law enforcement | Breaking Cybersecurity News | The Hacker News

Law enforcement authorities have announced that they tracked down the customers of the SmokeLoader malware and detained at least five individuals. "In a coordinated series of actions , customers of the Smokeloader pay-per-install botnet, operated by the actor known as 'Superstar,' faced consequences such as arrests, house searches, arrest warrants or 'knock and talks,'" Europol said in a statement. Superstar is alleged to have run a pay-per-install service that enabled its customers to gain unauthorized access to victim machines, using the loader as a conduit to deploy next-stage payloads of their choice. According to the European law enforcement agency, the access afforded by the botnet was used for various purposes such as keylogging, webcam access, ransomware deployment, and cryptocurrency mining. The latest action, part of an ongoing coordinated exercise called Operation Endgame , which led to the dismantling of online infrastructure associated with...

In one of the largest coordinated law enforcement operations, authorities have dismantled Kidflix, a streaming platform that offered child sexual abuse material (CSAM). "A total of 1.8 million users worldwide logged on to the platform between April 2022 and March 2025," Europol said in a statement. "On March 11, 2025, the server, which contained around 72,000 videos at the time, was seized by German and Dutch authorities." The European law enforcement agency described it as the largest operation undertaken to combat child sexual exploitation. It has been codenamed Operation Stream. The multi-year probe , which commenced in 2022 and involved 38 countries across the world, saw 1,393 identified globally through an analysis of payment transactions, with 79 of them arrested to date for distributing CSAM. Some of the apprehended individuals have also been accused of not only uploading and watching such content but also abused children. In addition, more than 3,000...

Law enforcement authorities in seven African countries have arrested 306 suspects and confiscated 1,842 devices as part of an international operation codenamed Red Card that took place between November 2024 and February 2025. The coordinated effort "aims to disrupt and dismantle cross-border criminal networks which cause significant harm to individuals and businesses," INTERPOL said , adding it focused on targeted mobile banking, investment, and messaging app scams. The cyber-enabled scams involved more than 5,000 victims. The countries that participated in the operation include Benin, Côte d'Ivoire, Nigeria, Rwanda, South Africa, Togo, and Zambia. "The success of Operation Red Card demonstrates the power of international cooperation in combating cybercrime, which knows no borders and can have devastating effects on individuals and communities," Neal Jetton, INTERPOL's Director of the Cybercrime Directorate, said. "The recovery of significant asse...

From sophisticated nation-state campaigns to stealthy malware lurking in unexpected places, this week's cybersecurity landscape is a reminder that attackers are always evolving. Advanced threat groups are exploiting outdated hardware, abusing legitimate tools for financial fraud, and finding new ways to bypass security defenses. Meanwhile, supply chain threats are on the rise, with open-source repositories becoming a playground for credential theft and hidden backdoors. But it's not all bad news—law enforcement is tightening its grip on cybercriminal networks, with key ransomware figures facing extradition and the security community making strides in uncovering and dismantling active threats. Ethical hackers continue to expose critical flaws, and new decryptors offer a fighting chance against ransomware operators. In this week's recap, we dive into the latest attack techniques, emerging vulnerabilities, and defensive strategies to keep you ahead of the curve. Stay informed, stay sec...

A 51-year-old dual Russian and Israeli national who is alleged to be a developer of the LockBit ransomware group has been extradited to the United States, nearly three months after he was formally charged in connection with the e-crime scheme. Rostislav Panev  was previously arrested in Israel in August 2024. He is said to have been working as a developer for the ransomware gang from 2019 to February 2024, when the operation's online infrastructure was seized in a law enforcement exercise. "Rostislav Panev's extradition to the District of New Jersey makes it clear: if you are a member of the LockBit ransomware conspiracy, the United States will find you and bring you to justice," said United States Attorney John Giordano. LockBit grew to become one of the most prolific ransomware groups, attacking more than 2,500 entities in at least 120 countries around the world. Nearly 1,800 of those were located in the United States. Victims consisted of individuals and ...

Cyber threats today don't just evolve—they mutate rapidly, testing the resilience of everything from global financial systems to critical infrastructure. As cybersecurity confronts new battlegrounds—ranging from nation-state espionage and ransomware to manipulated AI chatbots—the landscape becomes increasingly complex, prompting vital questions: How secure are our cloud environments? Can our IoT devices be weaponized unnoticed? What happens when cybercriminals leverage traditional mail for digital ransom? This week's events reveal a sobering reality: state-sponsored groups are infiltrating IT supply chains, new ransomware connections are emerging, and attackers are creatively targeting industries previously untouched. Moreover, global law enforcement actions highlight both progress and persistent challenges in countering cybercrime networks. Dive into this edition to understand the deeper context behind these developments and stay informed about threats that continue reshap...

A coalition of international law enforcement agencies has seized the website associated with the cryptocurrency exchange Garantex ("garantex[.]org"), nearly three years after the service was sanctioned by the U.S. Treasury Department in April 2022. "The domain for Garantex has been seized by the United States Secret Service pursuant to a seizure warrant obtained by the United States Attorney's Office for the Eastern District of Virginia under the authority of 18 U.S.C. §§ 981 and 982," reads a seizure banner on the website. The operation was carried out in coordination with the U.S. Department of Justice's Criminal Division, the Federal Bureau of Investigation, Europol, the Dutch National Police, the German Federal Criminal Police Office (Bundeskriminalamt aka BKA), the Frankfurt General Prosecutor's Office, the Finnish National Bureau of Investigation, and the Estonian National Criminal Police. Founded in 2019, Garantex was previously subject to U....