Cybercrime

Pierluigi Paganini July 02, 2026
Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges

Alleged Scattered Spider member Peter Stokes, 19, was extradited from Finland to the U.S. over hacking, fraud, and extortion charges. Peter Stokes, 19, an alleged Scattered Spider member known online as “Bouquet,” has been extradited from Finland to the U.S. to face hacking, fraud, and extortion charges. Prosecutors say he took part in multiple cyberattacks, […]

Pierluigi Paganini July 01, 2026
Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs

81 Million Login Attempts, 78 Compromised Accounts: The LSHIY Password Spray Hitting Azure CLI Huntress researchers have been tracking a massive automated password spray campaign against Microsoft Azure CLI environments since June 12, 2026. A password spray attack is when attackers try a small number of common passwords across many accounts instead of many passwords […]

Pierluigi Paganini July 01, 2026
CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks

CISA confirms BlueHammer (CVE-2026-33825) is now used in ransomware attacks to gain SYSTEM privileges through Microsoft Defender. BlueHammer, tracked as CVE-2026-33825, has moved from proof-of-concept noise to real ransomware attacks in the wild, the US CISA confirms. BlueHammer allows attackers to escalate privileges locally in Microsoft Defender. The vulnerability, along with two other zero-days dubbed […]

Pierluigi Paganini July 01, 2026
RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow

RustDuck is a small, evolving DDoS botnet migrating to Rust. It uses advanced encryption, anti-analysis evasion, and exploits known IoT flaws. Since February 2026, researchers at QiAnXin’s XLab have been tracking a new malware family, called RustDuck, that hijacks routers, cameras, Android set-top boxes, and exposed servers, then uses them to flood targets with junk […]

Pierluigi Paganini June 30, 2026
XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t

Police arrested the alleged admin of XSS.is, a major cybercrime forum whose trusted escrow service helped power the underground economy. On 22 July 2025, French and Ukrainian police arrested a 38-year-old man in Kyiv and shut down XSS.is, the most influential Russian-language cybercrime forum of the past decade. Europol, which coordinated the operation under the […]

Pierluigi Paganini June 30, 2026
Hackers Steal Data of 4.38 Million Aflac Japan Customers

Hackers stole data from 4.38 million Aflac Japan customers after accessing its systems for 10 days before the breach was detected. Aflac Japan disclosed that hackers stole the personal information of 4.38 million customers and agents after gaining access to its systems between June 15 and June 25. Attackers stole data from the company policyholder […]

Pierluigi Paganini June 29, 2026
StegoAd: How 119 Fake Browser Extensions Stole Credentials and Ran Ad Fraud for Two Years

Microsoft shut down the StegoAd campaign, which used 119 malicious Edge extensions, hit 2.6M installs, and ran undetected for two years. Microsoft just shut down one of the more technically clever malicious extension campaigns it’s ever documented. The operation, named StegoAd, ran 119 extensions on the Edge Add-ons store, racked up roughly 2.6 million installs, […]

Pierluigi Paganini June 28, 2026
KDDI Data Breach Impacts up to 14.2 Million Email Accounts at Six ISPs

KDDI Corporation disclosed a breach affecting up to 14.2 million email accounts after attackers exploited a vulnerability in third-party software. KDDI Corporation disclosed a data breach that exposed up to 14.2 million email accounts across six Japanese internet service providers. KDDI Corporation is one of Japan’s largest telecommunications companies. It employs more than 60,000 people […]

Pierluigi Paganini June 28, 2026
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 103

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter More Than 4,000 Legacy Routers Compromised by AryStinger, Turned into Global Attack Proxies for Hackers   A VBScript campaign distributed through WhatsApp deploying RMM software  Lost in relocation: analysis of a new loader distributing CASTLESTEALER   […]

Pierluigi Paganini June 28, 2026
Security Affairs newsletter Round 583 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. New FBI Alert: Russian Intelligence Uses Signal Recovery Keys to Access Messages Hospitality Sector Hit by […]