This week saw significant law enforcement and regulatory actions, including the DoJ's "Disruption Week" which dismantled over 1.4 million accounts tied to Southeast Asian crypto fraud networks and froze $3.8 million in stolen assets. Simultaneously, the U.S. Treasury sanctioned Nobitex, Iran's largest crypto exchange, for its role in facilitating transactions for ransomware actors and the IRGC. In Europe, Spanish authorities arrested an individual responsible for leaking sensitive personal data belonging to government and law enforcement personnel.
On the threat landscape, the China-based actor TA4922 has expanded its operations beyond East Asia to target entities in Germany, Italy, and South Africa using sophisticated phishing campaigns and remote access trojans like ValleyRAT and Atlas RAT. Additionally, a critical authentication bypass vulnerability in Palo Alto Networks’ PAN-OS (CVE-2026-0257) is being actively exploited in the wild. Attackers are forging authentication cookies to gain unauthorized VPN access, prompting CISA to add the flaw to its Known Exploited Vulnerabilities catalog.
Top comments (0)