Latest news as of 3/7/2026, 5:52:30 AM
The Register
Authority says attackers accessed systems holding data tied to millions of Oyster and contactless users Transport for London has confirmed that a 2024 breach exposed the data of more than 7 million people – a far larger crowd than the few thousand customers originally warned that their details might be at risk.…
Bleeping Computer
A Ghanaian national pleaded guilty to his role in a massive fraud ring that stole over $100 million from victims across the United States through business email compromise attacks and romance scams. [...]
The Hacker News
A China-linked advanced persistent threat (APT) actor has been targeting critical telecommunications infrastructure in South America since 2024, targeting Windows and Linux systems and edge devices with three different implants. The activity is being tracked by Cisco Talos under the moniker UAT-9244, describing it as closely associated with another cluster known as FamousSparrow. It's worth
Bleeping Computer
The U.S. Federal Bureau of Investigation (FBI) confirmed on Thursday that it's investigating a breach that affected systems used to manage surveillance and wiretap warrants. [...]
Bleeping Computer
One of the largest Vietnamese crypto trading platforms, ONUS, recently suffered a cyber attack on its payment system running a vulnerable Log4j version. Soon enough, threat actors approached ONUS to extort $5 million and threatened to publish customer data should ONUS refuse to comply. [...]
Bleeping Computer
T-Mobile confirmed that recent reports of a new data breach are linked to notifications sent to a "very small number of customers" that they fell victim to SIM swap attacks. [...]
Bleeping Computer
The AvosLocker ransomware operation provided a free decryptor after learning they encrypted a US government agency. [...]
Bleeping Computer
The number of malicious dormant domains is on the rise, and as researchers warn, roughly 22.3% of strategically aged domains pose some form of danger. [...]
The Hacker News
A never-before-seen China-based targeted intrusion adversary dubbed Aquatic Panda has been observed leveraging critical flaws in the Apache Log4j logging library as an access vector to perform various post-exploitation operations, including reconnaissance and credential harvesting on targeted systems. Cybersecurity firm CrowdStrike said the infiltration, which was ultimately foiled, was aimed at
The Hacker News
A previously unknown rootkit has been found setting its sights on Hewlett-Packard Enterprise's Integrated Lights-Out (iLO) server management technology to carry out in-the-wild attacks that tamper with the firmware modules and completely wipe data off the infected systems. The discovery, which is the first instance of real-world malware in iLO firmware, was documented by Iranian cybersecurity