PUBLIC DEFENDER By Brian Livingston The maker of the popular Claude large language model (LLM) — which became the number-one download from US app stores in February 2026 — recently announced a powerful service called Claude Mythos. The new LLM has reportedly discovered thousands of security holes in every major operating system and Web browser. […]
This is your ultimate guide to the best robot vacuums (and mops) to buy in Australia for hassle-free cleaning, as recommended by experienced reviewers.
Narwal’s 2026 flagship robot vacuum is outfitted with video cameras and super smart AI cleaning technology to work out the best way to tackle your home.
Two New Jersey men were sentenced Wednesday for facilitating North Korea’s long-running scheme to plant operatives inside U.S. businesses as employees, generating more than $5 million in illicit revenue for the regime, the Justice Department said.
The U.S. nationals — Kejia Wang, also known as Tony Wang, and Zhenxing Wang, also known as Danny Wang — were part of a years-long conspiracy that placed operatives in jobs at more than 100 U.S. companies, including many Fortune 500 companies, based in 27 states and the District of Columbia.
The elaborate scheme involved shell companies posing as software development firms, money laundering, and espionage with national security implications. Operatives involved in the conspiracy stole sensitive files from a California-based defense contractor related to U.S. military technology controlled under International Traffic in Arms Regulations (ITAR), officials said.
“Democratic People’s Republic of Korea (DPRK) IT workers are not limited to revenue generation. When tasked, they can operationalize their placement and access to support strategic intelligence requirements, including intellectual property theft, network disruption or extortion,” Michael Barnhart, nation state investigator at DTEX, told CyberScoop.
While most of North Korea’s scheme is focused on revenue, it sometimes applies a dual-use approach, tasking certain privileged IT workers with malicious activity aiding other state-backed hacking groups, Barnhart added.
“Not all IT workers can be hackers but every North Korean hacker can or has been an IT worker,” he said. “This distinction matters for insider‑threat analysis because unlike typical fraudulent hires motivated by personal financial gain, IT workers can inflict national‑security‑level damage.”
Kejia Wang, 42, Zhenzing Wang, 39, and their co-conspirators stole the identities of at least 80 U.S. residents to facilitate the hiring of North Korean operatives and collected at least $696,000 in fees combined, officials said. U.S. victim companies also incurred legal fees, remediation costs and other damages and losses exceeding $3 million.
Both men previously pleaded guilty to an assortment of crimes. Kejia Wang was sentenced to nine years in prison for conspiracy to commit wire and mail fraud, money laundering and identity theft. Zhenxing Wang was sentenced to 92 months in prison for conspiracy to commit wire and mail fraud and money laundering.
The pair were also ordered to forfeit a combined $600,000, of which two-thirds has already been paid, officials said.
The conspiracy, which ran from at least 2021 through October 2024, relied in part on shell companies — Hopana Tech, Tony WKJ and Independent Lab — the men set up to create the appearance of legitimate businesses.
“Pairing a U.S. person, a U.S. address, and a front company such as Independent Lab, the facilitators created the illusion of a legitimate domestic effort allowing the IT workers to present themselves as U.S.-based without triggering suspicion during onboarding or daily workflows,” Barnhart said.
“Front companies can act as that middle financial flow from victim companies back to DPRK units, which then pushes funds upward through the Workers’ Party of Korea to support whichever program the unit was aligned with, whether weapons development or domestic priorities,” he added.
These front companies reflect a higher level of tradecraft that exploits a weak spot in insider risk assessments because threats aren’t always a malicious person trying to break into a network, Barnhart said. “Sometimes it looks like an entire company appearing clean on paper.”
Authorities have responded to North Korea’s scheme by targeting U.S.-based facilitators who provide forged or stolen identities and laptop farms for North Korean operatives, and seizing cryptocurrency linked to theft.
Law enforcement wins are stacking up, but researchers warn that North Korea’s operation is massive and consistently evolving.
The sentencing of Kejia Wang and Zhenxing Wang comes less than a month after a trio of American men were sentenced for similar crimes, including the operation of laptop farms, wire fraud and identity theft.
The Justice and Treasury Departments have also issued indictments and sanctioned people and entities allegedly involved in North Korea’s effort to send thousands of specialized technical professionals outside of the country to secure jobs under false pretenses and funnel their wages back to Pyongyang.
You can read the full indictments against Kejia Wang and Zhenxing Wang below.
ISSUE 23.15 • 2026-04-13 FROM THE FORUMS By Will Fastie Last week, we published a Public Defender column by Brian Livingston titled Any USB drive or cable you plug in might be a silent killer. You might have seen the reaction in the column’s forum topic. The forum exploded. So did my inbox. Read the […]
AI By Michael A. Covington Malfunctioning AI can hurt people. Preventing harm isn’t easy. To detect automatically whether an AI system is giving people bad advice, for instance, you’d need an AI that is smarter than the original one; and if you had it, you’d have used it in the first place. You see the […]
Annual cybercrime losses amounted to almost $20.9 billion last year, reflecting a 26% increase from 2024, the FBI’s Internet Crime Complaint Center (IC3) said in its annual report Tuesday.
The comprehensive study exposes a worsening digital crime environment that is driving financial losses, with momentum moving in the wrong direction and compounding at an alarming rate. Annual cybercrime losses have jumped almost 400% from $4.2 billion in 2020, and cumulative losses in that five-year period surpassed $71.3 billion.
The FBI’s IC3, which formed as the country’s central hub for cybercrime reporting in 2000, is busier than ever. “We now average almost 3,000 complaints per day,” Jose Perez, the FBI’s operations director for its criminal and cyber branch, wrote in the report.
The annual internet crime report highlights growing and sustaining trends. Yet, the scope of the study is limited and relies entirely on cybercrime incidents submitted to the FBI.
The full impact of cybercrime remains murky, as an unknown number of victims suffer in the shadows and never report the crimes they endure.
The FBI received more than 1 million complaints last year, with victims aged over 60 reporting the largest amount of crimes that also resulted in the greatest amount of total losses by age group. Victims at least 60 years old filed 201,000 complaints with losses totaling nearly $7.75 billion, or about 37% of all cybercrime-related losses last year.
Investment-related fraud remained the largest component of cybercrime losses in 2025, reaching almost $8.65 billion. Business email compromise took the No. 2 spot with almost $3.05 billion in losses, followed by tech support scams at more than $2.1 billion.
Cryptocurrency was the primary conduit for fraud linked to investment and tech support scams last year, while wire transfers composed the bulk of fraud resulting from business email compromise, according to the report.
Phishing was the most commonly reported type of cybercrime last year, followed by extortion, investment scams and personal data breaches. The FBI tallied losses amounting to $122.5 million from extortion and $32.3 million from ransomware last year.
The FBI also received more than 75,000 reports of sextortion last year, including more than 5,700 submissions that were referred to the National Center for Missing and Exploited Children.
The top five cyber threats reported to IC3 in 2025 included data breaches at 39%, ransomware at 36%, SIM swapping at 10%, malware at 9% and botnets at 7%.
The FBI received more than 3,600 complaints reporting ransomware last year. The five most reported variants included Akira, Qilin, INC, BianLian and Play.
Each of the 16 critical infrastructure sectors reported ransomware attacks last year, and the most heavily targeted included health care, manufacturing, financial services, government and IT.
The IC3 primarily receives complaints from U.S. residents and businesses, but it also received complaints from more than 200 countries last year, which accounted for nearly $1.6 billion in total losses.
While losses and the sheer amount of cybercrime continued to climb last year, “the FBI continues to disrupt and deter malicious cyber actors — and shift the cost from victims to our adversaries,” Perez wrote in the report.
“It has never been more important to be diligent with your cybersecurity, social media footprint, and electronic interactions,” he added. “Cyber threats and cyber-enabled crime will continue to evolve as the world embraces emerging technologies such as artificial intelligence.”
ISSUE 23.13 • 2026-03-30 LEGAL BRIEF By Max Stul Oppenheimer, Esq. This prestigious award, the Knuttie, memorializes King Knut. Or Cnut or Knute or Cnute. Or Knud or Knutur or Canuto, Canutus, Knutr, or Nuutti. (He preceded spell-check.) Anyway, Knut of Denmark conquered England, Scotland, Norway, and parts of Sweden but is best remembered for […]
Whenever I hear or see headlines about a “supply chain vulnerability,” I think in terms of big enterprises and delivery of goods and services. You know — supplies. But in technology, the term “supply chain attack” means that an attacker has gotten into something trusted — such as a software vendor, service provider, hardware supplier […]
Login
