Brazilian IT worker João Roque has been arrested in connection with a $100 million theft through payment system PIX. Roque admitted to police that he had sold his login credentials to hackers who had approached him earlier this year.
Sophos has reported that almost half of companies targeted by ransomware attacks paid to regain access to their data, with the median payment amounting to $1 million. Sophos reports found that 46 percent of companies paid ransoms in 2025, the second highest rate in six years.
Mandiant revealed that Chinese-linked state-backed hackers rely on operational relay box (ORBs) network proxy meshes to avoid detection for cyber espionage campaigns.
For example, Mandiant pointed out that these advanced persistent threat actors (APTs) used ORBs for the ‘SPACEHOP’ critical vulnerability campaign earlier this year.
Microsoft’s Threat Intelligence arm issued a warning on the rise of new, sophisticated tax phishing scams that could lead to stolen personal and financial data.
These tax-related phishing scams are initiated by impersonating trusted employers, tax agencies, and payment processors. Victims click on a malicious attachment, which leads to a believable landing page designed to capture sensitive information.
A police raid on a Philippines online organization highlights not only the ongoing digital crime boom in Southeast Asia but also the increasingly blurred line between cybercrime and ordinary gangsters.
Police raided the premises of the Tarlac Pogo firm following a complaint filed by a Vietnamese worker who bore signs of having been recently tortured in the form of electrocution scars. The police discovered 875 people, including 504 foreigners, who had been lured to work for what purported to be an online gaming company, but was actually a forced labour camp operating romance scams.
Security Discovery researchers and the Cybernews team discovered the largest data leak ever recorded, containing 26 billion records predominantly stolen from major social media platforms and government agencies.
Dubbed “The Mother of All Breaches”, the 12 terabytes of compromised records were stolen most notably from Tencent QQ (1.5B), Weibo (504M), MySpace (360M), Twitter (281M), LinkedIn (251M), AdultFriendFinder (220M), among government agency data from the United States, Brazil, Germany, the Philippines, Turkey, among others.
There has been a surge of advertisements on the dark web this year, with over 700 adverts advertising Distributed Denial of Service (DDoS) attacks through the Internet of Things (IoT) devices having been identified.
The cost of employing the sinister DDoS attack services ranges from $20 per day to $1 000 per month, depending on the amount of protection the target has.
admin
Editorial Team