Cyber Attacks
TeamPCP's $25K Mistral Auction: Source Code, Seven Days, and a Confirmed Breach
Mistral AI confirmed a codebase management breach as TeamPCP listed ~450 repositories at $25K buy-it-now, with a seven-day leak deadline.
Application Security
Three Unrelated Threat Actors Just Arrived at the Same Conclusion — Your Developers Are the Beachhead
Three unrelated threat actors arrived at the same conclusion in March and April: the developer workstation is the best ROI beachhead. CSO Online's framing — the Developer Credential Economy — is the editorial line CISOs should adopt this quarter.
Data Breaches
Comcast's $117.5M Xfinity Settlement Puts a Price Tag on Citrix Bleed — $10K Per Customer
Comcast just agreed to write a $117.5 million check over a vulnerability it didn't write. The Xfinity settlement is the first major Citrix Bleed bill to come due — the precedent it sets for shared customer-vendor liability is the part defenders should read twice.
Data Breaches
Odido Refuses to Compensate 6.2M Breach Victims After ShinyHunters Attack
Odido's CEO confirmed May 12 that the Dutch telecom will not compensate 6.2 million ShinyHunters breach victims. Dutch prosecutors are investigating whether the company retained data beyond GDPR limits. The CRM compromise pattern matches the broader ShinyHunters Salesforce campaign.
Cyber Crime
A Federal Jury Just Convicted One of the Brothers Who Wiped 96 Government Databases After Being Fired by Video Call
A federal jury in Alexandria, Virginia convicted Sohaib Akhter on May 7, 2026 for his role in deleting roughly 96 U.S. government databases at federal contractor Opexus on the day he and his twin brother were fired in February 2025. The case is also notable for an unprecedented detail:
Fraud
A 404 Media Reporter Watched Someone Else Become Him, Live, on Microsoft Teams
404 Media's Joseph Cox published an investigation on May 7, 2026 in which he obtained, installed, and personally tested Haotian AI — a Chinese realtime deepfake software marketed to scammers — and watched a Cambodia-based operator's face shapeshift into his own during a live Microsoft Teams call. Haotian
Cyber Crime
$250M Crypto Gang's Burglar Just Got 6.5 Years — Hardware Wallets Aren't Safe
Marlon Ferro, a 20-year-old Santa Ana, California man also known online as "GothFerrari" and "Marlo," was sentenced to 78 months in federal prison on May 7, 2026 for serving as the home-invader and money-launderer for a 14-person "Social Engineering Enterprise" that stole more than
North Korean Threat Actors
Two More Americans Just Got 18 Months Each for Running North Korean Laptop Farms — That's Eight This Year
Federal prosecutors sentenced two U.S. nationals — Matthew Isaac Knoot of Nashville and Erick Ntekereze Prince of Naples, Florida — to 18 months each for running "laptop farms" that helped North Korean IT workers fraudulently obtain remote employment at nearly 70 American companies. They are the seventh and eighth
Ransomware
First U.S. Karakurt Sentencing: 8.5 Years for the Negotiator Who Mailed Kids' Records
The DOJ sentenced Latvian national Deniss Zolotarjovs to 102 months in prison on May 4, 2026 — the first U.S. prosecution of a Karakurt member ever. Court documents tie the Conti-affiliated negotiator to extortion of more than 54 organizations, $56 million in losses across 13 victims alone, and a deliberate
Cyber Crime
DOJ's Scam Center Strike Force Restrained $701M and Seized Its First Telegram Channel — The Precedent That Will Outlast the Headline
Six days before the 276-arrest takedown, the DOJ's Scam Center Strike Force restrained $701.96 million in cryptocurrency, seized 503 fake investment websites, and pulled off the first-ever federal seizure of a Telegram channel — the recruitment funnel that lured trafficking victims into Cambodian scam compounds. The arrests got
Trending
30,000 Facebook Business Accounts Stolen via Google AppSheet Phishing — "AccountDumpling" Operation Exposed
Vietnamese-linked operation "AccountDumpling" has compromised 30,000 Facebook Business accounts by sending phishing emails from Google's legitimate AppSheet address — bypassing spam filters and running a criminal resale storefront for stolen accounts.
Trending
276 Arrested in Unprecedented US-China Pig-Butchering Crackdown — Nine Crypto Fraud Centers Shut Down
276 suspects arrested and 9 cryptocurrency fraud centers dismantled in a joint US-China operation targeting pig-butchering scams that have cost American victims millions — the DOJ called it "unprecedented" bilateral cooperation.