-
ShinyHunters claims access to Rockstar Games Snowflake data via Anodot breach, threatening a data leak on April 14 if ransom demands are not met.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Android banking trojan linked to Cambodia scam compounds uses forced labour to target users in 21 countries, bypassing security to steal funds.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A White House plan to fold the Department of Homeland Security’s primary intelligence unit into DHS headquarters for the coming fiscal year would not affect its oversight under the Office of the Director of National Intelligence, an administration official told Nextgov/FCW.
The new reporting structure, unveiled in the president’s FY27 budget request, would combine the Office of Intelligence and Analysis and the department’s Office of the Secretary and Executive Management, Management Directorate and Office of Situational Awareness into a single unit reporting to the DHS secretary.
But the intelligence and analysis office would still be considered a member of the intelligence community, said the official, who was granted anonymity to discuss the changes.
“The planned, internal DHS structural changes noted in the president’s budget submission will not impact I&A’s membership in the [intelligence community] and will not impact ODNI’s oversight over I&A as a member of the IC,” the administration official said.
I&A’s status as an official U.S. intelligence component under the budget proposal has not been previously reported. ODNI, led by Director of National Intelligence Tulsi Gabbard, manages the nation’s 18 spy agencies.
The intent to keep I&A under ODNI management could be a reprieve for lawmakers and stakeholders concerned about future oversight of the office. The reorganization of the intelligence shop, which would require congressional approval in upcoming appropriations talks, would mark the most significant change to the office to date, following efforts made last year to sharply scale it back.
I&A was slated for major workforce reductions in President Donald Trump’s second term, as Nextgov/FCW first reported last July. Those plans, which would have only kept some 275 people working at the office, drew major pushback from law enforcement organizations and Jewish groups that long relied on the agency to disseminate timely intelligence about threats that concern state, local, tribal and territorial communities. One international organization privately warned Congress that the proposed cuts would create “dangerous intelligence gaps.”
The downsizing was put on hold just days later, but I&A reignited efforts soon after to more gradually shed its workforce. As of late last year, the office had around 500 full-time employees, a figure that preserved more staff than the initial plans to cap the workforce at 275, though that still halved the 1,000-person operation in place earlier last year. It’s possible that more people have since departed.
The office falls within the purview of the Senate and House Intelligence committees, but its status as a DHS component also subjects it to oversight from the Homeland Security panels in both chambers.
In November, Nextgov/FCW reported that the House Intelligence Committee privately weighed a measure in the annual intelligence community authorization bill to significantly curtail the size and scope of I&A. The provision would have barred the office from gathering and analyzing intelligence, effectively turning I&A into a clearinghouse for intelligence findings produced elsewhere and stripping it of standard spy agency collection authorities.
As part of its mission, I&A helps manage a series of fusion centers around the country that facilitate intelligence sharing between federal agencies and state and local law enforcement, raising questions about stakeholder engagement under the proposed restructuring.
I&A was born as part of the creation of the Department of Homeland Security after the Sept. 11 terrorist attacks to coordinate intelligence on homeland threats and expand information sharing with state and local authorities. For years, lawmakers on both sides of the aisle have sought to reform the unit amid concerns about domestic overreach and partisanship.
Its placement in DHS has put it at the center of recurring jurisdictional tensions with the FBI, which drives much of the nation’s domestic intelligence, counterterrorism and counterintelligence work under the Justice Department.
]]>¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ReversingLabs has discovered a fresh wave of the graphalgo campaign in which North Korean Lazarus hackers are using fake Florida LLCs, mimicking SWFT Blockchain, and using GitHub typo-squatting to target developers with malware.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
More countries want to develop military spaceplanes and “bodyguard satellites," like those of the United States and China, to protect orbital assets against growing threats, according to a new report.
Last year alone, France’s direction générale de l'armement, Germany’s Federal Ministry of Defence, Japan’s Ministry of Defense, and the Indian Space Research Organisation have all either tested components, defined strategy, or made sales pitches for space vehicles, according to “Global Counterspace Capabilities,” released this week by the Secure World Foundation.
“We’re seeing everyone wants a spaceplane,” said Victoria Samson, the organization’s chief director of space security and stability. “India is continuing to work on it; French government officials have spoken quite glowingly about this; the Germans are extremely enthusiastic.”
Yet it’s not clear what the secretive vehicles are meant to do. The U.S. X-37B Orbital Test Vehicle has flown eight highly classified missions since 2010, and Russia and China have speculated that it is “some sort of orbital bomber or secret weapons testing platform,” the report said. Even less is known about the Chinese Reusable Experimental Spacecraft, which made the first of its four known flights in 2020.
Other nations are publicly pitching planned spaceplanes of their own.
French Gen. Philippe Koffi, the DGA’s strategic lead for air, land and naval combat, said in September that a spaceplane could “recover critical assets, conduct reconnaissance, and intervene against threats in orbit.” That was three months after Paris-based Dassault Aviation announced an agreement with DGA to develop a demonstrator spacecraft called VORTEX with plans for a first flight in 2028.
France is also planning to demonstrate its own patrol-guard satellites through several concepts, including one known as YODA.
“The YODA program is also framed as an early technology demonstrator program of later and bigger versions of inspector satellites that would be able to protect French military satellites by 2030,” the Secure World Foundation’s report states.
In November, Germany’s Federal Ministry of Defence released its own Space Safety and Security Strategy, which called for building “highly agile low-signal surveillance and bodyguard satellites and reusable spaceplanes.” Earlier in the year, Maj. Gen. Michael Traut, the head of German Space Command, laid out a need for satellites that could protect or even inspect other assets.
“What if we could launch or have some nice little satellites up there, which are agile and go after some satellites which we feel need to be inspected–some sort of space police?” he told Aviation Week.
India has been working for at least three years on a design for its own spaceplane, which “looks very similar to the US’ X-37B and China’s Reusable Experimental Spacecraft,” the Secure World Foundation’s report said. In 2024, India was testing Pushpak, a 21-foot-long prototype, for autonomous landings. Last April, India opened a facility to test Pushpak landing gear.
“While the program has been described as developing technologies for a reusable launch vehicle and not as a counterspace capability, the possibility has been raised that the spaceplane could spend up to a month in space, conducting experiments and releasing payloads; if it does eventually develop that capability, then it may have a latent counterspace capacity,” the report said.
In September, the Indian government said it wanted to develop its own “bodyguard” satellites after a close call with a neighboring countries orbital assets in 2024.
Similarly, this past year, Japan’s Ministry of Defense debuted a program to develop “bodyguard satellites” to protect its space assets with plans to build and test a capability by 2029.
In recent years, China has launched satellites equipped with robotic arms and other means to monitor or interfere with orbital assets, the report said.
The U.S. military has not said whether it has bodyguard satellites of its own.
Last year, the Space Force’s X-37B launched for its eighth mission to test quantum sensors and laser-based communications with commercial satellites. Lt. Gen. Gregory Gagnon, the head of Space Force Combat Command, told reporters at the Air and Space Force Association's conference in Colorado earlier this year that China is trying to keep up the pace with its own reusable spacecraft.
“That's the most advanced spaceplane in the world,” Gagnon said. “It's not the only spaceplane in the world. The Chinese are on sortie four for their spaceplane. We're on sortie eight. So, what I try to remind everyone is, even though we're running fast, there's someone else on the track running just as fast.”
]]>¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are abusing adversary-in-the-middle (AiTM) session hijacking to steal employee salaries in a new “payroll pirate” campaign tracked by Microsoft as Storm-2755 and targeting Canadian users. By hijacking live Microsoft 365 sessions, the group redirects payroll deposits to attacker-controlled bank accounts while bypassing multifactor authentication (MFA) and blending in with normal user activity. The group’s […]
The post Storm-2755 Uses AiTM Hijacking to Divert Employee Salaries appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly disclosed vulnerability in the widely used Android library EngageSDK has raised serious concerns across the cryptocurrency ecosystem, potentially exposing millions of users to data theft and unauthorized access. Security researchers identified a critical “intent redirection” vulnerability in EngageSDK, a third-party Android SDK commonly used for push notifications and in-app messaging. The issue allows […]
The post EngageSDK Vulnerability puts millions of crypto wallets at risk appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have flagged yet another evolution of the ongoing GlassWorm campaign, which employs a new Zig dropper that’s designed to stealthily infect all integrated development environments (IDEs) on a developer’s machine. The technique has been discovered in an Open VSX extension named “specstudio.code-wakatime-activity-tracker,” which masquerades as WakaTime, a
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A high-severity flaw in GitHub Copilot Chat recently allowed attackers to silently steal sensitive data like API keys and private source code. Tracked as CVE-2025-59145 with a critical CVSS score of 9.6, this vulnerability required no malicious code execution. Instead, hackers used a clever prompt injection technique known as “CamoLeak.” A security researcher publicly disclosed […]
The post Hackers Exploit GitHub Copilot Flaw to Exfiltrate Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
This week in cybersecurity from the editors at Cybercrime Magazine
Sausalito, Calif. – Apr. 10, 2026– Read the full story in BusinessWorld
Cybercrime operates like a legitimate, profit-driven economy, writes Subhalakshmi Ganapathy, chief IT security evangelist at ManageEngine, in a BusinessWorld article. Organized groups mirror corporate structures and have specialized roles such as research and development, marketing, and customer support. As a result, cyberattacks are more scalable, efficient, and accessible than ever, transforming the threat landscape for businesses.
An example of this transformation is the rise of subscription-style cybercrime offerings such as ransomware-as-a-service (RaaS). The ready-made attack tools sold on underground marketplaces offer structured pricing tiers, user dashboards, and technical support that have effectively lowered the traditional entry barriers confronting budding cybercriminals.
While individuals with limited technical expertise can purchase exploit kits, stolen data, or phishing services to immediately launch attacks, the developers of these tools relentlessly refine their products, similar to legitimate technology companies.
This growing industrialization was predicted to drive global cybercrime losses to around $10.5 trillion annually by 2025 (and $12.2 trillion annually by 2031) according to Cybersecurity Ventures. Meanwhile, Deloitte’s Center for Financial Services estimates that synthetic identity fraud alone could generate global losses of at least $23 billion by 2030.
Cybercrime Magazine is Page ONE for Cybersecurity. Go to any of our sections to read the latest:
- SCAM. The latest schemes, frauds, and social engineering attacks being launched on consumers globally.
- NEWS. Breaking coverage on cyberattacks and data breaches, and the most recent privacy and security stories.
- HACK. Another organization gets hacked every day. We tell you who, what, where, when, and why.
- VC. Cybersecurity venture capital deal flow with the latest investment activity from various sources around the world.
- M&A. Cybersecurity mergers and acquisitions including big tech, pure cyber, product vendors and professional services.
- BLOG. What’s happening at Cybercrime Magazine. Plus the stories that don’t make headlines (but maybe they should).
- PRESS. Cybersecurity industry news and press releases in real time from the editors at Business Wire.
- PODCAST. New episodes daily on the Cybercrime Magazine Podcast feature victims, law enforcement, vendors, and cybersecurity experts.
- RADIO. Tune into WCYB Digital Radio at Cybercrime.Radio, the first and only round-the-clock internet radio station devoted to cybersecurity.
Contact us to send story tips, feedback and suggestions, and for sponsorship opportunities and custom media productions.
The post Cybercrime Is An Industrialized Economy appeared first on Cybercrime Magazine.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
