Originally reported by BleepingComputer, Malwarebytes Labs
TL;DR
Police dismantled massive cybercrime infrastructure in Operation Synergia III, sinkholing 45,000 IP addresses and seizing servers worldwide. Meanwhile, Storm-2561 actively distributes fake VPN clients to steal enterprise credentials, and the FBI investigates malware-laden Steam games.
Operation Synergia III represents a significant law enforcement victory against cybercrime infrastructure, while active campaigns targeting enterprise VPN credentials pose immediate risks to corporate networks.
Law enforcement agencies delivered a significant blow to global cybercrime operations through "Operation Synergia III," according to BleepingComputer. The coordinated international action sinkholed 45,000 IP addresses and seized servers linked to cybercrime activities worldwide. The operation represents one of the largest infrastructure takedowns targeting criminal networks, disrupting command and control systems used by various threat actors.
Microsoft researchers have identified an active credential harvesting campaign by threat actor Storm-2561, BleepingComputer reports. The group distributes convincing fake VPN clients impersonating Ivanti, Cisco, and Fortinet to steal corporate credentials from unsuspecting users. The malicious software mimics legitimate enterprise VPN applications, making detection challenging for targeted employees.
The FBI is actively seeking victims of malware distributed through eight malicious games uploaded to the Steam gaming platform, according to BleepingComputer. Federal investigators are building a case around the malware distribution scheme and requesting information from affected gamers. The incident highlights the expanding attack surface as threat actors increasingly target gaming platforms to reach consumer endpoints.
Poland's National Centre for Nuclear Research (NCBJ) successfully detected and blocked a cyberattack targeting its IT infrastructure, BleepingComputer reports. The research facility's security systems prevented any operational impact from the attempted breach. The incident underscores the continued targeting of critical research institutions by threat actors.
Threat actors are exploiting calendar notification systems to impersonate Malwarebytes with fake renewal notices, according to Malwarebytes Labs research. The scam directs victims to call fraudulent billing numbers, leveraging the trusted appearance of calendar invitations to bypass traditional email security measures. The technique demonstrates evolving social engineering tactics that abuse legitimate platform features.
Microsoft is investigating critical system access problems affecting some Samsung laptops after February 2026 security updates, where users lose access to their C:\ drive, BleepingComputer reports. Separately, the company is addressing email synchronization and connection problems in classic Outlook desktop clients. These issues highlight the ongoing challenges of maintaining system stability during security update deployments.
Security firm Acronis published guidance on protecting data during hypervisor migrations, particularly as organizations transition away from VMware platforms, according to BleepingComputer coverage. The advisory emphasizes the importance of verified backups and cross-platform recovery capabilities during infrastructure transitions, noting that migration processes can introduce hidden risks to data availability.
Originally reported by BleepingComputer, Malwarebytes Labs