Senegalese Data Breaches Expose Lack of 'Security Maturity'
The vast majority of Senegal's adult population seems to have just lost its biometric data to hackers. On Jan. 19, a new ransomware outfit calling itself "The Green Blood Group" breached two servers at the West African nation's Directorate of File Automation (DAF), the government agency that handles passports, national ID cards, and biometric data for the country's nearly 20 million residents. READ MORE...
ApolloMD Data Breach Impacts 626,000 Individuals
Over 626,000 individuals were impacted by a May 2025 cyberattack at healthcare physician and practice management services provider ApolloMD. The incident occurred between May 22 and May 23 and involved access to files containing personally identifiable information (PII) and protected health information (PHI) pertaining to affiliated physicians and practices. In an incident notice on its website, the company revealed that the hackers stole names, addresses, diagnostic details, and more. READ MORE...
Polish hacker charged seven years after massive Morele.net data breach
A 29-year-old Polish man has been charged in connection with a data breach that exposed the personal details of around 2.5 million customers of the popular Polish e-commerce website Morele.net. Poland's Central Cybercrime Bureau (CBZC) announced that charges were filed on 30 January 2026, following years of investigation into the 2018 breach of Morele.net, that specialises in electronics, computer equipment and home appliances. READ MORE...
North Korea's UNC1069 Hammers Crypto Firms With AI
A financially motivated North Korean threat actor is aiming at cryptocurrency firms with novel deepfake-powered social engineering strategies. Google Cloud's Mandiant this week published research concerning a threat actor it tracks as UNC1069, which has been active since at least 2018. The research primarily involves one attack in which the attacker used a compromised cryptocurrency executive's Telegram account to target a secondary victim. READ MORE...
Criminals are using AI website builders to clone major brands
AI tool Vercel was abused by cybercriminals to create a Malwarebytes lookalike website. Cybercriminals no longer need design or coding skills to create a convincing fake brand site. All they need is a domain name and an AI website builder. In minutes, they can clone a site's look and feel, plug in payment or credential-stealing flows, and start luring victims through search, social media, and spam. READ MORE...
Apple patches zero-day flaw that could let attackers take control of devices
Apple has released security updates for iPhones, iPads, Macs, Apple Watches, Apple TVs, and Safari, fixing, in particular, a zero-day flaw that is actively exploited in targeted attacks. Exploiting this zero-day flaw would allow cybercriminals to run any code they want on the affected device, potentially installing spyware or backdoors without the owner noticing. Installing these updates as soon as possible keeps your personal information safe from such an attack. READ MORE...
Krebs on Security: Kimwolf Botnet Swamps Anonymity Network I2P
For the past week, the massive "Internet of Things" (IoT) botnet known as Kimwolf has been disrupting The Invisible Internet Project (I2P), a decentralized, encrypted communications network designed to anonymize and secure online communications. I2P users started reporting disruptions in the network around the same time the Kimwolf botmasters began relying on it to evade takedown attempts against the botnet's control servers. READ MORE...
0APT ransomware group rises swiftly with bluster, along with genuine threat of attack
Ransomware groups crop up like weeds, angling for striking positions in a crowded field rife with turnover, infighting and unbridled competition. Yet, they rarely emerge, as 0APT did late last month, claiming roughly 200 victims out of the gate. Researchers have thus far seen no evidence confirming 0APT attacked any of its alleged victims, which includes high-profile organizations. READ MORE...
Crazy ransomware gang abuses employee monitoring tool in attacks
A member of the Crazy ransomware gang is abusing legitimate employee monitoring software and the SimpleHelp remote support tool to maintain persistence in corporate networks, evade detection, and prepare for ransomware deployment. The breaches were observed by researchers at Huntress, who investigated multiple incidents where threat actors deployed Net Monitor for Employees Professional alongside SimpleHelp for remote access to a breached network. READ MORE...
Majority of Ivanti EPMM threat activity linked to hidden IP
More than 80% of exploitation activity targeting critical vulnerabilities in Ivanti Endpoint Manager Mobile were traced to a single IP address hiding behind a bulletproof hosting infrastructure, according to a report released Tuesday by GreyNoise. Researchers warn that several of the most shared indicators of compromise linked to the current threat campaign indicate no activity linked to Ivanti EPMM. READ MORE...
- ...in 1809, Abraham Lincoln is born in a log cabin near Hodgenville, KY.
- ...in 1809, English naturalist Charles Darwin, who first proposed that living species are descended over time from common ancestors, is born in Kent, England.
- ...in 1912, China becomes a republic following the overthrow of the Manchu dynasty.
- ...in 1980, The Lake Placid Winter Olympics opens in New York.
