Author Archives: John Leyden

Pair became ALPHV affiliates to prey on US-based clients A ransomware negotiator and a security incident response manager have admitted to running ransomware attacks.… Continue reading Cybersecurity pros admit to moonlighting as ransomware scum→

Zohran Mamdani appears not to understand that smartphones can be used for evil New York’s mayor-elect Zohran Mamdani has invited the city’s residents to join him at a block party to celebrate his inauguration but told attendees not to bring a Raspberry… Continue reading New York’s incoming mayor bans Raspberry Pi at his inauguration party→

You didn’t think you’d get to enjoy your time off without a major cybersecurity incident, did you? A high-severity MongoDB Server vulnerability, for which proofs of concept emerged over Christmas week, is now under active exploitation, according to the… Continue reading An early end to the holidays: ‘Heartbleed of MongoDB’ is now under active exploit→

One cert, in plaintext, on thousands of devices, led to what looks like years of crime South Korea’s Ministry of Science and ICT has found that local carrier Korea Telecom (KT) deployed thousands of badly secured femtocells, leading to an attack that e… Continue reading Korean telco failed at femtocell security, exposed customers to snooping and fraud→

There’s more where that came from, CEO says Rogue insiders suspected of taking bribes to hand over Coinbase customer records to criminals are beginning to face justice, according to CEO Brian Armstrong.… Continue reading Indian cops cuff ex-Coinbase rep over selling customer info to crims→

Extortion group Lovely claims to have stolen 40 million pieces of info from publisher Conde Nast A criminal group is beating Conde Nast over the head for not responding sooner to its extortion attempt by posting stolen subscribers’ email and home addre… Continue reading Crims disconnect Wired subscribers from their privacy, publish deets online→

Countries that banded together to challenge Boeing in the air try to do the same to AWS, Microsoft, and Google on the ground Feature  More than half a century ago, a consortium of European aerospace businesses from the UK, France, Germany and Spain joi… Continue reading Europe’s cloud challenge: Building an Airbus for the digital age→

Former staffer of Korean e-tailer Coupang accessed 33 million records but may have done less damage than feared Korean e-tailer Coupang claims a former employee has admitted to improperly accessing data describing 33 million of its customers, but says … Continue reading Accused data thief threw MacBook into a river to destroy evidence→

The human harms of cyberattacks piled up this year, and violence expected to increase The knock-on, and often unintentional, impacts of a cyberattack are so rarely discussed. As an industry, the focus is almost always placed on the economic damage: the… Continue reading Death, torture, and amputation: How cybercrime shook the world in 2025→

Practice makes perfect It’s the most wonderful time of the year … for corporate security bosses to run tabletop exercises, simulating a hypothetical cyberattack or other emergency, running through incident processes, and practicing responses to ensure … Continue reading From AI to analog, cybersecurity tabletop exercises look a little different this year→