The Cyber Express Weekly Roundup: Crypto Breaches, State-Linked Schemes, and Platform Exploits
The Cyber Express weekly roundup highlighted a series of high‑profile cyber incidents. Grinex halted trading after a coordinated wallet breach that stole more than $15 million in USDT, while two U.S. citizens were sentenced for a North Korea‑linked scheme that generated $5 million through fake remote‑work placements. Australia’s new under‑16 social‑media restriction proved porous, with over 60 % of teens still accessing platforms, and a dark‑web forum launched a $10 k contest for exploit write‑ups backed by a ransomware group. Additionally, Rockstar Games confirmed a breach via a third‑party service, though core services remain unaffected.
Kuwait Banks Deploy Real-Time War Room to Fight Growing Cyber Fraud Threats
Kuwait’s banking sector has launched a virtual war room that connects banks, the Central Bank, the Ministry of Interior and the Public Prosecution in real time. The platform instantly flags suspicious transactions, halts fund movement and initiates legal action, shifting...
$15M Grinex Hack Forces Trading Halt After Major Crypto Wallet Breach
Kyrgyzstan‑based crypto exchange Grinex halted all trading after hackers breached its hot‑wallet infrastructure and stole roughly $15 million in USDT, equivalent to about 1 billion rubles. The attackers rapidly moved the stolen tokens across Ethereum and Tron, consolidating the proceeds into a...
Russian GRU Cyber Campaign Targets Western Logistics Firms Supporting Ukraine
A joint cybersecurity advisory has identified a sustained Russian GRU operation, attributed to Unit 26165 (APT28/Fancy Bear), that has been targeting Western logistics firms and technology providers supporting Ukraine since early 2022. The campaign leverages credential‑guessing, spear‑phishing, and weaponized CVEs such as...
“I’m Just Scared”: Teen Hacker Jailed After Massive U.S. School Data Breach
Teen hacker Matthew Lane, now 20, was sentenced to four years in federal prison for his central role in the PowerSchool data breach, one of the largest attacks on U.S. education. The breach exposed personal information for roughly 60 million students...
Targeted Cyberattack on Northern Ireland Schools Exposes Personal Data
A recent cyberattack on Northern Ireland's Education Authority was confirmed as a targeted breach affecting a small number of schools. Forensic analysis revealed that attackers accessed personal data, though no large‑scale exfiltration has been proven. Police Service of Northern Ireland...
MiningDropper Turns Android Apps Into Multi-Stage Malware Delivery Systems
Researchers at Cyble have identified a surge in Android malware campaigns leveraging a new modular framework called MiningDropper. The platform repurposes the open‑source Lumolight app as a trojanized entry point and uses layered XOR and AES encryption to deliver multi‑stage...
Ukraine Warns of Surge in Cyberattacks on Hospitals, Local Governments by UAC-0247 Hackers
Ukrainian cyber‑defense agency CERT‑UA reported a sharp increase in attacks by the UAC‑0247 threat cluster targeting hospitals, emergency services, and local government bodies between March and April 2026. The campaign uses phishing emails that pose as humanitarian aid offers, delivering...
Ivanti Neurons ITSM Vulnerabilities Could Allow Session Persistence
Ivanti disclosed two medium‑severity flaws—CVE-2026-4913 and CVE-2026-4914—in its Neurons for IT Service Management platform affecting versions up to 2025.3. The first vulnerability lets a remote authenticated user retain access after account deactivation, while the second is a stored XSS that...
Goldman Sachs ‘Hyperaware’ of AI Risks; Working with Anthropic on Mythos
Goldman Sachs warned that Anthropic’s new AI model, Mythos, can autonomously discover and exploit software vulnerabilities, raising serious cyber‑risk concerns for the financial sector. The bank’s CEO David Solomon said Goldman is "hyperaware" of these threats and is working with...
Hackers Exploit Kali Forms Vulnerability to Take Over WordPress Sites
A critical Remote Code Execution (RCE) flaw was discovered in the Kali Forms WordPress plugin, which powers over 10,000 active sites. The vulnerability, reported on March 2, 2026, was patched in version 2.4.10 on March 20, 2026, but attackers began exploiting it the same day,...
Dark Web Article Contest Offers $10,000 for Exploit Writing on TierOne Forum
A dark‑web forum called TierOne has launched a $10,000 article contest that rewards technical write‑ups on vulnerability exploitation. The prize pool is split into $5,000 for first place, $3,000 for second, and $2,000 for third, with submissions accepted from April 13...
Zimbabwe Boosts Cybersecurity as AI-Driven Cyber Fraud Surges
Zimbabwe is ramping up its cybersecurity defenses as AI‑driven fraud spikes, with deepfake voice cloning and automated phishing tools targeting mobile money users and public services. The government reports cyber‑related losses exceeding $30 million a year and a 40% rise in...
Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
Adobe released emergency updates to fix a high‑impact Acrobat and Reader flaw identified as CVE‑2026‑34621. The vulnerability, rated 8.6 on the CVSS scale, allows arbitrary code execution via prototype pollution and has been confirmed exploited in the wild. Affected products...
The Cyber Express Weekly Roundup: Major State Threats, Crypto Attacks, and Legal Gaps
The Cyber Express weekly roundup highlights a surge in state‑sponsored DNS hijacking by Russia‑linked APT28, a $285 million theft from the Drift Protocol DeFi exchange, and a looming EU regulatory gap on child‑sexual‑abuse‑material detection. The U.S. Treasury announced a Digital Asset...