Recent law enforcement actions have successfully disrupted major cybercriminal infrastructures. The FBI and Indonesian authorities dismantled the W3LL phishing ecosystem, which facilitated massive business email compromise attacks through advanced MFA bypass techniques. Simultaneously, the U.S. Department of Justice sentenced individuals for enabling North Korean IT workers to infiltrate American companies using stolen identities, a scheme that funneled millions to the DPRK.
On the threat landscape, Ukraine’s CERT-UA has identified a new C# malware campaign dubbed “AgingFly” targeting government and healthcare sectors. The malware leverages phishing and PowerShell to maintain persistence while using legitimate open-source tools for credential theft and lateral movement. Additionally, a critical authentication bypass vulnerability (CVE-2026-33032) in Nginx UI is seeing active exploitation, allowing attackers to gain full administrative control over web servers via exposed MCP endpoints.
