Bill Toulas

Cyprus, Nicosia

Infosec News Writer at Bleeping Computer

Infosec news @BleepinComputer

Featured in: Favicon

bleepingcomputer.com Favicon

flipboard.com Favicon

newsbreak.com Favicon

acs.org.au Favicon

industrytap.com Favicon

technadu.com Favicon

codeproject.com Favicon

ourcommunitynow.com Favicon

ia.acs.org.au

Articles

Godfather Android malware now uses virtualization to hijack banking apps

1 week ago | bleepingcomputer.com | Bill Toulas

A new version of the Android malware "Godfather" creates isolated virtual environments on mobile devices to steal account data and transactions from legitimate banking apps. These malicious apps are executed inside a controlled virtual environment on the device, enabling real-time spying, credential theft, and transaction manipulation while maintaining perfect visual deception.
US recovers $225 million of crypto stolen in investment scams

1 week ago | bleepingcomputer.com | Bill Toulas

The U.S. Department of Justice has seized more than $225 million in cryptocurrency linked to investment fraud and money laundering operations, the largest crypto seizure in the history of the U.S. Secret Service. The state's investigators used blockchain analysis to trace the funds stolen from over 400 victims, which were then laundered through a complex network of cryptocurrency addresses to obscure their origin.
DuckDuckGo beefs up scam defense to block fake stores, crypto sites

1 week ago | bleepingcomputer.com | Bill Toulas

The DuckDuckGo web browser has expanded its built-in Scam Blocker tool to protect against a broader range of online scams, including fake e-commerce, cryptocurrency exchanges, and "scareware" sites. DuckDuckGo is a privacy-focused web browser and search engine that doesn't track users' searchers or browsing history.
Ryuk ransomware’s initial access expert extradited to the U.S.

1 week ago | bleepingcomputer.com | Bill Toulas

A member of the notorious Ryuk ransomware operation who specialized in gaining initial access to corporate networks has been extradited to the United States. The suspect is a 33-year-old foreign man who was arrested in April 2025 in his home in Kyiv at the request of the FBI. He was extradited to the United States yesterday, June 18.
North Korean hackers deepfake execs in Zoom call to spread Mac malware

1 week ago | bleepingcomputer.com | Bill Toulas

The North Korean BlueNoroff hacking group is deepfaking company executives during Zoom calls to trick employees into installing custom malware on their macOS devices. BlueNoroff (aka Sapphire Sleet or TA444) is a North Korean advanced persistent threat (APT) group known for conducting cryptocurrency theft attacks using Windows and Mac malware. Huntress researchers uncovered a new BlueNoroff attack on June 11, 2025, when they were called to investigate a potential intrusion on a partner's network.
'Stargazers' use fake Minecraft mods to steal player passwords

1 week ago | bleepingcomputer.com | Bill Toulas

A large-scale malware campaign specifically targets Minecraft players with malicious mods and cheats that infect Windows devices with infostealers that steal credentials, authentication tokens, and cryptocurrency wallets. The campaign, discovered by Check Point Research, is conducted by the Stargazers Ghost Network and leverages the Minecraft massive modding ecosystem and legitimate services like GitHub to reach a large audience of potential targets.
Healthcare SaaS firm says data breach impacts 5.4 million patients

1 week ago | bleepingcomputer.com | Bill Toulas

Episource warns of a data breach after hackers stole health information of over 5 million people in the United States in a January cyberattack. Episource is an American healthcare services company that provides risk adjustment, medical coding, data analytics, and technology solutions to health plans and providers. They help insurers optimize payments and compliance in government programs like Medicare Advantage.
Asana warns MCP AI feature exposed customer data to other orgs

1 week ago | bleepingcomputer.com | Bill Toulas

Work management platform Asana is warning users of its new Model Context Protocol (MCP) feature that a flaw in its implementation potentially led to data exposure from their instances to other users and vice versa. The data exposure was due to a logic flaw in the MCP system and not the result of a hack, but the risk that arises from the incident could still be significant in some cases.
Asana warns MCP AI feature exposed customer data to other orgs

1 week ago | flipboard.com | Bill Toulas

5 hours agoWhile reviewing AI image generators, I've created some truly terrible content. Take a good laugh, then learn how to fix these annoyingly common problems. One of the best parts of my job is laughing at the truly terrible, deeply flawed, occasionally frightening AI images that pop out while I review …
Paddle settles for $5 million over facilitating tech support scams

1 week ago | bleepingcomputer.com | Bill Toulas

Paddle.com and its U.S. subsidiary will pay $5 million to settle Federal Trade Commission (FTC) allegations that the company facilitated deceptive tech-support schemes that harmed many U.S. consumers, including older adults.