The Record

France's La Poste confirmed that a distributed denial-of-service (DDoS) attack was the source of problems with its websites and mobile applications.

The campaign surfaced earlier in October after researchers at the New York-based cybersecurity firm Intezer identified a malicious XLL file uploaded to VirusTotal, first from Ukraine and later from Russia.

South Korea will begin requiring facial recognition when signing up for a new mobile phone number in a bid to fight scams, the Ministry of Science and ICT announced.

NSO Group had sought to stay the order pending a decision on its appeal in the case, which centers on allegations that it targeted 1,400 WhatsApp users with its powerful zero-click Pegasus spyware in 2019.

The Justice Department unsealed two indictments charging 54 people for their alleged roles in a campaign to develop and deploy a variant of the Ploutus malware, allowing them to pilfer hundreds of thousands of dollars from ATMs across the U.S.

The university said it detected the incident last week in an online code repository used by its IT teams and quickly secured the system.

One of the alleged developers behind the RaccoonO365 subscription-based phishing kit was arrested by Nigerian police this week.

Russia’s ambassador to Copenhagen, Vladimir Barbin, confirmed to Russian state media on Friday that he had been called to the Danish foreign ministry, but rejected the accusations as unfounded.

The first-of-its-kind temporary restraining order bars Hisense from using automated content recognition (ACR) technology to collect and use, share or sell Texans’ data.

Of the $3.4 billion in crypto stolen from January to December, Chainalysis attributed at least $2.02 billion to North Korean hackers.

Chinese hackers have been exploiting a vulnerability in a popular Cisco email management tool since late November, the company said in an advisory.

In a decision that only affects Pennsylvanians but could have privacy implications elsewhere, the state's Supreme Court ruled that police did not need a warrant to access a rape suspect's Google searches.

In a disclosure to the London Stock Exchange, the the U.K. healthcare IT provider DXS said it discovered a data breach on December 14.

The Paris Prosecutor’s Office said a person had been arrested on charges “including an attack on an automated personal data processing system operated by the State, as part of an organized group.”

PornHub sent emails out to many users and published a statement warning that it was affected by a recent breach of data analytics service provider Mixpanel.

According to a DOJ announcement, the exchange E-Note was used to process funds stolen by criminals in cyberattacks on healthcare entities and critical infrastructure, among other targets.

TikTok and the gay dating app Grindr are violating European data protection laws by tracking user activities across apps, a digital rights organization alleges.

Under a settlement with the FTC, the Nomad platform will have to redistribute stolen funds that white-hat hackers returned to the company after thieves aggressively exploited a vulnerability in 2022.

Researchers said the campaign likely aimed to collect sensitive information from Ukrainian users in support of broader Russian intelligence objectives.

In a press briefing this week, Amazon officials said the years-long campaign “represents a significant evolution in critical infrastructure targeting."