VYPR
breachPublished Jul 3, 2026· 1 source

Canadian Hacker Jailed, Open-Source Zero-Days Disclosed, ATM Jackpotting Scheme Leads to Sentences

A roundup of cybersecurity news includes the sentencing of a Canadian hacker, the disclosure of numerous zero-day vulnerabilities in open-source projects, and the sentencing of two individuals for ATM jackpotting.

In a notable legal development, Aubrey Cottle, a Canadian hacker associated with the hacktivist collective Anonymous, has been sentenced to 18 months in prison. Cottle pleaded guilty to charges stemming from a cyberattack on the Texas Republican Party's website in September 2021, which involved defacing the site, exfiltrating data, and subsequently publishing it online.

Separately, a significant number of zero-day vulnerabilities have been disclosed by a researcher known as Bikini. The researcher published proof-of-concept code targeting dozens of flaws across multiple open-source projects, including widely used software like FFmpeg, Gogs, Gitea, Ghidra, 7-Zip, OpenVPN, and VLC. Nine of these vulnerabilities have already been assigned CVE identifiers, with the researcher attributing their discovery to the use of Large Language Model (LLM) fuzzing techniques.

In the United States, a sophisticated ATM jackpotting scheme has resulted in prison sentences for two Venezuelan nationals. Carlos Javier Padron and Arnoldo Cabrera Torrealba were sentenced to 78 months each for their roles in building and deploying a variant of the Ploutus malware. This malware was used to illicitly withdraw funds from ATMs across the US. The operation involved a larger criminal group, with 96 other defendants also charged in connection with the scheme. Padron and Torrealba were also ordered to pay $1.5 million in restitution.

In other news, Japanese telecommunications provider KDDI disclosed a data breach that may have impacted the email addresses and passwords of over 14.2 million individuals across five of its ISP operators. Meanwhile, Push Security reported being targeted by a "poisoned tenant" attack, a technique previously detailed by the company itself, using OpenAI's organization invitation feature.

Jamf has detailed a new macOS information stealer named PamStealer, which impersonates the open-source clipboard manager Maccy. This malware harvests credentials and validates them using Pluggable Authentication Modules (PAM) before exfiltration. The cyberattack that disrupted Jaguar Land Rover's operations in September 2025 has been attributed to Russian hackers, according to The New York Times, with multiple cybersecurity firms and law enforcement agencies involved in the investigation.

Further adding to the landscape of surveillance technology, Citizen Lab discovered that a former member of the European Parliament, Stelios Kouloglou, was targeted with NSO Group's Pegasus spyware while investigating its misuse. The attribution for this specific targeting remains unclear, with no evidence pointing to the Greek government's involvement.

Google has observed a shift in pro-Russia influence operations, which are expanding their focus beyond Ukraine to target entities in the US, EU, NATO, and neighboring countries, increasingly leveraging generative AI. Finally, Cisco and Synology have released patches for multiple vulnerabilities affecting their respective products, including ClamAV and MailPlus Server, with some of these flaws rated as critical.

Synthesized by Vypr AI