FanDuel Identity Fraud Scheme Leads to Federal Charges
Federal authorities have charged two men accused of running an extensive betting fraud operation that targeted FanDuel and several other regulated gambling platforms. The FanDuel identity fraud case sheds light on how stolen personal information can be scaled into a sustained criminal enterprise when combined with promotional abuse and weak identity verification controls. Investigators say the operation relied on thousands
Panera Bread Data Breach Impacts 5.1 Million Accounts
Panera Bread has confirmed a security incident after stolen customer data surfaced online, prompting confusion over how many people were actually affected. Early reports suggested that as many as 14 million customers had their information exposed, but further analysis shows the real number is significantly lower. The Panera Bread data breach ultimately impacted around 5.1 million unique accounts, not 14
Match Group Data Breach Affects Tinder, Hinge, and OkCupid
Concerns around online privacy resurfaced after news of the Match Group data breach revealed that user information from several major dating platforms had been exposed. The incident affected services used by millions worldwide and raised questions about how attackers gained access and what data may have been taken. Match Group has since confirmed the breach and launched an internal investigation
Operation Switch Off Targets Industrial-Scale Pirate TV Services
Operation Switch Off marks one of the most coordinated international crackdowns on illegal TV and sports streaming in recent years. Law enforcement agencies across multiple countries worked together to dismantle large-scale pirate IPTV services that reached millions of users worldwide. The operation highlights how digital piracy has evolved into a highly organized, cross-border industry with professional infrastructure and significant financial
Ex-Google Engineer Convicted in AI Trade Secrets Theft Case
A U.S. federal jury has convicted a former Google engineer for stealing confidential artificial intelligence technology and transferring it to parties connected to China. The case marks one of the most significant prosecutions to date involving AI infrastructure and highlights how sensitive machine learning systems have become a matter of national concern. Prosecutors argued that the engineer abused his access
Cloud Storage Payment Scam Floods Inboxes With Fake Renewals
Inbox phishing has entered a new phase as a widespread cloud storage payment scam targets users with urgent fake renewal notices. The messages claim storage plans have expired or payments failed, warning that files could soon be deleted. By exploiting fear around lost photos, backups, and documents, attackers pressure recipients into acting quickly and without verification. The campaign stands out
Nike Investigates Data Breach Linked To Extortion Group
Nike has launched a data breach investigation after an extortion group leaked internal company files online. The incident came to light when attackers published sample documents and claimed they had gained access to sensitive internal systems. Nike has confirmed it is assessing the situation, although it has not verified the attackers’ claims or the full scope of the alleged breach.
Mustang Panda Infostealers Expand CoolClient Backdoor
Mustang Panda infostealers are now playing a central role in the Chinese-linked threat actor’s espionage campaigns, marking a clear shift in how the group extracts value from compromised systems. Recent research shows that the CoolClient backdoor has evolved beyond basic remote access and now includes dedicated data-stealing capabilities. This development raises the risk profile of CoolClient infections, especially for government
VoidLink Cloud Malware and the Rise of AI-Built Threats
The discovery of VoidLink cloud malware offers a rare and uncomfortable look at how artificial intelligence is beginning to reshape advanced cybercrime. The framework stands out not simply because it targets Linux or cloud environments, but because researchers uncovered strong evidence that AI played a central role in its planning and construction. Security analysts believe a single developer used AI-assisted
ACF Plugin Vulnerability Allows Admin Access Without Login
A newly disclosed ACF plugin vulnerability has exposed more than 50,000 WordPress sites to potential administrative takeover. The flaw affects a widely used extension designed to enhance Advanced Custom Fields workflows, especially on sites that rely on frontend forms for user registration and profile management. Because these forms often remain publicly accessible, the vulnerability creates a direct path to full
