430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

A suspected Scattered Spider member suspect detained for casino network attacks

A suspected Scattered Spider member linked to cyber attacks on Las Vegas casinos was arrested on September 17. The Las Vegas Metropolitan Police Department arrested on September 17 a suspected Scattered Spider member linked to attacks on Las Vegas casinos for computer intrusion, extortion, and identity theft. Between August and October 2023, multiple Las Vegas […]

CVE-2026-39987: Marimo RCE

A suspected Scattered Spider member linked to cyber attacks on Las Vegas casinos was arrested on September 17.

The Las Vegas Metropolitan Police Department arrested on September 17 a suspected Scattered Spider member linked to attacks on Las Vegas casinos for computer intrusion, extortion, and identity theft.

Between August and October 2023, multiple Las Vegas casinos suffered network intrusions linked to the cybercrime group “Scattered Spider,” prompting an FBI investigation.

“Through the course of the investigation, detectives were able to identify a teenage male as a suspect in the case.” reads the announcement by Las Vegas Metropolitan Police Department. On September 17, 2025, the juvenile suspect surrendered himself to the Clark County Juvenile Detention Center where he was booked for the following charges:

  • One count of Unlawful Acts Regarding Computers”
  • Three counts of Obtaining and Using Personal Identifying Information of Another Person to Harm or Impersonate Person 
  • One count of Extortion 
  • One count of Conspiracy to Commit Extortion 

The Clark County District Attorney’s Office seeks to move the suspect to the criminal division to face charges as an adult.

Recently, U.K. law enforcement authorities arrested two teenagers who are members of the notorious Scattered Spider hacking group in connection with their role in the cyber attack that hit Transport for London (TfL).

Transport for London (TfL) is a local government body responsible for most of the transport network in London, United Kingdom. In August 2024, a cyber attack hit the organization.

The two suspects are Thalha Jubair (aka EarthtoStar, Brad, Austin, and @autistic), 19, from East London and Owen Flowers, 18, from Walsall, West Midlands. The National Crime Agency (NCA) arrested both at their home addresses on Tuesday.

“Two men have been charged as part of the National Crime Agency investigation into a cyber attack on Transport for London (TfL).” reads the NCA announcement. “TfL was subject of a network intrusion on 31 August 2024, which investigators believe was carried out by members of the online criminal collective known as Scattered Spider.”

Both are charged with conspiring together to commit unauthorised acts against TfL, under the Computer Misuse Act.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Scattered Spider)