Within hours of the US and Israel launching airstrikes on Iran two weeks ago, security professionals warned organizations around the world to be on heightened watch for destructive retaliatory hacks. On Wednesday, the predictions appeared to come true as Stryker, a multinational maker of medical devices, confirmed a cyberattack that took down much of its infrastructure, and a hacking group long known to be aligned with the Iranian government claimed responsibility. READ MORE...
Authorities from multiple countries dismantled SocksEscort, a residential proxy network cybercriminals used to commit large-scale fraud, claiming access to about 369,000 IP addresses since 2020, the Justice Department said Thursday. Europol, which aided the investigation alongside various law enforcement agencies, Lumen's Black Lotus Labs and the Shadowserver Foundation, said the malicious proxy service compromised routers and IoT devices in 163 countries. READ MORE...
Starbucks has disclosed a data breach affecting hundreds of employees after threat actors gained access to their Starbucks Partner Central accounts. As the world's largest coffeehouse chain, Starbucks has over 380,000 employees (also known as partners) and operates nearly 41,000 locations across 88 countries. In data breach notification letters filed with Maine's Attorney General and sent to affected employees on Tuesday, the company says that it discovered the incident on February 6. READ MORE...
Canadian business process outsourcing giant Telus Digital has confirmed it suffered a security incident after threat actors claimed to have stolen nearly 1 petabyte of data from the company in a multi-month breach. Telus Digital is the digital services and business process outsourcing (BPO) arm of Canadian telecommunications provider Telus, providing customer support, content moderation, AI data services, and other outsourced operational services to companies worldwide. READ MORE...
Google has released an out-of-band security update for Chrome desktop that patches two high-severity zero-day vulnerabilities. Both bugs can be exploited remotely and require only that a user visit a malicious website. Because the attack complexity is low, the vulnerabilities pose a higher real-world risk. The latest version numbers are 146.0.7680.75/76 for Windows and macOS and 146.0.7680.75 for Linux. READ MORE...
A new Android-based banking Trojan is targeting mobile payments in Brazil and hijacking them on the way to their destination. Dubbed "PixRevolution," the Trojan relies on the widespread use of Pix, a mobile instant payment system implemented by the Central Bank of Brazil in 2020, more than three quarters of the Brazilian population use it. Researchers from mobile security vendor Zimperium's zLabs team identified a novel banking Trojan specifically targeting this system. READ MORE...
Pro-Iranian hackers are targeting sites in the Middle East and starting to stretch into the United States during the war, raising the risk of American defense contractors, power stations and water plants being swept into a wave of digital chaos that could expand if Tehran's allies join the fray. Hackers supporting Iran claimed responsibility for a significant cyberattack Wednesday against U.S. medical device company Stryker. READ MORE...
Ninety-four people were arrested as part of a global, multi-month cybercrime crackdown, Interpol revealed today. Announcing the results of Operation Synergia III, the third iteration of the counter-cybercrime initiative that began in 2023, Interpol also said 110 individuals remain under investigation. Operation Synergia III ran between July 18, 2025, and January 31, 2026, focusing on crimes including phishing, romance scams, and credit card fraud. READ MORE...