ADT breach exposes 5.5 million records

US based home security giant ADT is facing renewed scrutiny after reports that the ShinyHunters extortion group stole the personal information of 5.5 million individuals. The figure was highlighted by data breach notification service Have I Been Pwned following analysis of the stolen dataset.

ADT said it detected suspicious activity on 20 April and launched an investigation. According to the company, exposed data included names, phone numbers and addresses, with a smaller number of records also containing dates of birth and the last four digits of Social Security numbers or Tax IDs. ADT stressed that no payment data was accessed and customer security systems were not impacted.

The attackers reportedly gained entry through a voice phishing campaign that compromised an employee Okta single sign-on account before moving into connected systems.

The incident highlights the growing risk posed by identity-focused attacks targeting SaaS environments. Stronger authentication controls, staff awareness training and continuous monitoring remain critical to defending against modern extortion groups.

New Interpol report shows cybercrime surging across Africa

Cybercrime now represents a growing share of overall crime across Africa, according to INTERPOL’s latest Africa Cyberthreat Assessment Report. Two-thirds of surveyed member countries said cyber-related offences make up a medium-to-high proportion of all crime, rising to more than 30% in Western and Eastern Africa.

Online scams remain the most common threat, with phishing attacks widespread across the continent. Ransomware, business email compromise and digital sextortion were also heavily reported, highlighting how financially motivated crime continues to evolve.

The report found major capability gaps remain. Ninety percent of countries said law enforcement or prosecution capacity requires significant improvement, while many also cited shortages in training, specialist tools and cyber investigation infrastructure.

Despite these challenges, progress is being made. Several nations have strengthened legal frameworks, expanded digital forensics capabilities and invested in dedicated cybercrime units. INTERPOL-led operations have also resulted in more than 1,000 arrests and the disruption of large-scale criminal networks.

The findings underline that cybersecurity resilience depends not only on technology, but also on skills, legislation, international cooperation and public-private collaboration.

Critical Linux zero-day Copy Fail enables root access

A newly disclosed Linux kernel zero-day vulnerability, tracked as CVE-2026-31431 and nicknamed “Copy Fail”, has raised urgent concerns across the cybersecurity community. The flaw affects Linux distributions using kernel versions released since 2017 and could allow an unprivileged local user to gain full root access.

Researchers said the vulnerability can be exploited using a lightweight Python script with no need for race conditions, custom payloads or complex kernel offsets, making exploitation significantly easier than many past privilege escalation flaws.

The issue reportedly impacts several major enterprise and cloud platforms, including Ubuntu, Amazon Linux, RHEL and SUSE. Security researchers also warned that the flaw could be used as a container escape technique in Kubernetes environments, potentially allowing compromise of shared host systems.

An official patch has now been released, with administrators urged to prioritise updates through their normal distribution channels. Temporary mitigations, including disabling the affected kernel module, have also been recommended.

The incident is a reminder that foundational infrastructure remains a prime target, and rapid patch management is essential to reduce exposure when critical vulnerabilities emerge.

EU regulator warns on AI-driven cyber risks

Europe’s top securities regulator has warned that cyberattacks are becoming faster and more dangerous as artificial intelligence accelerates the threat landscape. Verena Ross, chair of the European Securities and Markets Authority (ESMA), said regulators are closely assessing how advanced AI models could increase the speed and scale of attacks against financial institutions.

The warning follows growing industry concern over new AI systems reportedly capable of identifying and exploiting previously unknown vulnerabilities. Financial supervisors across Europe are now reviewing whether firms have the resilience, controls and oversight needed to manage these evolving risks.

Ross also stressed that regulators must strengthen their own expertise to effectively supervise both financial entities and the critical third-party technology providers they rely on. Operational resilience and supply chain risk remain key priorities as the sector becomes more dependent on external digital services.

The comments highlight how cybersecurity is now deeply connected to financial stability, market confidence and regulatory compliance. For organisations in highly regulated sectors, this means cyber defence can no longer be viewed solely as an IT issue, but as a core business and governance priority.

Social media scams drive $2.1bn in losses in the USA

The U.S. Federal Trade Commission has warned that losses linked to social media scams surged to more than $2.1 billion in 2025, marking an eightfold increase since 2020. Nearly 30% of people who reported losing money to scams said the fraud began on a social media platform.

Facebook was the most commonly reported source of scam-related losses, ahead of WhatsApp and Instagram. According to the FTC, people lost more money to Facebook scams alone than to scams originating through text messages or email combined.

Fraudsters are increasingly exploiting the scale and targeting tools available on social media, using fake profiles, hacked accounts, deceptive adverts and direct messages to reach victims quickly and at low cost. Common tactics include fake investments, romance fraud, shopping scams and impersonation attempts.

In response, Meta says it has introduced new scam detection tools across Facebook, Messenger and WhatsApp, while removing millions of fraudulent accounts and adverts.

The figures are a clear reminder that cybersecurity risks extend beyond the workplace. Strong privacy settings, scepticism toward unsolicited messages and independent checks before making payments or investments remain essential defences.

If you are worried about any of the threats outlined in this bulletin or need help in determining what steps you should take to protect yourself from the most material threats facing your organisation, please contact your account manager, or alternatively Get in touch to find out how you can protect your organisation. 

The Threat Intel Roundup was prepared by Integrity360 summarising threat news as we observe it, current at the date of publishing. It should not be considered to be legal, consulting or any other professional advice. Any recommendations should be considered in the context of your own organisation. Integrity360 does not take any political stance in the information that we share. Moreover, the opinions expressed may not necessarily be the views of Integrity360.