BreachBrief

Late last year, security researchers made a startling discovery: Kremlin-backed disinformation campaigns were bypassing moderation on social media platforms by leveraging the same malicious advertising technology that powers a sprawling ecosystem of online hucksters and website hackers. A new report on the fallout from that investigation finds this dark ad... Read more

Microsoft today released security updates to fix at least 67 vulnerabilities in its Windows operating systems and software. Redmond warns that one of the flaws is already under active attack, and that software blueprints showing how to exploit a pervasive Windows bug patched this month are now public. ... Read more

Ukraine has seen nearly one-fifth of its Internet space come under Russian control or sold to Internet address brokers since February 2022, a new study finds. The analysis indicates large chunks of Ukrainian Internet address space are now in the hands of proxy and anonymity services nested at some of... Read more

The U.S. government today imposed economic sanctions on Funnull Technology Inc., a Philippines-based company that provides computer infrastructure for hundreds of thousands of websites involved in virtual currency investment scams, commonly known as “pig butchering." In January 2025, KrebsOnSecurity detailed how Funnull was being used as a content delivery network... Read more

Authorities in Pakistan have arrested 21 individuals accused of operating "Heartsender," a once popular spam and malware dissemination service that operated for more than a decade. The main clientele for HeartSender were organized crime groups that tried to trick victim companies into making payments to a third party, and its... Read more

The U.S. government today unsealed criminal charges against 16 individuals accused of operating and selling DanaBot, a prolific strain of information-stealing malware that has been sold on Russian cybercrime forums since 2018. The FBI says a newer version of DanaBot was used for espionage, and that many of the defendants... Read more

KrebsOnSecurity last week was hit by a near record distributed denial-of-service (DDoS) attack that clocked in at more than 6.3 terabits of data per second (a terabit is one trillion bits of data). The brief attack appears to have been a test run for a massive new Internet of Things... Read more

In what experts are calling a novel legal outcome, the 22-year-old former administrator of the cybercrime community Breachforums will forfeit nearly $700,000 to settle a civil lawsuit from a health insurance company whose customer data was posted for sale on the forum in 2023. Conor Brian Fitzpatrick, a.k.a. "Pompompurin," is... Read more

Microsoft on Tuesday released software updates to fix at least 70 vulnerabilities in Windows and related products, including five zero-day flaws that are already seeing active exploitation. Adding to the sense of urgency with this month's patch batch from Redmond are fixes for two other weaknesses that now have public... Read more

A Texas firm recently charged with conspiring to distribute synthetic opioids in the United States is at the center of a vast network of companies in the U.S. and Pakistan whose employees are accused of using online ads to scam westerners seeking help with trademarks, book writing, mobile app development... Read more

A employee at Elon Musk's artificial intelligence company xAI leaked a private key on GitHub that for the past two months could have allowed anyone to query private xAI large language models (LLMs) which appear to have been custom made for working with internal data from Musk's companies, including SpaceX, Tesla... Read more

A 23-year-old Scottish man thought to be a member of the prolific Scattered Spider cybercrime group was extradited last week from Spain to the United States, where he is facing charges of wire fraud, conspiracy and identity theft. U.S. prosecutors allege Tyler Robert Buchanan and co-conspirators hacked into dozens of... Read more

TechCrunch All Stage, our founder-focused summit, is gearing up to return to Boston on July 15! We’re doing a last call for exceptional volunteers to join us in bringing this event to life. If you’ve ever wondered about the inner workings of tech events, now’s your chance to get involved.... Read more

With the TikTok deadline to sell its U.S. operations now just two days away, a new decentralized social media app launched its beta to the public on Tuesday.  Own is the latest alternative to TikTok to emerge, featuring a swipeable feed for not just short videos but also text posts... Read more

One month after the House passed its version of a reconciliation bill, Senate Republicans released their take on the budget bill Monday night. The Senate Finance Committee’s language would take a sledgehammer to some parts of the renewable-friendly Inflation Reduction Act (IRA) while sparing others.  Solar, wind, and hydrogen bear... Read more

Social networks are bolstering their terms of service against scrapers and bots that crawl the website to train AI models. Days after Elon Musk-owned X updated its terms to explicitly prohibit AI model training, decentralized social network Mastodon today updated its own rules to bar any kind of model training,... Read more

Sword Health, an AI-powered digital health startup, has raised $40 million at a $4 billion valuation, a 33% jump from the $3 billion price tag it earned just a year ago. The funding was led by returning investor, General Catalyst. Even though 10-year-old Sword Health is cash-flow positive, its CEO... Read more

Food distribution giant United Natural Foods (UNFI) said it is making “significant progress” in recovering from a cyberattack that occurred almost two weeks ago, as grocery stores across North America reliant on the distributor continue to report food shortages. UNFI said in an update on Sunday that it was restoring... Read more

The U.K. data protection watchdog has fined 23andMe £2.31 million ($3.1m) for failing to protect U.K. residents’ personal and genetic data prior to its 2023 data breach. The Information Commissioner’s Office (ICO) said on Tuesday it has fined the genetic testing company as it “did not have additional verification steps... Read more

Amazon has revealed that Prime Day 2025 will take place on July 8-11, extending the annual sale event to four days this year. Amazon notes that consumers will be able to shop for “pantry staples and snacks for summer gatherings to home-improvement must-haves, back-to-school supplies, health and personal care finds,... Read more

Adobe has been on a quest to attract users to its platform for their AI needs. The company in April launched a redesigned Firefly web app that lets users use Adobe’s own Firefly image- and video-generation models as well as third-party models. Now, it is releasing a Firefly app on... Read more

Rising-star defense tech Mach Industries has announced a new $100 million round of funding at a $470 million valuation. TechCrunch first reported that this deal was in the works last month. New investor Keith Rabois from Khosla Ventures joins existing investor Geoff Lewis of Bedrock Capital to lead the round.... Read more

Walk around a big city like New York or Amsterdam long enough and you’re bound to notice something: tiny four-wheeled cargo carriers zipping down bike lanes. These battery-assisted vehicles, often called e-quads, are distinct from cargo e-bikes, which tend to be geared toward households. E-quads are larger and sport enclosed... Read more

A California district court on Monday denied a request by Apple to throw out a class action lawsuit that alleges the iPhone maker violates competition laws by forcing users of its devices to back up their critical files and device settings on its cloud storage service, iCloud. The complaint also... Read more

Coralogix, an Israeli startup offering a full-stack observability and security platform, has raised $115 million at a pre-money valuation of over $1 billion, almost doubling in three years from its last round in 2022. With the influx of cash, the startup is looking to expand its engineering base in India... Read more

The tech industry talks a lot about how AI is going to transform work. Legal startup Crosby, which just came out of stealth with a $5.8 million seed round led by Sequoia, is perhaps the most extreme example of what’s coming that we’ve seen to date. Crosby isn’t just making... Read more

Endeavor Catalyst, the co-investment fund affiliated with global entrepreneurial network Endeavor Global, is raising a new $300 million fund, its fifth and largest fund yet, as it looks to deepen its bet on high-growth startups across Africa, Latin America, the Middle East, and Southeast Asia, TechCrunch has learned. The new... Read more