The malware, controlled by the Chinese cyber espionage group Mustang Panda (also tracked as Twill Typhoon), infected thousands of systems using a PlugX variant with a wormable component that allowed it to spread through USB flash drives.

The U.S. Department of Justice said two of the men — Roman Vitalyevich Ostapenko and Alexander Evgenievich Oleynik — were arrested on December 1 but did not say where. A third man, Anton Vyachlavovich Tarasov, is still at large.

A California man has sued three banks for alleged “willful blindness” in allowing criminals to open accounts used to steal nearly $1 million from him in a cryptocurrency investment scam.

The state of Washington has sued T-Mobile over allegations that the phone giant failed to secure the personal data of millions of state residents prior to an August 2021 data breach that affected over 79 million customers across the U.S.

Apple has agreed to pay $95 million to settle a proposed class-action lawsuit asserting that it violated users’ privacy by allowing its voice-activated Siri feature to record device owners' conversations and share them with third parties.

The campaign targeted a variant of PlugX associated with the notorious Mustang Panda threat group, known for its worming capabilities and penchant for infecting removable drives.

The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Tuesday leveled sanctions against two entities in Iran and Russia for their attempts to interfere with the November 2024 presidential election.

The Salt Typhoon Chinese cyber-espionage group that orchestrated these attacks is known for breaching government entities and telecom companies throughout Southeast Asia and has been active since at least 2019.

Dual Russian-Israeli national Rostislav Panev was arrested last August and is facing extradition to the US for playing a critical role in LockBit's RaaS activities, dating back to the ransomware gang's origins.

After a hacker gained access to Flagstar’s Citrix environment in late 2021 and stole PII of 1.5 million customers, Flagstar “negligently made” materially misleading statements on its website and in financial filings, according to the SEC.