Coinbase is a organization tracked across 29 threat clusters and 34 intelligence report mentions on ThreatCluster. First observed November 12, 2025; most recent activity July 12, 2026.
The Google Threat Intelligence Group has identified DarkSword, a full-chain iOS exploit affecting versions 18.4 to 18.7. This exploit leverages multiple zero-day vulnerabilities, including CVE-2025-31277 and…
On May 5, 2026, Ripple announced it will share internal threat intelligence regarding North Korean hackers with Crypto ISAC, aimed at enhancing security across the cryptocurrency industry. This initiative follows a…
A coordinated international effort led by Microsoft and Europol has dismantled Tycoon2FA, a significant phishing-as-a-service platform responsible for bypassing multi-factor authentication and enabling large-scale…
In March 2026, Kaspersky identified over twenty phishing applications in the Apple App Store that impersonate popular cryptocurrency wallets. These malicious apps redirect users to fraudulent web pages that mimic the…
A surge of deepfake scams in Simcoe County has led to significant financial losses for residents, with some victims losing over $100,000. The scams involve AI-generated videos of public figures promoting fraudulent…
In May 2026, a critical Android vulnerability (CVE-2026-0073) was disclosed, allowing remote device takeover without user interaction. This flaw, linked to the Android Debug Bridge, affects devices with ADB enabled,…
The newly discovered PCPJack malware framework is actively targeting cloud environments to steal credentials while removing remnants of the TeamPCP cybercrime group. This worm exploits exposed services such as Docker,…
Scattered Spider, a cybercrime entity linked to various high-profile attacks since 2022, has been reclassified as a decentralized collective rather than a unified group. Group-IB's analysis indicates that it consists of…
Aflac Japan disclosed a data breach affecting 4.38 million customers after unauthorized access to its systems between June 15 and June 25, 2026. The breach was detected on June 25, prompting the suspension of certain…
On March 19, 2026, security analysts flagged a Coinbase Commerce subdomain that prompts users to enter their mnemonic seed phrases in plain text for asset recovery. Experts, including SlowMist's founder Yu Xian,…