LabHost enabled users to set up websites designed to trick victims into revealing personal information – with 70,000 allegedly duped in the UK

University students have turned to cyber fraud to boost their income, police have said, as they revealed they have infiltrated a huge phishing site on the dark web responsible for scamming tens of thousands of people.

The site called LabHost was active since 2021 and was a cyber fraud superstore, allowing users to produce realistic-looking websites from household names such as the big banks, ensnaring victims around the world including 70,000 in the UK.

In discovering malicious code that endangered global networks in open-source software, Andres Freund exposed our reliance on insecure, volunteer-maintained tech

On Good Friday, a Microsoft engineer named Andres Freund noticed something peculiar. He was using a software tool called SSH for securely logging into remote computers on the internet, but the interactions with the distant machines were significantly slower than usual. So he did some digging and found malicious code embedded in a software package called XZ Utils that was running on his machine. This is a critical utility for compressing (and decompressing) data running on the Linux operating system, the OS that powers the vast majority of publicly accessible internet servers across the world. Which means that every such machine is running XZ Utils.

Freund’s digging revealed that the malicious code had arrived in his machine via two recent updates to XZ Utils, and he alerted the Open Source Security list to reveal that those updates were the result of someone intentionally planting a backdoor in the compression software. It was what is called a “supply-chain attack” (like the catastrophic SolarWinds one of 2020 ) – where malicious software is not directly injected into targeted machines, but distributed by infecting the regular software updates to which all computer users are wearily accustomed. If you want to get malware out there, infecting the supply chain is the smart way to do it.

Paper by Anthropic outlines how LLMs can be forced to generate responses to potentially harmful requests

The safety features on some of the most powerful AI tools that stop them being used for cybercrime or terrorism can be bypassed simply by flooding them with examples of wrongdoing, research shows.

In a paper from the AI lab Anthropic, which produces the large language model (LLM) behind the ChatGPT rival Claude , researchers described an attack they called “many-shot jailbreaking”. It is as simple as it is effective.

US and UK governments announced sanctions against Chinese firms linked to hacking group

Cyber-attacks linked to Chinese intelligence agencies are increasing in capability and frequency as they seek to test foreign government responses, analysts have warned in the wake of revelations about a mass hacking of UK data.

On Tuesday, the UK and US governments accused hacking group, Advanced Persistent Threat 31 (APT 31), backed by China’s government spy agency, of conducting a years-long cyber-attack campaign , targeting politicians, national security officials, journalists and businesses. The UK said the hackers had potentially gained access to information on tens of millions of UK voters held by the Electoral Commission, as well as for cyber-espionage targeting lawmakers who have been outspoken about threats from China.

While diplomatic rows are inevitable, the priority is to keep channels open, and engage with Beijing about the climate crisis

Once upon a time Britain would have sent a gunboat up the Yangtze River . That would teach those Chinese a lesson. To hear some MPs talk about Beijing’s espionage activities, you would think gunboats were already on their way.

Of course, it is malicious and hurtful for a foreign state patently to hack into Britain’s Electoral Commission and target senior parliamentarians – as the government on Monday claimed China did in 2021 . It is equally malicious to fabricate MPs’ emails and use a Commons researcher as an informant. No less evil is the culture of fear sown among Britain’s 150,000 Chinese students by agents of Beijing, albeit tolerated by British universities greedy for money.

Simon Jenkins is a Guardian columnist

The US alleges the individuals were working as a front for Beijing in an indictment and sanctions announcement

The US government announced sanctions on Monday against Chinese hackers that it alleges were targeting the nation’s critical infrastructure while working for China’s government spy agency.

The Treasury’s office of foreign assets control stated that it sanctioned Wuhan Xiaoruizhi Science and Technology Company Ltd, which it calls a front for the Chinese ministry of state security that has “served as cover for multiple malicious cyberoperations”.

With the Electoral Commission just the latest target on a list that includes the economy and supply chains, experts warn of data-gathering ‘on an industrial scale’

In March last year an integrated review of the UK’s defence and foreign policy said it would protect the country’s “democratic freedoms” from Chinese state attacks.

A few months later the Electoral Commission confirmed why democratic institutions and processes were on the threat list as it revealed that a cyber-attack – by a then unidentified assailant – had accessed the data of 40 million voters.

Diogo Santos Coelho from Portugal faces a 52-year sentence for alleged cybercrime relating to RaidForums site

A vulnerable man with autism is pleading with the UK government to block his extradition to the US on cybercrime charges where he faces a 52-year sentence for alleged offending that began when he was a child.

Diogo Santos Coelho, who has been assessed as at very high risk of suicide, said he had been groomed and exploited online by adults from the age of 14 into committing the alleged crimes, which relate to the website RaidForums.

In the UK and Ireland, Samaritans can be contacted on freephone 116 123, or email jo@samaritans.org or jo@samaritans.ie . In the US, the National Suicide Prevention Lifeline is at 988 or chat for support. You can also text HOME to 741741 to connect with a crisis text line counselor. In Australia, the crisis support service Lifeline is 13 11 14. Other international helplines can be found at befrienders.org

LockBit was a sophisticated criminal operation, offering the tools needed to steal a company’s data and hold it to ransom. Then it was itself hacked. Alex Hern reports

A ransomware site on the dark web has allowed criminals to extort hospitals, businesses and schools for years. By encrypting data or threatening to post data online, hackers have cost companies millions of pounds.

It’s called LockBit, and it was very successful until one day last month when hackers who logged on to the site found it had been hacked by authorities including the UK National Crime Agency and the FBI. These agencies announced they were in control of LockBit’s site, marking a new stage in their war on cybercrime.