U.S. prosecutors last week levied criminal hacking charges against 19-year-old U.K. national Thalha Jubair for allegedly being a core member of Scattered Spider, a prolific cybercrime group blamed for extorting at least $115 million in ransom payments from victims. The charges came as Jubair and an alleged co-conspirator appeared in a London court to face accusations of hacking into and extorting several large U.K. retailers, the London transit system, and healthcare providers in the United States. READ MORE...
US gaming and casino operator Boyd Gaming Corporation disclosed it suffered a breach after threat actors gained access to its systems and stole data, including employee information and data belonging to a limited number of other individuals. Boyd Gaming is a public US casino entertainment company with 28 gaming properties in ten states. The firm employs over 16,000 people and had an annual revenue of $3.9 billion in 2024. READ MORE...
Jaguar Land Rover said it will extend a delay at its production facilities until Oct. 1, weeks after a cyberattack forced the luxury automaker to pause operations. The U.K.-based company said the decision to extend the delay will "give clarity for the coming week," as it prepares for the phased restart of production, according to a statement posted Tuesday on its corporate website. READ MORE...
Web performance and security company Cloudflare reported on Tuesday that its systems blocked another record-breaking distributed denial-of-service (DDoS) attack. The latest record-breaking attack peaked at 22.2 terabits per second (Tbps) and 10.6 billion packets per second (Bpps), and lasted only 40 seconds. The company said this hyper-volumetric DDoS attack, which was double in size compared to the previous record, was autonomously blocked by its systems. READ MORE...
The Python Software Foundation has warned victims of a new wave of phishing attacks using a fake Python Package Index (PyPI) website to reset credentials. Accessible at pypi.org, PyPI is the default source for Python's package management tools, hosting hundreds of thousands of packages and providing developers with a centralized platform to distribute third-party software libraries. READ MORE...
Ambitious, suspected Chinese hackers with a slew of goals - stealing intellectual property, mining intelligence on national security and trade, developing avenues for future advanced cyberattacks - have been setting up shop inside U.S. target networks for exceptionally long stretches of time, in a breach that the researchers who uncovered it said could present problems for years to come. READ MORE...
A survey of cybersecurity bosses has shown that 62 percent reported attacks on their staff using AI over the last year, either by the use of prompt injection attacks or faking out their systems using phony audio or video generated by AI. The most common attack vector is deepfake audio calls against staff, with 44 percent of businesses reporting at least one instance of this happening, six percent of which resulted in business interruption, financial loss, or intellectual property loss. READ MORE...
Hackers are conducting brute force attacks against the MySonicWall.com portal in order to access the company's cloud backup service for firewalls, SonicWall and federal authorities warned in advisories released Monday. SonicWall said its investigation found that hackers gained access to 5% of backup firewall preference files. The company warned that while credentials inside the files were encrypted, the files contained other information that could help attackers exploit the firewall. READ MORE...
Servers running on motherboards sold by Supermicro contain high-severity vulnerabilities that can allow hackers to remotely install malicious firmware that runs even before the operating system, making infections impossible to detect or remove without unusual protections in place. One of the two vulnerabilities is the result of an incomplete patch Supermicro released in January, said Alex Matrosov, founder and CEO of Binarly, the security firm that discovered it. READ MORE...
Suspected state-sponsored attackers have exploited a zero-day vulnerability (CVE-2025-59689) in the Libraesva Email Security Gateway (ESG), the Italian email security company has confirmed. CVE-2025-59689 is a command injection vulnerability caused by improper sanitization when removing active code from files inside certain compressed archive formats. It can be triggered by emails containing a specially crafted compressed attachment. READ MORE...