Aleksandr Ermakov, a Russian cybercriminal, has been sanctioned by Australia, the UK, and the US for his alleged involvement in the Medibank data breach and his ties to the REvil ransomware group.

These packages target Windows systems and Linux hosts, with the Windows payload being a variant of WhiteSnake malware capable of stealing information and executing commands.

Despite Google’s efforts to enforce abuse policies and remove malicious ads, cybercrooks are finding new ways to evade detection and continue to lead users to malware-infected websites.

The Ukrainian Ministry of Defense’s Main Intelligence Directorate claims that pro-Ukrainian hacktivists breached the Russian Center for Space Hydrometeorology, known as “Planeta,” and wiped 2 petabytes of data.

The majority of GoAnywhere MFT admin interfaces running on default port settings are hosted in the U.S., with more than 3 in 5 publicly exposed instances hosted on cloud networks operated by Amazon, Microsoft, and Google.

The breach has impacted at least 14 million patients across various organizations. The hack prompted a warning from New York’s attorney general about potential identity theft and fraud risks.

The spyware intrusions occurred on the phones of multiple journalists, including the publisher of an independent weekly paper, raising concerns about press freedom and privacy violations in the country.

The Akira ransomware gang has claimed responsibility for a cybersecurity incident at a British bath bomb merchant. They have stolen 110 GB of data, including personal documents such as passport scans, from the global cosmetics giant.

A financially motivated threat actor based in Latin America is targeting large Mexican companies with custom packaged installers delivering a modified version of AllaKore RAT for financial fraud.

Many apps abuse the background processing feature to transmit device data to their servers, potentially enabling fingerprinting and persistent tracking, which is strictly prohibited in iOS.