Dior, Louis Vuitton, Tiffany Fined $25 Million in South Korea After Data Breaches
(Eduard Kovacs – Security Week) South Korea’s Personal Information Protection Commission (PIPC) announced last week that it has issued significant fines to several major luxury brands over a recent hacker attack that resulted in massive data breaches. The fines, totaling 36 billion Korean won ($25 million), were imposed on Louis Vuitton, Dior, and Tiffany, all owned by the Paris-based multinational luxury goods conglomerate LVMH. According to the Korean regulator, Louis Vuitton received a fine of roughly $15 million for cybersecurity failures that involved employee devices getting infected with malware and the information of approximately 3.6 million individuals getting compromised. – https://www.securityweek.com/dior-louis-vuitton-tiffany-fined-25-million-in-south-korea-after-data-breaches/
Crypto Payments to Human Traffickers Surges 85%
(Phil Muncaster – Infosecurity Magazine) Human trafficking operations made hundreds of millions of dollars last year, as cryptocurrency inflows surged 85% annually, according to Chainalysis. The blockchain analytics company argued that its data shows this activity is increasingly linked to the growth of South East Asia scam compounds, online casinos and Chinese-language money laundering (CMLN) networks operating on Telegram. – https://www.infosecurity-magazine.com/news/crypto-payments-human-traffickers/
Odido Breach Impacts Millions of Dutch Telco Users
(Phil Muncaster – Infosecurity Magazine) The largest mobile phone operator in the Netherlands has revealed a major data breach affecting millions of customers. Odido said in a statement late last week that the incident affected a “customer contact system.”. Although the firm pointed out that no passwords, call details, or billing data were taken in the raid, for some users, compromised information included names, home and email addresses, IBANs, dates of birth and passport/driver’s license numbers. – https://www.infosecurity-magazine.com/news/odido-breach-millions-dutch-telco/
North Korean hackers target users of top Ethereum wallet MetaMask
(Linas Kmieliauskas – Cybernews) North Korean criminals are now more aggressive and effective in their attempts to target users of the most popular ethereum (ETH) wallet, MetaMask, new research has shown, detailing how the attackers operate. Cybersecurity researcher Seongsu Park published a report on the Contagious Interview campaign, allegedly orchestrated by North Koreans and targeting people in the cryptoasset and AI industries. In the Contagious Interview campaign, threat actors are attempting to spread malware while conducting fake job interviews. Now, they are using new techniques designed to steal sensitive data and, subsequently, funds from their victims. – https://cybernews.com/crypto/north-korean-hackers-target-metamask/
Malicious npm and PyPI packages linked to Lazarus APT fake recruiter campaign
(Pierluigi Paganini – Security Affairs) ReversingLabs researcher uncovered new malicious packages on npm and PyPI connected to a fake job recruitment campaign attributed to the North Korea-linked Lazarus Group. The campaign uses deceptive hiring themes to trick developers into downloading infected packages, continuing the group’s efforts to target the software supply chain. “The ReversingLabs research team has identified a new branch of a fake recruiter campaign conducted by the North Korean hacking team Lazarus Group.” reads the report published by ReversingLabs. “The campaign, which the team named graphalgo, based on the first package included in this campaign in the npm repository, has been active since the beginning of May 2025.” – https://securityaffairs.com/188009/apt/malicious-npm-and-pypi-packages-llinked-to-lazarus-apt-fake-recruiter-campaign.html
Fintech firm Figure disclosed data breach after employee phishing attack
(Pierluigi Paganini – Security Affairs) Blockchain-based lending firm Figure confirmed a data breach after an employee fell victim to a social engineering attack. According to a company spokesperson, the incident allowed hackers to access and steal a limited number of files. The company disclosed the breach following inquiries and is assessing the impact. – https://securityaffairs.com/187988/data-breach/fintech-firm-figure-disclosed-data-breach-after-employee-phishing-attack.html
Suspected Russian hackers deploy CANFAIL malware against Ukraine
(Pierluigi Paganini – Security Affairs) Google Threat Intelligence Group identified a previously undocumented threat actor behind attacks on Ukrainian organizations using CANFAIL malware. The group is possibly linked to Russian intelligence services and has targeted defense, military, government, and energy entities at both regional and national levels in Ukraine. GTIG researchers observed the Russian intelligence conducting phishing campaigns to deliver CANFAIL malware. The actor is also interested in aerospace, drone-linked manufacturers, nuclear research, and humanitarian groups tied to Ukraine. Google reported that the APT group has also probed Romanian and Moldovan entities. – https://securityaffairs.com/187976/hacking/suspected-russian-hackers-deploy-canfail-malware-against-ukraine.html
