Capita has been fined £14 million following a major data breach in 2023 that compromised the personal data of approximately 6.6 million individuals. The breach was attributed to the Black Basta ransomware group.

Spanish law enforcement recently dismantled an advanced AI-driven phishing network and arrested the mastermind developer known as “GoogleXcoder.” This operation marks a significant victory in the fight against banking credential theft in Spain.

Salesforce has confirmed it will not comply with extortion demands following a series of cyberattacks attributed to a threat group linked to Scattered Spider, Lapsus$, and ShinyHunters.

The British government announced it is underwriting a loan for auto manufacturer Jaguar Land Rover (JLR) as the company and its supply chain attempt to recover from the disruption caused by a cyberattack earlier this month.

A massive SIM farm operation discovered in the New York City area has raised serious concerns about the potential for large-scale disruption of US telecommunications infrastructure.

Canadian authorities have dismantled the TradeOgre cryptocurrency exchange and seized over $40 million in digital assets believed to be linked to criminal activity. This also marks the largest asset seizure in Canadian history.

The Polish government is increasing its cybersecurity budget to €1bn this year, after Russian sabotage attempts targeted hospitals and urban water supplies. Poland was facing between 20 and 50 attempts to damage critical infrastructure every day.

The United Kingdom has imposed a new wave of sanctions targeting Kyrgyz financial institutions and cryptocurrency networks accused of facilitating Russian sanctions evasion, military procurement, and ransomware operations.

Authorities disrupted the Rapper Bot DDoS botnet, one of the most powerful DDoS botnets to date. The botnet, active since at least 2021, was responsible for over 370,000 attacks targeting 18,000 unique victims across 1,000 autonomous systems.

The Python Package Index (PyPI) has implemented a new security measure to proactively block account takeovers and supply chain attacks by un-verifying email addresses tied to expired domains.