The Top Ten cyber crime news summaries on The420 are meticulously curated by Future Crime Researchers from the Future Crime Research Foundation (FCRF) and powered by Algoritha Security Pvt. Ltd. These summaries feature the most critical cyber crime developments from around the world. Keep reading—and stay safe.
1. Over 500 Cheated in Puducherry as Police Warn of Fake Investment App Scam
Cyber police in Puducherry uncovered a major scam where over 500 people were duped through a fake investment app promising high returns. Victims lost lakhs after being persuaded to deposit funds. Authorities have urged citizens to verify apps before investing and warned of growing frauds exploiting online financial platforms.
2. Noida Woman Duped of ₹43.7 Lakh After Cybercriminals Link Her to ‘Pahalgam Attack’
Cyber fraudsters conned a Noida woman of ₹43.7 lakh by falsely implicating her in the recent Pahalgam terror attack. Using fear and intimidation, the scammers coerced her into transferring money. Police said such tactics exploit panic to extort funds and urged victims to contact authorities instead of succumbing to threats.
3. Man Arrested for Defrauding Student Through Fake Job Scam
A man has been arrested for running a fake job racket targeting students seeking employment. He collected money by promising lucrative positions in reputed firms but failed to deliver. Police recovered forged documents and digital evidence. Authorities cautioned job seekers against unverified offers and advised using official company portals.
Final Call: Be DPDP Act Ready with FCRF’s Certified Data Protection Officer Program
4. 60-Year-Old Loses ₹43 Lakh in Fraudulent IPO Scam
A 60-year-old man was duped of ₹43 lakh in an IPO scam after cybercriminals promised him guaranteed allotments in a high-demand issue. The fraudsters provided fake application links and manipulated communication channels. Police have launched an investigation, stressing the need for strict vigilance while investing in initial public offerings.
5. Patiala Police Bust International Cyber Fraud Racket, Four Accused Held
Patiala Police dismantled an international cyber fraud network, arresting four suspects involved in duping victims across countries through online scams. The gang allegedly laundered proceeds via mule accounts and cryptocurrency. Authorities said the case highlights global cybercrime linkages and vowed further action against cross-border syndicates targeting Indian citizens.
INTERNATIONAL
6. AI Tools Fuel Rise in Cybercrime Among Low-Skilled Criminals
Cyber experts warn that artificial intelligence is lowering entry barriers for criminals, enabling even low-skilled actors to launch phishing, malware, and fraud campaigns. AI-generated texts and deepfakes are being weaponized for scams, making detection harder. Authorities stress urgent need for AI-driven defenses to counter the surge in cyber-enabled crimes.
7. Cloudflare Mitigates Record-Breaking 11.5 Tbps DDoS Attack
Cloudflare successfully blocked a record 11.5 terabits-per-second DDoS attack, the largest ever recorded. The attack targeted multiple organizations using botnet-driven traffic floods. While services were restored without downtime, experts said the incident shows how DDoS campaigns are escalating in scale and sophistication, threatening global internet stability and enterprise resilience.
8. Lazarus Group Unveils New Malware Strains: PondRAT, ThemeForestRAT, RemotePE
North Korea’s Lazarus Group has expanded its malware arsenal with three new tools — PondRAT, ThemeForestRAT, and RemotePE. Security analysts say these strains enable remote access, credential theft, and persistence. The development highlights Lazarus’s evolving tactics in targeting financial institutions, critical infrastructure, and defense contractors through advanced persistent threat operations.
Final Call: Be DPDP Act Ready with FCRF’s Certified Data Protection Officer Program
9. Salesloft Disables Drift After OAuth Token Theft Impacts Hundreds of Firms
A widespread OAuth token theft attack forced Salesloft to disable its Drift integration after hundreds of organizations were compromised. Attackers exploited stolen tokens to access corporate data. Security teams are working on containment, while experts warn this highlights vulnerabilities in SaaS integrations and the urgent need for tighter API security.
10. Ukrainian Group FDN3 Launches Large-Scale Brute-Force Attacks on SSL VPNs and RDP Systems
Ukrainian threat actor FDN3 has launched massive brute-force campaigns targeting SSL VPNs and RDP endpoints globally. The attacks attempt to break into corporate networks using stolen or weak credentials. Security agencies caution firms to enable multi-factor authentication, enforce strong password policies, and monitor login anomalies to mitigate the growing threat.