430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Scattered Spider, ShinyHunters Restructure – New Attacks Underway 

Resecurity warns the “Trinity of Chaos” (LAPSUS$, ShinyHunters, Scattered Spider) is driving a global cybercrime wave, with major breaches undisclosed. A new Resecurity report has uncovered a rapidly unfolding—and potentially much larger—global cybercrime campaign led by the notorious alliance of LAPSUS$, ShinyHunters, and Scattered Spider. Contrary to recent claims of “retirement,” the so-called “Trinity of […]

Scattered Spider

Resecurity warns the “Trinity of Chaos” (LAPSUS$, ShinyHunters, Scattered Spider) is driving a global cybercrime wave, with major breaches undisclosed.

A new Resecurity report has uncovered a rapidly unfolding—and potentially much larger—global cybercrime campaign led by the notorious alliance of LAPSUS$, ShinyHunters, and Scattered Spider. Contrary to recent claims of “retirement,” the so-called “Trinity of Chaos” continues to conduct coordinated hacks and extortion operations against leading enterprises, with multiple major data breaches yet to be disclosed to the public. This timely report highlights a surge of private extortion attempts, signaling that the true blast radius of these threat actors may far exceed what has so far come to light.

Resecurity analysts warn that only now are new victims and incidents coming to the surface. With confidential extortion activity ongoing—and the group leveraging its notoriety to coerce companies into silence—the full extent of compromised data across the Fortune 100, financial services, technology, aviation, retail, and auto sectors is just beginning to emerge.

This is a developing story, with ongoing attacks and fresh evidence challenging prior assumptions about the scope and impact of these Gen Z adversaries. Journalists tracking the cybercrime landscape—especially those following the infamous Qantas, JLR, AT&T, and Salesforce incidents—will find this latest Resecurity analysis a crucial resource on the evolving threat and what’s likely still lurking below the surface.

The UK’s Cyber Monitoring Centre (CMC) labels Marks & Spencer and Co-op cyberattacks a Category 2 event, estimating financial impact at £270M–£440M. The government has also announced a £1.5 billion ($2 billion) loan guarantee for Jaguar Land Rover (JLR) in response to the highly disruptive cyberattack that recently hit the carmaker.

The Guardian reported that JLR, which is owned by Tata Group, has outsourced cybersecurity and other IT services to Tata Consultancy Services (TCS), which also works with Marks & Spencer and Co-op, both believed to have been targeted by Scattered Spider, the same cybercrime group that has taken credit for the attack on JLR.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Scattered Spider)