Cyber Crime

Pierluigi Paganini June 23, 2026
Xsolis Data Breach Impacts 1.4 Million People

Xsolis disclosed a breach affecting 1.4M people after a phishing attack exposed personal and health data from its hospital clients’ systems. Healthcare tech company Xsolis, Inc. has disclosed a data breach impacting nearly 1.4 million individuals. The Tennessee-based firm provides utilization management and revenue cycle solutions for healthcare providers. The company became aware of an […]

Pierluigi Paganini June 22, 2026
WhatsApp Malware Campaign Hijacks Trust, Installs Legitimate Admin Tools

WhatsApp accounts were hijacked to spread fake debt notices that install remote access software, giving attackers control of victims’ PCs. Kaspersky published a technical analysis this week of an active malware campaign that spreads through WhatsApp messages and ends with a remote management tool silently installed on the victim’s machine. The campaign is still running […]

Pierluigi Paganini June 22, 2026
Texas Parks & Wildlife (TPWD) Data Breach impacts 3 Million People

Texas Parks and Wildlife Department (TPWD) breach exposed data of 3M people via a third-party license vendor, including sensitive personal information. The Texas Parks and Wildlife Department (TPWD) disclosed a data breach affecting around 3 million individuals after a third-party vendor used for hunting and fishing license sales was compromised. The Texas Parks and Wildlife […]

Pierluigi Paganini June 22, 2026
4,300+ Outdated Routers Hijacked in Stealthy Spy Infrastructure by AryStinger malware

AryStinger hijacks outdated routers via old flaws, turning 4,300+ devices into a stealth network for reconnaissance and intrusion support. On March 12, 2026, QiAnXin’s XLab threat detection system flagged a single IP address, 107.150.106.14, spreading a Linux binary through two vulnerabilities that were disclosed in 2013 and 2016 respectively. The binary had zero detections on […]

Pierluigi Paganini June 19, 2026
14,971 WordPress Sites Cleaned in Global SocGholish Takedown

Operation EndGame disrupted SocGholish, taking down 106 servers and cleaning 14,971 WordPress sites used to spread fake-update malware. On June 18, 2026, law enforcement agencies from the Netherlands, Canada, the United States, and Germany, coordinated through Europol, executed a joint action week against SocGholish, one of the most persistent and widely deployed malware distribution networks […]

Pierluigi Paganini June 18, 2026
FortiBleed Exposes Admin Passwords for 75,000 Fortinet Firewalls

FortiBleed: Admin Passwords for 75,000 Fortinet Firewalls Are Out in the Wild. Half the Internet-Facing Fortinets on the Planet. Security researcher Bob Diachenko found a server sitting open on the internet containing what appeared to be valid Fortinet VPN credentials, including usernames, email addresses, and plaintext passwords for tens of thousands of organizations. He posted […]

Pierluigi Paganini June 17, 2026
DragonForce Hid Inside Microsoft Teams and Nobody Noticed for Two Months

DragonForce hid for months by routing malware traffic through Microsoft Teams infrastructure, masking C2 activity and evading network detection. DragonForce ransomware operators hit a major U.S. services firm and stayed hidden for one to two months by routing their command-and-control traffic through Microsoft’s own Teams relay servers. Symantec’s threat hunters tracked the custom backdoor they […]

Pierluigi Paganini June 17, 2026
New Rokarolla Android Trojan Targets 217 Banking and Crypto Apps

Rokarolla Android malware targets 217 banking and crypto apps, steals credentials, blocks bank calls, intercepts SMS, and disables Play Protect. Zimperium’s zLabs researchers have published a detailed analysis of Rokarolla, a new Android banking trojan named after its command-and-control infrastructure. It spreads through malicious websites masquerading as TikTok and Chrome, one confirmed distribution point being […]

Pierluigi Paganini June 17, 2026
FulcrumSec Targets Novo Nordisk, Leaks Clinical and Research Data

FulcrumSec leaked data stolen from Novo Nordisk, claiming to have exfiltrated 1.3TB, including clinical records and AI research assets. On June 15, 2026, a data-theft extortion group calling itself FulcrumSec began leaking files from Novo Nordisk, the Danish maker of Ozempic and Wegovy, after the company refused a $25 million ransom demand. The attackers claimed […]

Pierluigi Paganini June 16, 2026
iRhythm Hit by Cyberattack, Patient Data Stolen and Ransom Demanded

iRhythm disclosed a cyberattack via third-party apps where patient and proprietary data was stolen, followed by a ransom demand. iRhythm Technologies is a U.S.-based digital healthcare company specializing in remote cardiac monitoring and arrhythmia detection. Its best-known product is the Zio, a wearable patch that continuously records a patient’s heart rhythm for up to several […]