Back to Feed
Threat IntelligenceJul 3, 2026

In Other News: Canadian Hacker Jailed, Open Source Zero-Days, Two Sentenced for ATM Jackpotting

Multiple cybersecurity stories covered: Canadian hacker jailed, open source zero-days disclosed, and ATM jackpotters

Summary

This weekly roundup covers several notable cybersecurity incidents. Aubrey Cottle, a Canadian hacker linked to Anonymous, was sentenced to prison for a cyberattack on the Texas GOP. Separately, a researcher disclosed numerous zero-day vulnerabilities in popular open source projects like FFmpeg and Gitea, many found using LLM fuzzing. Additionally, two Venezuelans were sentenced in the US for ATM jackpotting schemes.

Full text

SecurityWeek’s cybersecurity news weekly roundup offers a concise overview of important developments that may not receive full standalone coverage but remain relevant to the broader threat landscape. This curated summary highlights key stories across vulnerability disclosures, emerging attack methods, policy updates, industry reports, and other noteworthy events to help readers maintain a well-rounded awareness of the evolving cybersecurity environment. Here are this week’s highlights: Anonymous-linked hacker Aubrey Cottle jailed over Texas GOP cyberattack Aubrey Cottle, a Canadian hacker associated with the hacktivist group Anonymous, has been sentenced to 18 months in prison for his involvement in a cyberattack on the Texas Republican Party’s website in September 2021. Cottle, 39, of Oshawa, Ontario, pleaded guilty to defacing the website, exfiltrating data from a Texas GOP server, and publishing the data online. 14 million impacted by KDDI data breachAdvertisement. Scroll to continue reading. Japanese telecoms provider KDDI has disclosed (PDF) a data breach likely impacting the email addresses and passwords of 14,22 million people. The incident affected five ISP operators, including BIGLOBE, Chubu Telecommunications C., JCOM Co., NIFTY Corporation, and STNet. Push Security targeted in poisoned tenant attack Three years after detailing the poisoned tenant attack, Push Security was targeted using the technique via OpenAI’s organization invitation feature. Multiple employees received an OpenAI invitation to join Push Security Inc. After they would join the tenant, the attacker could spy on their activities or target them with further social engineering. Rust-based PamStealer targeting macOS Jamf has detailed PamStealer, an information stealer targeting macOS that validates the harvested credentials via Pluggable Authentication Modules (PAM) before using them. The malware is distributed as a compiled AppleScript file impersonating the open source clipboard manager Maccy. Russian hackers behind the 2025 Jaguar Land Rover hack The cyberattack that severely disrupted Jaguar Land Rover’s operations in September 2025 was mounted by Russian hackers, The New York Times says. Microsoft reportedly notified the car manufacturer about the hacking group, with Mandiant, Palo Alto Networks, and US and UK law enforcement agencies also involved in the investigation. Pegasus spyware targeted a European Parliament member investigating it Former member of the European Parliament Stelios Kouloglou was hacked with NSO Group’s Pegasus spyware while he was investigating Pegasus abuse cases, as part of the PEGA committee, Citizen Lab discovered. The targeting has not been attributed to a specific government, and there is no evidence that the Greek Government was involved. Researcher drops dozens of zero-days in open source projects A researcher known as Bikini has published proof-of-concept (PoC) code targeting dozens of zero-day vulnerabilities in multiple open source projects, including FFmpeg, Gogs, Gitea, Ghidra, 7-Zip, OpenVPN, and VLC. Nine of the security defects have been assigned a CVE identifier. The issues, the researcher says, were surfaced via LLM fuzzing. Pro-Russia influence operations are shifting Four years into Russia’s invasion of Ukraine, pro-Russia influence operations are shifting from their single focus on Ukraine to pre-war objectives, Google says. Covert pro-Russia influence operations are targeting the US, European Union members, NATO, Russia’s neighbors, the Middle East and Africa, and internal entities. They focus on global events, elections, the war in Ukraine, and emerging geopolitical developments and events, and are increasingly relying on generative AI. Venezuelans sentenced in the US over ATM jackpotting Two illegal aliens from Venezuela, Carlos Javier Padron, 36, and Arnoldo Cabrera Torrealba, 37, have been sentenced to 78 months in prison in the US for their involvement in ATM jackpotting activities. As part of a sophisticated criminal group, they built and deployed a variant of the Ploutus malware on ATMs across the US and used it to withdraw money without authorization. They were also ordered to jointly pay $1.5 million in restitution. 96 other defendants have been charged over their roles in the operation. Cisco and Synology patches Cisco has released fixes for seven ClamAV vulnerabilities impacting Secure Endpoint Connector for Windows, Linux, and macOS, and Secure Endpoint Private Cloud, and for one flaw in Catalyst Center. Synology resolved three security defects in MailPlus Server, including two critical bugs that could allow attackers to read or write arbitrary files and cause DoS conditions. Join the AI Risk Summit | Ritz-Carlton, Half Moon Bay Written By SecurityWeek News Daily Briefing Newsletter Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights. More from SecurityWeek News In Other News: Chinese Mythos-Like AI, Tata Electronics Breach, Snyk LayoffsPhilip Martin Joins Uber as Chief Information Security OfficerWebinar Today: Modern Exposure Validation in the AI EraIn Other News: Apple Patches Beats Eavesdropping Flaw, DOT Closes Delta CrowdStrike Probe, AWS ContinuumWebinar Today: How Modern Breaches Bypass MFA and Evade DetectionEndpoint Security Startup Ent Emerges From Stealth With $100 Million Seed RoundIn Other News: Google Security Layoffs, AudiA6 Takedown, $400 Million Coupang FineCISO Forum Webinar Today: 2026 Mid-Year Review Latest News Agentic AI Used to Conduct Ransomware Attack via LangflowMedtronic Data Breach Impacts 3.8 Million PeopleAlleged Scattered Spider Hacker Extradited to USGoogle, FBI Disrupt NetNut Residential Proxy Network Powered by Millions of DevicesCritical Cursor AI Code Editor Flaws Could Lead to OS-Level Remote Code ExecutionNew CitrixBleed Vulnerability Exploited Immediately After Public DisclosureHow to Conduct a Successful Audit of AI-Driven Software DevelopmentFortiBleed Campaign Linked to INC, Lynx Ransomware Attacks Trending Daily Briefing NewsletterSubscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Webinar: Why Email Security Keeps Failing (And What Has to Change) July 8, 2026 Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more. Register Virtual Event: 2026 Cloud Security Summit July 16, 2026 This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments. Register People on the MoveJames Phillips has been promoted to the role of Vice President, Cybersecurity Risk Management at AT&T.Rafal Los has joined Binary Defense as Chief Strategy Officer.Tracey Mustacchio has joined Everfox as Chief Marketing Officer.More People On The MoveExpert Insights How to Conduct a Successful Audit of AI-Driven Software Development As AI-generated code becomes commonplace, CISOs need new audit strategies to measure developer practices, govern AI tool usage, and identify software risks before they reach production. (Matias Madou) Frontier AI: Six Questions Every Enterprise Should Ask Security Vendors From model selection and automation to validation and measurable results, the right questions can help enterprises separate genuine AI capabilities from marketing hype. (Joshua Goldfarb) The AI Token Costs That Can Break Cybersecurity As cybersecurity platforms embrace agentic AI, organizations must balance detection performance against the escalating costs of token consumption, deployment architecture, and AI credits. (Danelle Au) When Information Becomes the Attack Surface – Understanding AI

Entities

Anonymous (threat_actor)Pegasus (product)NSO Group (vendor)FFmpeg (product)Gogs (product)Gitea (product)