion has been pulled from DeFi projects in recent weeks, the Financial Times (FT) reported Wednesday (May 6), citing the data firm DefiLlama. This came after hackers tied to the North Korean government stole $290 million from the KelpDAO platform and used...

Source

PHILADELPHIA, May 4, 2026 /PRNewswire/ — The following release was issued by RG/2 Claims Administration LLC, as Settlement Administrator. If Your Private Information Was Potentially Compromised in a Data Incident Announced by the Pennsylvania State Education Association on March 18, 2025, You May be Eligible for Benefits from a Class Action Settlement. A proposed Settlement has been...

Source

The Department of Justice had a pretty good day today in terms of cybercrime. In addition to two men being sentenced for using BlackCat ransomware to try to extort U.S. entities, a German national living in Colombia has now been extradited to the United States on charges that he owned and operated “The Versus Project,”...

Source

NISOS writes: Last month, our research on DPRK IT worker fraud made headlines on NBC News. Security teams, hiring managers, and executives all came back with the same reaction: this is happening, and many organizations aren’t equipped to detect it. This isn’t a traditional cyber threat. It’s a human one and it’s not going away....

Source

UNN reports: Moldova’s Cybersecurity Agency has reported a large-scale attack on the country’s main medical database, resulting in damage to around 30% of the information, according to Point, as reported by UNN. The agency’s deputy director said the attackers had been targeting the platform over the past month. The database is a key hub collecting data...

Source

Kenneth Araullo reports: A single ransomware crew exploiting a single brand of firewall is now driving nearly half of all cyber insurance claims, At-Bay has warned, in a finding that recasts how underwriters and brokers should be thinking about risk selection. The cyber carrier’s 2026 InsurSec Report, drawn from more than 6,500 claims and 100,000...

Source

The Bangkok Post reports: The Council of Engineers Thailand has warned about 350,000 members their personal data was stolen when its database was hacked recently, and could be misused. Prof Amorn Pimanmas, a director in the council’s board, said that about a week ago a hacker breached the database containing members’ personal data when it...

Source

Harry Taylor reports: Data from 500,000 people who volunteered their health information to the UK Biobank has been breached and offered for sale online in China. Technology Minister Ian Murray said that information of all half a million members had been listed for sale on the website Alibaba, as he called the breach an “unacceptable abuse” of data. He...

Source

Ann-Marie Corvin reports: Cheap tech just keeps on exposing NATO warships. In the latest example, a journalist was able to send a Bluetooth tracker to a Dutch frigate. Just Vervaart, working for regional broadcaster Omroep Gelderland, hid the $5 Bluetooth tracker inside an envelope with a postcard via the military postal service. The reporter followed...

Source

A new report by Reliaquest considers data suggesting that former Black Basta affiliates are not only using the gang’s social engineering playbook, but have been successfully honing it and targeting corporate executives: A new campaign is successfully evolving “Black Basta’s” signature social engineering playbook into a faster, more targeted, and increasingly automated intrusion method aimed at senior...

Source

ANCHORAGE, Alaska – The U.S. Justice Department today announced court-authorized actions taken to disrupt some of the world’s leading Distributed Denial of Service (DDoS) Internet of Things (IoT) botnet services. U.S. authorities continue to focus resources on charging DDoS botnet administrators and seizing infrastructure, like websites, that allow paying users to launch powerful DDoS attacks....

Source

There are insider breaches, and then there are fourth-degree felonies and other possible charges if public records are destroyed improperly or without a lawful purpose. KVIA in New Mexico reports: The City of Anthony released a letter to KVIA on Saturday stating that the previous administration had allegedly committed several wrong-doings and the City is...

Source

Isaac Yee reports: A hacker has allegedly stolen a massive trove of sensitive data – including highly classified defense documents and missile schematics – from a state-run Chinese supercomputer in what could potentially constitute the largest known heist of data from China. The dataset, which allegedly contains more than 10 petabytes of sensitive information, is believed...

Source

Over on Codamail (fka Cotse.net), Steve Gielda has updated his research on VPN infrastructure and its implications for your privacy. From that article: The Question VPN providers market themselves as independent services in diverse jurisdictions. This investigation asks a structural question: does the global VPN industry’s physical infrastructure actually reflect that diversity, or does it...

Source

Davey Winder reports: Usually, when I report zero-day exploits, it’s because attacks by threat actors are already underway or a vendor has released a patch after becoming aware of the vulnerability. BlueHammer, however, is different. This time, it’s a security researcher who has released the Windows attack exploit code; there is no patch available, and...

Source

We have probably all read recommendations that cyberattack victims should not pay ransom demands because it encourages more crime, and because criminals can’t be trusted to delete data they promise to delete. But what evidence have we seen supporting a claim that criminals default on data deletion? Law enforcement made a point of reporting that...

Source

Phil Tenser reports: A cybersecurity attack is affecting several Massachusetts towns that share a regional emergency communications center. The cyberattack affecting the Patriot Regional Emergency Communications Center and associated towns was identified early Tuesday, according to statements from affected towns. The towns of Ashby, Dunstable, Pepperell and Townsend also said their police and fire departments...

Source