Collaborate Disseminate
One in eight UK workers admits to selling their company login credentials – or knowing someone who has – in the past 12 months.
The really alarming bit? Their bosses are even more relaxed about it.
Read more in my article on the Fortra blog. Continue reading One in eight UK workers has sold their company passwords, and bosses think it’s fine
Most universities have a careers fair. At Bauman Moscow State Technical University, however, an elite group of students appear to have something rather more unusual: a direct pipeline into some of the world’s most notorious state-sponsored hacking grou… Continue reading Inside Department 4: Russia’s secret school for hackers
You don’t need to live near a scam compound for it to wreck your life. Americans lost $5.8 billion to crypto investment scams last year alone – and a raid in Sri Lanka this month shows exactly how the operations behind them keep finding new places to h… Continue reading Sri Lanka makes 37 arrests as it raids another scam centre
Meta’s smart glasses promise privacy “designed for you” – but everything they record was being beamed off to workers in Nairobi to label by hand. When those workers blew the whistle, Meta sacked all 1,108 of them.
Meanwhile, the IT press is in a frenz… Continue reading Smashing Security podcast #466: Meta sees everything, Copy Fail, and a deepfake gets hired
Here’s a tip for you all. Unless you want to draw attention to yourself as a cybercriminal, don’t flaunt your diamond-encrusted “HACK THE PLANET” necklace on Snapchat, or pose as a Sopranos crime boss while the FBI is reportedly closing in.
Read more … Continue reading Teenager alleged to be Scattered Spider hacker arrested in Finland, faces US extradition
US Marines stationed around the Persian Gulf have been receiving WhatsApp messages from strangers suggesting they call home and make their final goodbyes.
Read more in my article on the Hot for Security blog. Continue reading Iran-linked Handala hackers leak US Marines data, send chilling WhatsApp threats
A developer at an AI startup wanted to cheat at Roblox. They downloaded a dodgy script on their work laptop. That one decision triggered a cascade of failures that ended with a $2 million data breach affecting hundreds of thousands of organisations. Al… Continue reading Smashing Security podcast #465: This developer wanted to cheat at Roblox. It cost millions
A man accused of working as a hacker for China’s Ministry of State Security has been extradited to the USA from Italy, and faces – if found guilty – the prospect of decades behind bars.
Read more in my article on the Hot for Security blog. Continue reading Alleged Silk Typhoon hacker extradited to the United States to face charges
A 21-year-old man suspected of conducting approximately 100 data breaches since late 2025 – including a hack of the French Ministry of National Education that exposed records on almost a quarter of a million employees – has been arrested at his home in… Continue reading French police arrest 21-year-old “HexDex” hacker over 100 alleged data breaches
A company that ran anonymous tip lines for 35,000 American schools – handling reports of bullying, weapons, and self-harm – boasted on its website that it had suffered zero security breaches in over 20 years. A hacker called Internet Yiff Machine thoug… Continue reading Smashing Security podcast #464: Rockstar got hacked. The data was junk. The secrets it revealed were not