FBI: Threats from Salt Typhoon are 'still very much ongoing'
Atop FBI cyber official said Salt Typhoon, the Chinese cyber espionage group behind the widespread compromise of U.S. telecommunications infrastructure in 2024, continues to pose a broad threat to both America's private and public sectors. Michael Machtinger, deputy assistant director for cyber intelligence at the FBI, touted improved partnerships between the telecommunications industry and government in the wake of the campaign. READ MORE...
PayPal discloses data breach that exposed user info for 6 months
PayPal is notifying customers of a data breach after a software error in a loan application exposed their sensitive personal information, including Social Security numbers, for nearly 6 months last year. The incident affected the PayPal Working Capital (PPWC) loan app, which provides small businesses with quick access to financing. The financial technology company said it has reversed the code change that caused the incident, blocking attackers' access to the data. READ MORE...
Mississippi medical center closes all clinics after ransomware attack
The University of Mississippi Medical Center (UMMC) closed all its clinic locations statewide on Thursday following a ransomware attack. UMMC has over 10,000 employees and, as one of the largest employers in Mississippi, operates seven hospitals, 35 clinics, and more than 200 telehealth sites statewide. The medical center includes the state's only children's hospital, only Level I trauma center, only organ and bone marrow transplant program, and the only Telehealth Center of Excellence. READ MORE...
651 arrested, $4.3 million recovered in African cybercrime sweep
Operation Red Card 2.0, supported by INTERPOL and involving law enforcement agencies from 16 African countries, led to 651 arrests and the recovery of more than $4.3 million from online scams. Running from 8 December 2025 to 30 January 2026, the operation targeted networks behind high-yield investment fraud, mobile money scams and fraudulent loan applications that caused more than $45 million in losses. READ MORE...
Crims hit a $20M jackpot via malware-stuffed ATMs
Thieves stole more than $20 million from compromised ATMs last year using a malware-assisted technique that the FBI says is on the uptick across the United States. They are doing this through ATM jackpotting - a cyber-physical attack in which crooks exploit physical and software vulnerabilities in ATMs to deploy malware that instructs the machine to dispense cash on demand without bank authorization. Of the 1,900 such incidents reported since 2020, more than 700 occurred in 2025 alone. READ MORE...
Best-in-Class 'Starkiller' Phishing Kit Bypasses MFA
A growing phishing-as-a-service (PhaaS) tool reliably undermines traditional methods for detecting phishing attacks, both technical and psychological. "Starkiller," described this week by researchers at Abnormal AI, is packaged and sold with a sleekness comparable to legitimate software-as-a-service (SaaS) platforms. It's got a clean, retrofuturist dashboard, sporting real-time campaign analytics. It's got substance to back up its style, too. READ MORE...
Android malware taps Gemini to navigate infected devices
Cybersecurity researchers say they've spotted the first Android malware strain that uses generative AI to improve performance once installed. But it may be only a proof of concept. ESET calls it PromptSpy, malware whose primary goal is to deploy a VNC module that hands hackers remote control of infected devices. The Slovak security shop's experts said PromptSpy comes with capabilities to instruct Google's Gemini chatbot to interpret parts of the device's user interface. READ MORE...
LLMs change their answers based on who's asking
AI chatbots may deliver unequal answers depending on who is asking the question. A new study from the MIT Center for Constructive Communication finds that LLMs provide less accurate information, increase refusal rates, and sometimes adopt a different tone when users appear less educated, less fluent in English, or from particular countries. The team evaluated GPT-4, Claude 3 Opus, and Llama 3-8B using established benchmarks for scientific knowledge and truthfulness. READ MORE...
Age verification vendor Persona left frontend exposed, researchers say
Three researchers investigating Discord's age-verification checks say they discovered an exposed frontend belonging to Persona, the identity-verification vendor used by Discord. It revealed a far more expansive surveillance and financial intelligence stack than a simple "teen safety" tool. A short while ago we reported that Discord will limit profiles to teen-appropriate mode until you verify your age. READ MORE...
- ...in 1872, the Metropolitan Museum of Art opens in New York City.
- ...in 1927, actor Sidney Poitier ("In the Heat of the Night", "To Sir, With Love") is born in Miami, FL.
- ...in 1960, comedian Joel Hodgson, creator of the TV cult classic "Mystery Science Theater 3000", is born in Stevens Point, WI.
- ...in 1986, the Soviet Union launches the first module of the space station Mir, which would be gradually assembled in orbit over the following 10 years.
