Fraud Tracker

U.S. telecommunications giant Charter Communications has confirmed it suffered a data breach after the ShinyHunters extortion group threatened to leak stolen data …

Microsoft is testing a new Defender for Endpoint capability that will automatically isolate compromised endpoints to thwart attackers’ attempts to move laterally …

Authorities in the Netherlands have arrested the co-owners of two related Internet hosting companies for operating IT infrastructure used by Russia to …

Two former executives of a call-tracking and analytics company pleaded guilty to concealing a years-long tech support fraud scheme that victimized individuals …

Barney Frank died Tuesday at the age of 86. Few Congressmen’s names are associated with generational financial reform, and Barney Frank is …

Financial crime investigators in the Netherlands (FIOD) arrested two men and seized 800 servers linked to a web hosting company that enabled …

Apple revealed that it blocked over $11 billion in fraudulent App Store transactions over the last six years, more than $2.2 billion …

An Indian company has agreed to pay $275 million to settle allegations that it purchased Iranian liquefied petroleum gas (LPG) in violation …

The Grafana data breach was caused by a single GitHub workflow token that slipped through the rotation process following the TanStack npm …

The FBI says Americans have lost over $388 million last year to scams using cryptocurrency kiosks, also known as crypto ATMs or …

More than 200 individuals were arrested for cybercrime activities during INTERPOL’s Operation Ramz, which focused on the Middle East and North Africa. …

The Tycoon2FA phishing kit now supports device-code phishing attacks and abuses Trustifi click-tracking URLs to hijack Microsoft 365 accounts. Despite an international …

On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow threat actors to execute arbitrary code …

Lawmakers are seeking answers from educational technology vendor Instructure, following the high-profile compromise of the company’s Canvas learning management system (LMS) that …

Written by Ben Wilkens, director of cybersecurity, NMFTA Working in cybersecurity, you are well aware of the playbook that ransomware operators use. …

West Pharmaceutical Services disclosed that it was the target of a cyberattack that resulted in data exfiltration and system encryption. The company …

The Information Commissioner’s Office has fined South Staffordshire Water Plc and parent company South Staffordshire Plc £963,900 ($1.3 million) over a cyberattack …

Threat actors are abusing AI tools in increasingly sophisticated ways, including exploit development and attack orchestration. Google today published new research tracking …

A new variant of the TrickMo Android banking malware, delivered in campaigns targeting users across Europe, introduces new commands and uses The …

Maurice L. Crescenzi, Jr., President of ECI Compliance Week, appeared this week at its flagship national conference in Washington, D.C. Crescenzi brings …

Over the past six years, Iberdrola – Europe’s largest electricity company – digitized the company’s compliance processes for its global footprint in …

An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across …

  A small, unknown band of hackers pulled off history’s first recorded, truly artificial intelligence-directed cyberattack earlier this year, stealing troves of …

The next phase of AI regulation will not wait for the Executive Branch, Congress, or the lawyer at the end of the …

In early February, prior to the start of the 2026 conflict in the Middle East, the United Arab Emirates saw anywhere from …

Two-thirds of financial services firms will not be able to meet the requirements of the EU anti-money laundering (AML) package when it …

A critical authentication bypass flaw in cPanel software products has come under heavy exploitation from a variety of threat actors shortly after …

Microsoft Defender is detecting legitimate DigiCert root certificates as Trojan:Win32/Cerdigent.A!dha, resulting in widespread false-positive alerts, and in some cases, removing certificates from Windows. According …

A new disclosed cPanel flaw tracked as CVE-2026-41940 is being mass-exploited to breach websites and encrypt data in “Sorry” ransomware attacks. This …

The overwhelming majority of stolen cryptocurrency today is being used to fund the Democratic People’s Republic of Korea (DPRK). Crypto theft is …