Hacker pleads guilty to SIM swap attack on US SEC X account
Today, an Alabama man pleaded guilty to hijacking the U.S. Securities and Exchange Commission (SEC) account on X in a January 2024 SIM swapping attack. This comes after the defendant, 25-year-old Eric Council Jr., first pleaded not guilty to hacking the account and enabling his co-conspirators to make a fake announcement that Bitcoin ETFs were approved. Council's fraudulent post caused Bitcoin to jump up in price by $1,000 and just as quickly plummetted by $2,000 afterwards. READ MORE...
120K Victims Compromised in Memorial Hospital Ransomware Attack
In Bainbridge, Ga., the small Memorial Hospital and Manor is notifying 120,000 individuals that their personal information was stolen in a ransomware attack. The ransomware attack was first disclosed in November, but at the time, it said that though its systems were down, and staff would have to revert to pen and paper to record patient information, its operations remained uninterrupted. READ MORE...
OpenAI Finds No Evidence of Breach After Hacker Offers to Sell 20 Million Credentials
A hacker recently offered to sell 20 million OpenAI credentials, but the data likely comes from information-stealing malware, not the AI firm's systems. A hacker using the online moniker 'emirking' recently claimed on the BreachForums cybercrime forum that they have obtained credentials associated with 20 million OpenAI accounts, suggesting that the data was up for sale. READ MORE...
8Base ransomware group leaders arrested, leak site seized
The Thai police has arrested four individuals suspected of being the leaders of the 8Base ransomware group and of stealing approximately $16 million from 1,000+ victims they targeted with the Phobos ransomware. "Officers from Cyber Crime Investigation Bureau, led by Police Lieutenant General Trairong Phiwphan, conducted 'Operation PHOBOS AETOR' in Phuket on February 10, arresting four foreign hackers involved in ransomware attacks. READ MORE...
Toll booth bandits continue to scam via SMS messages
North American drivers are continuing to be barraged by waves of scam text messages, telling them that they owe money on unpaid tolls. Last month we described on Hot for Security how US authorities had issued a warning about SMS phishing attacks from scammers posing as tolling agencies. For instance, Texas-based audience producer Gwen Howerton described on Bluesky how she had been duped by an unpaid toll scam after she had driven a rental car on the Dallas North Tollway. READ MORE...
Apple Confirms USB Restricted Mode Exploited in 'Extremely Sophisticated' Attack
Apple on Monday released an urgent patch for its flagship iOS and iPadOS platforms alongside a warning that a critical security flaw was actively exploited in the wild. The security defect, tracked as CVE-2025-24200, allows attackers with physical access to a locked iPhone or iPad to disable USB Restricted Mode - a key protection mechanism - to access unpatched iPhones. Cupertino's security response team confirmed the defect led to "an extremely sophisticated attack." READ MORE...
Magecart Attackers Abuse Google Ad Tool to Steal Data
Attackers are exploiting Google Tag Manager by planting malicious code within e-commerce sites built on the Magento platform. The code can steal payment card data, demonstrating a new type of Magecart attack that leverages Google's free, legitimate website marketing tool. Researchers from Sucuri discovered an ongoing Magecart campaign in which attackers load code that appears to be a standard Google Tag Manager (GTM) and Google Analytics tracking script from a database onto e-commerce sites. READ MORE...
Over 12,000 KerioControl firewalls exposed to exploited RCE flaw
Over twelve thousand GFI KerioControl firewall instances are exposed to a critical remote code execution vulnerability tracked as CVE-2024-52875. KerioControl is a network security suite that small and medium-sized businesses use for VPNs, bandwidth management, reporting and monitoring, traffic filtering, AV protection, and intrusion prevention. The flaw in question was discovered in mid-December by security researcher Egidio Romano (EgiX). READ MORE...
CISA warns of hackers targeting vulnerability in Trimble Cityworks to conduct RCE
The Cybersecurity and Infrastructure Security Agency warned hackers are targeting a vulnerability in Trimble Cityworks that could allow an attacker to conduct remote code execution. The deserialization vulnerability, tracked as CVE-2025-0994, can enable an attacker to conduct remote code execution against a user's Microsoft Internet Information Services web server, according to the CISA advisory. READ MORE...
- ...in 1847, engineer and businessman Thomas Edison, inventor of the light bulb, phonograph, and motion picture camera, is born in Milan, OH.
- ...in 1936, actor/producer Burt Reynolds (Smokey and the Bandit, Deliverance) is born in Lansing, MI.
- ...in 1990, activist Nelson Mandela is released from prison after 27 years as a political prisoner of South Africa's apartheid government.
- ...in 2011, Egyptian president Hosni Mubarak resigns in the wake of 18 days of popular protests.
