Posts

The Hacker News - U.S. Government Entity Paid Kairos $1 Million in Data-Theft Extortion Case

A U.S. government entity paid about $1 million to keep stolen files from being leaked, according to a new case study by Rakesh Krishnan for Ransom-ISAC, built on a leaked negotiation chat and the blockchain trail the payment left. The odd part: the group that took the money calls itself Kairos, but it may not be a ransomware gang at all. Krishnan found no sign that it ever locked a single from The Hacker News https://thehackernews.com/2026/07/us-government-entity-paid-kairos-group.html

The Hacker News - North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign

The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing 108 unique packages and web browser extensions spanning npm, Packagist, Go, and Google Chrome as part of an ongoing activity referred to as PolinRider. "The campaign remains active, and new malicious packages are likely to continue appearing as threat actors compromise maintainer accounts, from The Hacker News https://thehackernews.com/2026/07/north-korean-hackers-publish-108.html

The Hacker News - Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices

Security firm runZero has disclosed seven vulnerabilities in FatFs, a small filesystem library that lets a device read and write the FAT and exFAT formats used on USB drives and SD cards. The flaws matter because FatFs is nearly everywhere. It ships inside the firmware that runs security cameras, drones, industrial controllers, hardware crypto wallets, and other devices built on from The Hacker News https://thehackernews.com/2026/07/unpatched-flaws-disclosed-in-filesystem.html

The Hacker News - North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets

Threat actors with ties to North Korea have been linked to a fresh set of malicious npm packages that masquerade as Rollup polyfill tooling to facilitate remote access and data theft. According to JFrog, the packages "rollup-packages-polyfill-core" and "rollup-runtime-polyfill-core" mimic the legitimate "rollup-plugin-polyfill-node" project, down to the description, repository metadata, and from The Hacker News https://thehackernews.com/2026/07/north-korea-linked-npm-packages-mimic.html

The Hacker News - Armored Likho Targets Government Agencies, Power Sector with BusySnake Stealer

A previously undocumented threat actor known as Armored Likho has been attributed to cyber attacks targeting government agencies and the electric power sector across Russia, Brazil, and Kazakhstan. "Armored Likho blends financially motivated campaigns targeting private individuals with targeted cyber espionage aimed at organizations," Kaspersky said in a technical analysis published today. " from The Hacker News https://thehackernews.com/2026/07/armored-likho-targets-government.html

KnowBe4 - INC Ransomware Gang Targets the Legal Sector

Image
The INC ransomware-as-a-service (RaaS) operation has grown into one of the premier ransomware offerings, claiming hundreds of victims in 2026 alone, according to researchers at Acronis. The attackers target a broad range of industries, but have recently prioritized entities in the legal sector . from KnowBe4 Blog https://blog.knowbe4.com/inc-ransomware-gang-targets-legal-sector

Schneier - Flock Cameras Can Surveil Cars Without License Plates

This is from a 2024 company presentation : Officers can also tap into data showing a car’s decals, bumper stickers, back and top racks—along with temporary and unique state tags. Flock calls it a “Vehicle Fingerprint” and it’s touted as a way for law enforcement officials to get more information “even when you don’t have full plate information,” the company’s presentation shows. The company gives police officers the ability to search that data as well, to “build stronger cases with less information upfront.” That includes being able to locate multiple vehicles law enforcement officials believe are moving together and what Flock calls a “multi geo search.” This kind of thing is older than AI; I wrote about it in my 2014 book Beyond Fear . Edward Snowden revealed that the NSA was using cell phone location data to track phones that were habitually near each other. As bad as Flock is, remember that anyone wit...