Latest news as of 9/18/2025, 5:45:52 AM
Have I Been Pwned
In February 2017, the forum for the adult website FreeOnes suffered a data breach . The data included 960k unique email addresses alongside usernames, IP addresses and salted MD5 password hashes. that was later redistributed as part of a larger corpus of data
The Register
As the Trump administration guts efforts to counter election disinfo The Russian troll farm that in the lead-up to the 2024 US presidential election posted a bizarro video claiming Democratic candidate Kamala Harris was a rhino poacher, is back with hundreds of new fake news websites serving up phony political commentary with an AI assist.…
Graham Cluley
When "bad actors" stop being hackers and start being... actual actors. This week, Graham and special guest Jenny Radcliffe play “Hacker or Ham?” (yes, Steven Seagal, we’re looking at you), before diving into a campaign which saw an Iranian gang luring Israeli performers with fake casting calls for a serious film. We unpack why positive lurescan short-circuit scepticism just as effectively as fear. Plus, the UK's ICO says students are increasingly hacking their own schools. Meanwhile, Graham heads to 1960s Oxford with Endeavour, while Jenny investigates the Wirral’s mysterious "Catman". All this, and more, in episode 435 of the "Smashing Security" podcast.
Bleeping Computer
The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies using compromised Salesloft Drift OAuth tokens. [...]
Dark Reading
Phishing-as-a-service (PhaaS) kits have become an increasingly popular way for lower-skill individuals who want to get into cybercrime.
Dark Reading
Though the groups have shared their decision to go dark, threat researchers say there are signs that it's business as usual.
The Hacker News
The threat actor known as TA558 has been attributed to a fresh set of attacks delivering various remote access trojans (RATs) like Venom RAT to breach hotels in Brazil and Spanish-speaking markets. Russian cybersecurity vendor Kaspersky is tracking the activity, observed in summer 2025, to a cluster it tracks as RevengeHotels. "The threat actors continue to employ phishing emails with invoice
The Register
You didn't really trust the crims to keep their word, did you? Spiders don't change their stripes. Despite gang members' recent retirement claims, Scattered Spider hasn't exited the cybercrime business and instead has shifted focus to the financial sector, with a recent digital intrusion at a US bank.…
Bleeping Computer
New York-based venture capital and private equity firm Insight Partners is notifying thousands of individuals whose personal information was stolen in a ransomware attack. [...]
Graham Cluley
Recent research released by the ICO say that school pupils should be considered as an "insider threat" by schools. Read more in my article on the Fortra blog.