The Record

The European Union’s cybersecurity agency said the hacking group TeamPCP was behind a massive recent data breach at the European Commission.

An emergency communications system used across a handful of small towns in northern Massachusetts was impacted by a cyberattack.

In a new report, CERT-UA said attackers are revisiting previously breached infrastructure to check whether access is still available, whether exploited vulnerabilities have been patched and whether previously obtained credentials remain valid.

The platform released a post-mortem on Wednesday night explaining that malicious actors gained access to Drift systems through a “novel attack” that involved the “rapid takeover” of the company’s security council administrative powers.

If the French effort becomes law, it would make France the first European country to follow Australia’s lead by banning social media for young teenagers.

The Meta subsidiary alleges that Italy’s SIO spyware manufacturer designed the phony app specifically for iPhones. Most of the impacted users are in Italy, according to a WhatsApp announcement.

Security experts believe hundreds of millions of dollars worth of cryptocurrency were stolen from decentralized finance platform Drift on Wednesday after the site confirmed it was experiencing a cyberattack.

A hacking group claimed this week to have breached the file-transfer system used by a company that offers services to Nissan and Infiniti dealerships across North America. Nissan said there was no indication "customer information was accessed or put at risk."

Although the LiteLLM attack was reportedly tied to a group called TeamPCP, the hacking gang Lapsus$ claimed on its website that it obtained hundreds of gigabytes of Mercor’s data.

A water treatment plant in the city of Minot, North Dakota, was hit with ransomware but city officials said it continues to operate normally.

Romanian government institutions are facing thousands of cyberattack attempts every day targeting a wide range of public institutions, Defense Minister Radu Miruta said.

Google Threat Intelligence Group (GTIG) joined several other researchers in attributing the attack to a North Korean threat actor they call UNC1069. SentinelOne found the same group using macOS-based malware in attacks dating back to 2023.

U.S. Attorney Jay Clayton said Spalletta “repeatedly hacked smart contracts to steal millions of dollars’ worth of other people’s money for himself, and destroyed a cryptocurrency exchange in the process.”

A site called Leak Bazaar pitches itself as something closer to a data-processing business than a typical hacking or ransomware-as-a-service operation.

The bug enables threat actors to send requests that disclose sensitive information and carries a severity score of 9.3 out of 10, indicating a critical risk.

A pro-Russian hacker group impersonated Ukraine’s national cyber incident response team in a phishing campaign targeting government agencies, businesses, and other institutions, Ukrainian cybersecurity officials said.

The Italian Data Protection Authority fined Intesa Sanpaolo SpA for what it called “serious shortcomings in personal data security, due to the inadequacy of the technical and organizational measures adopted.”

In a statement issued Friday, the Commission said it had detected an incident affecting the Europa.eu web portal, the European Union’s central online platform hosting websites and services for its institutions.

A Russian military court sentenced 26 members of the cybercrime group Flint24, including ringleader Alexei Stroganov — a notorious hacker also wanted in the U.S. for large-scale payment card fraud.

The healthcare software firm CareCloud warned the Securities and Exchange Commission that a cyberattack may have resulted in the leak of patient data.