Phishing operation with links to Russia, Armenia compromised Western cargo companies, researchers find
(James Reddick – The Record) Researchers have uncovered and taken down the infrastructure of a phishing operation run by Russian cybercriminals targeting freight companies in the U.S. and Europe. Over a five-month period, the group, dubbed Diesel Vortex, stole more than 1,600 login credentials from accounts at logistics platforms, which allowed thieves to intercept and divert freight shipments and commit check fraud. The researchers with the domain protection platform Have I Been Squatted discovered an exposed .git directory, which revealed the ins and outs of the operation, including messages sent between the cybercriminals. – https://therecord.media/phishing-operation-russia-armenia-targeting-us-european-cargo
UAE claims it stopped ‘terrorist’ ransomware attack
(Jonathan Greig – The Record) The United Arab Emirates said it stopped a ransomware attack this weekend that allegedly targeted the country’s digital infrastructure. The country’s Cyber Security Council published a statement on Saturday that said they “successfully thwarted organized cyberattacks of a terrorist nature that targeted the country’s digital infrastructure and vital sectors in an attempt to destabilize the nation and disrupt essential services.”. “The Council indicated that the attacks included attempts to infiltrate networks, deploy ransomware, and conduct systematic phishing campaigns targeting national platforms,” the council said. It did not respond to requests for comment. – https://therecord.media/uae-claims-it-stopped-terrorist-ransomware-attack
Moscow man accused of posing as FSB officer to extort Conti ransomware gang
(Daryna Antoniuk – The Record) A Moscow resident has been accused of trying to extort money from the notorious Conti ransomware group by posing as an officer of Russia’s Federal Security Service (FSB), according to local media reports. Russian outlet RBC, citing sources familiar with the investigation, reported on Wednesday that the suspect, Ruslan Satuchin, allegedly presented himself as an FSB officer and demanded a large payment from Conti members in exchange for avoiding criminal prosecution. The scheme allegedly began in September 2022, when Satuchin contacted one of Conti’s members and claimed to have influence over law enforcement activities targeting the group, the sources said. – https://therecord.media/moscow-man-accused-of-extorting-conti-gang
ShinyHunters cyberattack on CarGurus impacts 12.4 Million users
(Pierluigi Paganini – Security Affairs) The ShinyHunters group published personal data from over 12 million CarGurus accounts. CarGurus is a U.S.-based digital automotive marketplace that helps users research, compare, and connect with sellers of new and used vehicles. Operating in the U.S., Canada, and the U.K., its platform analyzes listings to identify good deals and provides tools for pricing, dealer reviews, and vehicle history. The site attracts around 40 million monthly visitors and is publicly traded, making it a major player in online car shopping and automotive research. In February 2026, CarGurus suffered a data breach that exposed personal information, including emails, account IDs, finance applications, dealer info, names, phone numbers, addresses, IPs, and auto finance application results after a failed extortion attempt. – https://securityaffairs.com/188491/cyber-crime/shinyhunters-cyberattack-on-cargurus-impacts-12-4-million-users.html
Malicious NuGet Package Targets Stripe Developers
(Alessandro Mascellino – Infosecurity Magazine) A malicious NuGet package designed to mimic Stripe’s official .NET library has been uncovered by cybersecurity researchers, marking a shift in tactics from earlier cryptocurrency-focused campaigns to the broader financial sector. The package, named StripeApi.Net, impersonated Stripe.net, the legitimate helper library used to integrate Stripe payments into Microsoft .NET applications. With more than 74 million downloads, Stripe.net is widely adopted by developers building payment, billing and subscription systems. This made the malicious package particularly dangerous. – https://www.infosecurity-magazine.com/news/malicious-nuget-package-stripe-devs/
Former Defense Contractor Boss Gets 7+ Years for Selling Zero Days
(Phil Muncaster – Infosecurity Magazine) A former senior executive at a US defense contractor has been handed an 87-month jail term after selling zero-day exploits to a Russian broker. Australian national Peter Williams, 39, is the former general manager of L3Harris cyber-division Trenchant – a company that develops digital surveillance tools for Five Eyes agencies. In addition to the jail term, he was ordered to serve three years of supervised release with special conditions, to forfeit $1.3m, cryptocurrency, a house, and luxury items including watches and jewelry. – https://www.infosecurity-magazine.com/news/defense-contractor-boss-7-years/
ICO’s £14m Reddit Fine Highlights Age Check Privacy Concerns
(Phil Muncaster – Infosecurity Magazine) The UK’s Information Commissioner’s Office (ICO) has issued a multimillion-pound fine to Reddit for GDPR non-compliance, but experts have warned that its rules pose a risk to user security and privacy. The UK’s data protection regulator said on February 24 that its £14.47m ($19.6m) fine was levied for two main reasons. First, Reddit failed to put “robust” age verification measures in place, which meant it did not have a lawful basis for processing the personal information of children under the age of 13. – https://www.infosecurity-magazine.com/news/icos-14m-reddit-fine-age-check/
Cost of Insider Incidents Surges 20% to Nearly $20m
(Phil Muncaster – Infosecurity Magazine) Employee negligence driven by shadow AI cost organizations more than any other type of insider risk last year, accounting for 53% of the $19.5m lost on average per business, according to DTEX. The security vendor’s Cost of Insider Risks 2026 report was produced by the Ponemon Institute and based on interviews with 8750 IT and security practitioners in 354 global organizations. Malicious incidents such as sabotage, data theft, fraud and unauthorized disclosure accounted for 27% ($4.7m) of the total lost to insider risks last year, DTEX claimed. – https://www.infosecurity-magazine.com/news/cost-of-insider-incidents-surges/
Multifaceted Phishing Scheme Deceives Bitpanda Customers
(Alessandro Mascellino – Infosecurity Magazine) A sophisticated phishing campaign impersonating cryptocurrency brokerage Bitpanda has been uncovered by cybersecurity researchers. The operation, detailed in a new advisory by the Cofense Phishing Defense Center, combines credential theft with extensive personal data harvesting, using a near-perfect replica of the legitimate platform to deceive users. As cryptocurrency adoption increases, so does criminal interest. Analysts at Cofense said this latest campaign goes beyond typical login harvesting by guiding victims through a staged, fake multi-factor authentication (MFA) process designed to collect multiple forms of personally identifiable information. – https://www.infosecurity-magazine.com/news/bitpanda-mfa-phishing-scheme/
The cyberattack scenarios that keep officials up at night
(Sam Sabin – Axios) As artificial intelligence accelerates, so does the prospect of a cyberattack powerful enough to shut down hospitals, black-out cities and disrupt core government systems. Why it matters: Just by scaling and accelerating the cyberwarfare tools adversaries already have, AI can turn manageable intrusions into large-scale crises. Axios asked seven former senior cybersecurity officials and leading security experts what a major AI-enabled cyberattack would look like and what worries them the most about current advancements in generative AI. The big picture: Several of the experts pointed to the vulnerability of utilities, particularly water and electricity. Former Defense Secretary Leon Panetta worries AI tools will speed up the ability of adversaries to burrow into sensitive systems and turn off the lights — and potentially to also disable backup systems to prevent a timely recovery. Gen. Paul Nakasone, former head of the NSA and Cyber Command, raised the possibility that a nation-state that has breached systems critical to supplies of food and water could trigger an outage accidentally, if they lose control of an AI agent. Chinese government-linked hackers are known to have accessed U.S. critical infrastructure systems. But nation-states know the risks of attacking the U.S. directly, Nakasone said: “The United States is going to respond and they’re not going to respond necessarily only in cyberspace.” – https://www.axios.com/2026/02/24/cyberattack-risk-scenarios-experts
