US feds have dismantled a crypto laundering service that they say helped cybercrooks wash tens of millions of dollars in dirty digital cash, seizing its servers and unsealing charges against an alleged Russian operator. The FBI, working with cops in Europe and a grab bag of state and federal agencies, announced this week that it has taken down the infrastructure behind E-Note, an unlicensed virtual currency exchange accused of acting as a financial rinse cycle. READ MORE...
Virginia mental health services provider Richmond Behavioral Health Authority (RBHA) says the personal information of more than 113,000 people was stolen in a recent ransomware attack. Serving the city of Richmond, RBHA is a public agency that provides mental health support, crisis care, intellectual disability, substance abuse, and prevention services. On September 29, the provider was hit by a ransomware attack that resulted in portions of its network being encrypted. READ MORE...
French authorities arrested a 22-year-old suspect on Tuesday for a cyberattack that targeted France's Ministry of the Interior earlier this month. In a statement issued by Public Prosecutor Laure Beccuau, officials said the suspected hacker was arrested on December 17, 2025, as part of an investigation into the attack. The suspect is accused of unauthorized access to an automated personal data processing system and conducted as part of an organized group. READ MORE...
Attackers have been using compromised AWS Identity and Access Management (IAM) credentials to target cloud services in a sprawling cryptomining campaign that can deploy unauthorized miners 10 minutes after compromising customer infrastructure. Amazon Web Services (AWS) security researchers identified the malicious activity in early November using Amazon GuardDuty and automated security monitoring systems, according to a blog post published by AWS on Tuesday. READ MORE...
Exploitation attempts have surged for a critical vulnerability in the React user interface library for Web applications. Some are capable of bypassing web application firewall (WAFs) rules, and others are non-working AI slop. Artificial intelligence compounds a pollution problem for defenders - especially when slop gets served up as a proof-of-concept exploit (PoCs), cybersecurity experts say. READ MORE...
For the first time in more than three years, researchers have new information about Iran's oldest state-level threat group. "Prince of Persia" - also known as "Infy" - isn't just the oldest known Iranian advanced persistent threat (APT). It's one of the oldest APTs in existence, rivalled only by groups like Turla and APT1. A decade ago, when it was first described in cybersecurity literature, researchers found evidence that its activity dated back to December 2004. READ MORE...
Researchers warn of intrusion activity that was first discovered on Friday targeting Fortinet FortiGate appliances using malicious single sign-on (SSO) logins, according to a blog released Monday from Arctic Wolf. The threat activity comes about a week after Fortinet disclosed two critical authentication bypass vulnerabilities in multiple products. Fortinet said the flaws were originally discovered by two members of its product security team. READ MORE...
Suspected Chinese-government-linked threat actors have been battering a maximum-severity Cisco AsyncOS zero-day vulnerability in some Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) appliances for nearly a month, and there's no timeline for a fix. Cisco disclosed the bug, tracked as CVE-2025-20393, on Wednesday and said it affects both physical and virtual SEG and SEWM appliances in certain non-standard configurations. READ MORE...