Latest Internet & Cybersecurity News
Apple Pay Phishing Scam Targets 1.8 Billion iPhone Users
Scammers are sending fake Apple Pay fraud alerts via text messages to 1.8 billion iPhone users worldwide, urging prompt action on alleged account issues. The phishing scam mimics urgent notifications to trick users into revealing sensitive information.
Security experts note a spike ahead of tax deadlines.
International Operation Identifies 20,000+ Crypto Fraud Victims
UK's National Crime Agency led Operation Atlantic with US, Canada partners, identifying over 20,000 crypto fraud victims and freezing $12 million in assets. The effort involved intelligence sharing and private sector collaboration to support victims and prevent future scams.
Over $45 million in cryptocurrency was targeted overall.
Philadelphia Man Loses Retirement Savings to Phishing
An elderly man in Philadelphia lost his entire retirement savings in a phishing attack just before the IRS tax deadline on April 15. This incident highlights rising tax refund scams exploiting deadline pressures.
Experts urge vigilance against urgent financial alerts.
ShinyHunters Breach Google via Salesforce CRM
Threat group ShinyHunters exploited Google's Salesforce CRM database, exposing sensitive advertiser and user data in a major 2026 cyberattack. The breach targeted business infrastructure with precision, affecting millions of records.
A related 184 million credential dataset from infostealer malware also surfaced.
Anthropic Limits Mythos AI Model Release Over Hacking Risks
Anthropic restricted its advanced cybersecurity AI model Mythos to a consortium of 40 tech firms like Google, Apple, and Microsoft due to fears it could enable widespread cyberattacks. Mythos uncovered old vulnerabilities but red team tests showed it could chain exploits against major OS and browsers.
Project Glasswing allows partners to test for software flaws.
Indian Police Dismantle Cybercrime Syndicates in Fraud Busts
Malkajgiri Cyber Crime Police arrested 13 for investment and digital arrest scams; Surat Cell broke a Dubai-linked fraud network using fake accounts. These operations reveal the global reach of organized cybercrime targeting financial systems.
Authorities emphasize reporting suspicious activities.
Hyderabad Police Alert on CEO Impersonation via WhatsApp Web
Fraudsters use phishing emails to install malware, then impersonate CEOs on WhatsApp Web to dupe companies into urgent fund transfers. The sophisticated social engineering exploits corporate trust and remote system control.
Users advised to verify communications rigorously.
LinkedIn Accused of Large-Scale Browser Surveillance
LinkedIn faces claims of scanning thousands of browser extensions and collecting device data for competitive intelligence, following a German court ruling on scraping. The company denies misuse amid rising data privacy concerns.
Mitigation includes privacy-focused browsers.
Ransomware Hits Winona County, Minnesota DMV and Vital Stats
A cyberattack downed Winona County's DMV and vital statistics systems, though emergency services remain operational; second incident this year after January ransomware. Local, state, and federal teams investigate.
County declared a local emergency.
OpenAI Discloses Axios Supply-Chain Security Incident
OpenAI flagged a supply-chain issue linked to Axios, rotating macOS certificates but confirming no user data access. The incident underscores risks in third-party dependencies.
No further impacts reported.
Trust Wallet Chrome Extension Hit by $7M Crypto Supply Chain Attack
Hackers stole $7 million in cryptocurrency via a supply chain attack on Trust Wallet's extension in December 2025, using a leaked API key. The company patched it and pledged reimbursements.
Highlights ongoing threats to wallet software.
INC Ransomware Disrupts US Emergency Alerts via OnSolve
INC gang compromised OnSolve’s CodeRED system in November 2025, stealing data and halting alerts across US states. Officials deployed alternatives after extortion refusal.
Exposes critical infrastructure vulnerabilities.