Arizona woman sentenced to 8 years for aiding North Korean cybercriminals
Posted inCybersecurity News

Arizona woman sentenced to 8 years for aiding North Korean cybercriminals

In a landmark federal court case, Christina Marie Chapman, a 50-year-old resident of Arizona, has been sentenced to 102 months in prison after pleading guilty to helping North Korean IT operatives penetrate the remote networks of more than 300 American businesses. Prosecutors have described the sophisticated fraud operation as one of the largest ever prosecuted involving North Korean cyber schemes targeting the U.S. private sector.
21-year-old UK student sentenced to 7 years in prison for development and distribution of phishing kits.
Posted inCybersecurity News

21-year-old UK student sentenced to 7 years in prison for development and distribution of phishing kits.

Ollie Holman, a 21-year-old university student from Eastcote, West London, has been sentenced to seven years in prison for his pivotal role in the development and worldwide distribution of sophisticated phishing kits. These kits fueled an international fraud operation responsible for estimated losses exceeding £100 million (approximately $134 million).
DOJ and FBI announce the conclusion of Operation Grayskull, which dismantled four pedophile websites on the dark web.
Posted inCybersecurity News

DOJ and FBI announce the conclusion of Operation Grayskull, which dismantled four pedophile websites on the dark web.

The U.S. Department of Justice (DOJ), in partnership with the Federal Bureau of Investigation (FBI), has announced the successful conclusion of Operation Grayskull, a comprehensive and coordinated law enforcement initiative aimed at eradicating dark web platforms dedicated to distributing child sexual abuse material (CSAM).
EncryptHub strikes again, sneaking trojanized game onto Steam as a early-access title.
Posted inCybersecurity News

EncryptHub strikes again, sneaking trojanized game onto Steam as a early-access title.

Threat actor group EncryptHub has been implicated in a malware campaign that leveraged the popular gaming platform Steam to distribute info-stealing malware to unsuspecting users. Steam says EncryptHub was able to infiltrate Steam's ecosystem by uploading a trojanized game, masquerading as a legitimate early-access title. This malicious game served as a delivery mechanism for stealer malware, targeting high-value data such as browser cookies and session tokens, saved passwords and authentication credentials, and cryptocurrency wallets and sensitive system files.
XSS cybercrime forum rises from the dead – just one day after being raided by Europol. Ahem… honeypot.
Posted inCybersecurity News

XSS cybercrime forum rises from the dead – just one day after being raided by Europol. Ahem… honeypot.

On July 22, 2025, the XXX.is forum, one of the largest and longest-standing Russian-speaking cybercrime marketplaces, was taken offline after a coordinated, multi-year investigation involving Ukrainian authorities, French police, and Europol. The forum’s main domain was seized and replaced with a law enforcement notice. However, today, the XSS forum re-emerged within 24 hours on its mirror sites and .onion domains on the dark web. A statement posted by an administrator account claimed the forum’s infrastructure remained intact and reassured users that restoration efforts were underway. Security researchers say, not so fast. Is this a real-life resurrection or a law enforcement honeypot?
Ah, iPhone users, you’re a wild and reckless bunch. New study suggests Android users exhibit stronger security habits.
Posted inCybersecurity News

Ah, iPhone users, you’re a wild and reckless bunch. New study suggests Android users exhibit stronger security habits.

A recent analysis conducted by cybersecurity firm Malwarebytes sheds light on the contrasting online security behaviors of Android and iPhone users. The report highlights notable differences in information-sharing tendencies, adoption of security tools, password management practices, and susceptibility to scams between the two user groups.
The Active Soco404 campaign targets cloud environments to deploy cryptomining software.
Posted inCybersecurity News

The Active Soco404 campaign targets cloud environments to deploy cryptomining software.

Researchers from Wiz have uncovered a sophisticated cryptomining campaign, dubbed Soco404, that targets cloud environments by exploiting various vulnerabilities and misconfigurations. The attackers employ a unique method of embedding malicious payloads within fake 404 error pages hosted on Google Sites, demonstrating alarming ingenuity in cloud threat tactics.
The new China-based Storm-2603 group is deploying Warlock ransomware on Microsoft SharePoint servers.
Posted inCybersecurity News

The new China-based Storm-2603 group is deploying Warlock ransomware on Microsoft SharePoint servers.

A sophisticated cyber threat actor known as Storm-2603 has been identified exploiting critical vulnerabilities in Microsoft SharePoint to deploy Warlock ransomware on unpatched enterprise systems. According to Microsoft’s recent security advisory, this group, believed to be China-based, is leveraging unpatched flaws in on-premises SharePoint servers to gain unauthorized access, establish persistence, and spread ransomware across targeted networks.