Cronos launches x402 PayTech Hackathon with $42K prize pool to drive AI-powered on-chain payments using agent tech and Crypto.com tools.

Cronos has launched the x402 PayTech Hackathon, a global challenge with $42,000 in prizes aimed at pushing forward the future of AI-integrated blockchain payments. Developers worldwide are invited to build tools and applications using agent-based payment tech, the Crypto.com AI Agent SDK and the latest infrastructure upgrades across the Cronos and Crypto.com ecosystem.

This new initiative lines up with Cronos’ long-term plan to serve as a foundation for institutional tokenisation and AI-driven finance. The network has seen major technical improvements recently, including a tenfold drop in gas fees, a 400% jump in daily transaction volume, and faster block times now clocking in at under one second. These changes position Cronos as a strong platform for building high-performance AI-native applications.

Participants will be encouraged to experiment with automated transaction flows, smart wallet behaviour powered by AI, real-world asset integrations and developer tools that support agentic logic. With full access to the Cronos and Crypto.com infrastructure, developers can create solutions that bridge traditional finance and decentralised protocols, potentially reaching millions of users worldwide.

Registration opens today on DoraHacks, with the build phase set to run from early December through late January.

“This hackathon is a testing ground for what happens when AI agents can not only process data but also move value,” said Mirko Zhao, Head of Cronos Labs. “Thanks to our recent upgrades and new developer frameworks, teams now have the tools they need to bring real AI-native applications to life. We’re excited to see what comes out of it.”

Developers who participate will gain access to workshops, live office hours, technical documentation and a growing resource library covering everything from the Cronos EVM to x402’s programmable payments. Top teams may also be selected for further support after the hackathon, including grants, incubation and collaboration within the Cronos ecosystem.

****About Cronos Labs****

Cronos is a blockchain platform backed by Crypto.com and supported by over 500 contributing developers and partners. It serves more than 150 million users and is focused on building DeFi infrastructure that makes tokenised assets more accessible, secure and scalable.

The Cronos ecosystem spans three networks:

*   **Cronos EVM**: An Ethereum-compatible chain built with the Cosmos SDK
*   **Cronos POS**: A Cosmos-based network optimised for payments and NFTs
*   **Cronos zkEVM**: A high-speed Ethereum Layer 2 secured by zero-knowledge proofs.

With more than $6 billion in user assets and over 100 million transactions processed, Cronos ranks among the top 15 blockchain ecosystems. Transaction fees on the network are paid using $CRO, its native token.

Cronos Labs, the accelerator arm of the project, focuses on supporting early-stage projects in DeFi, GameFi and AI development.

Learn more at cronos.org or follow @cronos\_chain on X.

Cronos Kicks Off $42K Global Hackathon Focused on AI-Powered On-Chain Payments

OpenAI confirmed a third-party data breach via Mixpanel, exposing limited API user metadata like names, emails and browser…

OpenAI confirmed a third-party data breach via Mixpanel, exposing limited API user metadata like names, emails and browser info. OpenAI systems were not breached, and no passwords, API keys, chats or payment data were exposed.

OpenAI has confirmed a data breach involving **Mixpanel**, a third-party analytics tool it used to monitor API dashboard activity. This wasn’t a direct attack on OpenAI’s systems but a compromise of Mixpanel, where an attacker accessed and exported data linked to API users.

To be specific, this wasn’t about passwords, payment info or anything that gives direct access. What got taken was account metadata, the kind of stuff analytics tools collect by default, including:

*   Name
*   Email address
*   Referring website
*   City, state or country
*   Internal user or org ID
*   Browser and operating system

OpenAI **responded** by immediately removing Mixpanel from its production systems and launched a review to identify what was affected. It has since notified all impacted users. The company is also conducting a broader audit of its external vendors and has advised users to turn on multi-factor authentication and be cautious with unsolicited messages or phishing attempts.

It’s worth clarifying that regular ChatGPT users weren’t affected. The exposure was limited to those who interacted with OpenAI through its **API platform**.

Mixpanel **confirmed** that it had detected suspicious access on one of its service environments and that the attacker had exported data belonging to multiple customers, including OpenAI. The company says it has since resolved the vulnerability and engaged external security experts to investigate.

This kind of third-party breach is **far from rare**. Many companies rely on analytics providers, payment processors, and support platforms, each of which brings a certain level of risk. While no system is bulletproof, what matters is how companies react once something breaks. In this case, OpenAI took its vendor offline, dug through the damage, and notified those affected without delay.

**Ben Schilz**, CEO of Wire, weighed in on the incident with a broader perspective, stating that the real issue isn’t just the breach itself, but the growing reliance on third-party tools that companies don’t fully control. He pointed to the need for “digital sovereignty,” stressing that organisations need to stay in charge of their own data and security rather than handing over that control to external vendors.

The good news is that ChatGPT user data wasn’t affected, and OpenAI has already cut off the third-party vendor involved. The downside is that some data was stolen, and there’s a real chance it could be leaked or used in phishing attempts targeting those same users.

Therefore, be cautious with any emails claiming to be from OpenAI or Mixpanel, especially ones asking you to reset passwords or review security settings. It’s also a good time to enable two-factor authentication on both your OpenAI account and the email linked to it.

OpenAI API User Data Exposed in Mixpanel Breach, ChatGPT Unaffected

Reliability engineer on why resilience must be designed, not patched, and how decades of global experience taught her to turn outages into insights.

When the massive AWS outage in October brought down global services including Signal, Snapchat, ChatGPT, Zoom, Lyft, Slack, Reddit, McDonald’s, United Airlines, and even Duolingo, it exposed the fragility of cloud-first operations that, in today’s cloud-first world, anything can fail. As companies distribute their operations across global cloud platforms, the question is no longer “whether systems will fail”, but “how quickly they can recover and how intelligently they’re built to do so.”

Elena Lazar is among the engineers who have gained a solid understanding of this reality, a senior software engineer with over twenty years of experience designing resilient architectures, automating CI/CD pipelines, and improving observability across France, Poland, and the United States. As a member of the Institute of Electrical and Electronics Engineers and the American Association for the Advancement of Science, Elena bridges the worlds of applied engineering and scientific inquiry.

Elena told HackRead what it means to engineer for failure in the era of distributed systems: why resilience matters more than perfection, how AI-assisted log analysis is reshaping incident response, and why transparency often beats hierarchy when teams face complex system breakdowns. She also spoke about the global cultural shift redefining reliability engineering, moving from reactive firefighting to a model where recovery is built in from the start.

Elena Lazar

****Q.**** According to the New Relic observability forecast, the median cost of a high-impact IT outage has reached $2 million per hour, and that number keeps rising. From your perspective, why is recovery becoming so costly, and what can companies realistically do to minimise those losses?

****A.**** The main reason outages are getting more expensive is that digital infrastructure has become deeply interconnected and globally critical. Every system now relies on dozens of others, so when one major provider like AWS or Azure goes down, the impact cascades instantly across industries.

Recovery costs are rising not only because of direct downtime, but also because of lost transactions and brand damage that happen within minutes of an outage. The more global and automated a company becomes, the harder it is to maintain localised fallback mechanisms.

The only realistic way to reduce these losses is to design for controlled failure: build redundant architectures, simulate outages regularly, and automate root-cause detection so that recovery time is measured in seconds, not hours.

****Q.**** Elena, you’ve worked for over two decades in software engineering, from a freelance developer to your current role in large-scale projects in the broadcasting and content distribution domain. How has your understanding of reliability in distributed systems evolved through these different stages of your career?

**A.** Twenty years ago, truly large-scale distributed systems were relatively rare and mostly found in big corporations, simply because building anything reliable required maintaining your own physical infrastructure; even if it was hosted in data centres, it still had to be owned and operated by the company. Back then, a single enterprise server running both a CRM and a website could be considered “large-scale infrastructure,” and reliability largely meant keeping the hardware alive and manually checking applications.

The last 15 years changed everything. Cloud computing and virtualisation introduced elasticity and automation that made redundancy affordable. Reliability became not just a reactive goal but a design feature: scaling on demand, automated failovers, and monitoring pipelines that self-correct. If we once wrote monitoring scripts from scratch, now we have dashboards, container orchestration, and time-series databases all available out of the box. Today, reliability is not a toolset; it’s part of system architecture, woven into scalability, availability, and cost efficiency.

****Q.**** Can you share a specific case where you intentionally designed a system to tolerate component failures? What trade-offs did you face, and how did you resolve them?

****A.**** In my current work, I design CI and CD pipelines that can withstand failures of dependent services. The pipeline analyses each error: sometimes it retries, sometimes it fails fast and alerts the developer.

In past projects, I applied the principle of graceful degradation: letting part of a web or mobile application go offline temporarily without breaking the whole user experience. It improves stability but increases code complexity and operational costs. Resilience always comes with that trade-off: more logic, more monitoring, more infrastructure overhead, but it’s worth it when the system stays up while others go down.

****Q.**** In your work on CI/CD pipelines and infrastructure automation, you’ve made pipelines resilient to failures in dependent services. Which tools or practices have proven most effective?

****A.**** For years, we used scripts to analyse logs programmatically. Extending them for new scenarios took longer than manual debugging. Recently, we began experimenting with large language models (LLMs) for this.

Now, when a pipeline fails, part of its logs is fed to a model trained to suggest probable root causes. The LLM’s output goes straight to a developer via Slack or email. It often catches simple issues, wrong dependency versions, failed tests, outdated APIs and saves hours of support time.

I’m still pushing for deeper LLM integration. Ironically, I sometimes run a lightweight AI model in Docker on my laptop just to speed up log analysis. That’s where we are still bridging automation gaps with creativity.

****Q.**** Having worked on projects in banking, broadcasting, and e-commerce, which architectural patterns have proven most effective in improving system reliability?

****A.**** Replication combined with load balancing is the unsung hero. Enabling health checks in AWS ELB, for instance, practically implements a circuit breaker: it stops routing traffic to unhealthy nodes until they recover. We also rely on database replication; modern DBMSs support asynchronous replication by default.

In one banking project, integrating an external system overloaded a monolithic service. We broke that functionality into a scalable microservice behind a load balancer, which solved the problem but also exposed hidden dependencies. Some internal tools failed simply because they weren’t documented. That experience taught me a universal rule: undocumented infrastructure is a silent reliability killer.

****Q.**** You’ve worked extensively on infrastructure automation and service reliability. How do you decide which signals to monitor without overwhelming teams or inflating costs?

****A.**** Today, adding metrics is easy because most frameworks support them out of the box. There’s a clear shift from log parsing to metrics monitoring because metrics are stable and structured, while logs are constantly changing. Still, detailed logs remain indispensable for understanding «why» behind an outage.

It’s about balance: metrics keep systems healthy; logs explain their psychology.

****Q.**** Many organisations now run hundreds of microservices. What pitfalls do you see when scaling systems this way, especially around failure impact?

****A.**** Resource overhead is the biggest hidden cost that load balancers and cache layers can consume, as much compute power as the core services themselves. The only real mitigation is good architecture.

Failure propagation is a classic example. When services communicate without safeguards like heartbeat calls, circuit breakers, or latency monitoring, one failure can quickly cascade through the entire system. Yet over-engineering the protection adds latency and cost.

Sometimes the simplest solutions work best: return a fallback «data unavailable» response instead of an error, or use smart retry logic. Not every problem requires quite universal but costly event-based, asynchronous architectural solutions such as a Kafka cluster.

The key to managing growth is transparency. Restricting developers to isolated «scopes» without seeing the bigger picture is the worst anti-pattern I’ve seen. Modern Infrastructure-as-Code tools make even massive systems readable, reproducible, and, most importantly, understandable.

****Q.**** Outages can cost companies millions per hour, according to New Relic and Uptime Institute reports. How do you justify long-term investments in reliability when business priorities are often focused on short-term delivery?

****A.**** We live in an era where everyone knows the cost of failure. You don’t have to argue much anymore. Rising failure rates automatically trigger investigations, and the data speaks for itself.

For example, if the error rate in an AOSP platform update service spikes because of old Android clients, we analyse both the service and the distributed OS image. The business case always boils down to: fix reliability or lose users.

Even for internal tools like code repositories, documentation, CI and CD pipelines, the logic is similar. Unreliable infrastructure delays customer-facing features. The challenge isn’t convincing stakeholders, it’s finding the time and people to fix it.

****Q.**** According to your experience, what lessons would you share with engineering leaders building resilient pipelines today?

****A.**** Failures are inevitable, but chaos isn’t. What causes chaos is unclear ownership and poor communication. One simple rule helps immensely: give everyone access to the full codebase. When combined with a clear responsibility map, even if it’s just a well-structured Slack workspace, it empowers teams to collaborate instead of waiting for tickets to escalate. Transparency is the first step toward resilience.

**Q.** You’ve worked with machine learning–driven observability and mentioned your interest in agentic AI for automated remediation. What’s your vision for how AI will transform reliability engineering over the next five years?

**A.** Machine-learning-driven observability is already here, feeding logs into AI models to predict failures before they happen. But the real frontier is automated remediation: systems that self-heal and produce meaningful post-incident reports.

Yes, there is inertia as enterprises fear autonomous changes in production, but economics will win. Startups and dynamic organisations are already experimenting with agentic AI for reliability. Eventually, it will become the standard.

Resilience isn’t just about uptime. It’s a mindset that prioritises transparency, ownership, and systems that expect and recover from failure by design.

(Photo by Umberto on Unsplash)

Elena Lazar: Failures are Inevitable – Reliability is a Choice

AI meeting assistants have become essential tools for professionals who want fast, accurate, and automated transcription. Yet behind…

AI meeting assistants have become essential tools for professionals who want fast, accurate, and automated transcription. Yet behind the convenience lies a concern many users overlook: how safely is their data handled? 

As more companies introduce AI note-takers, the gap between automation and security grows wider. TicNote AI steps into this landscape with a different philosophy, intelligence with responsibility.

****The New Generation of AI Note-Taking****

The surge in AI meeting tools shows how much modern work relies on capturing information quickly. However, most tools focus on transcription alone and leave users questioning what happens to their recordings. 

TicNote approaches this challenge through Agentic Intelligence, a system designed to help users think, organise, and stay in control of their information.

****What Makes TicNote an Agentic OS****

TicNote is not just an AI recorder. It interprets conversations, connects ideas, and structures information in a way that supports decision-making. Designed for creators, professionals, interviewers, researchers, and teams, TicNote transforms meetings and thoughts into usable knowledge.

****Core Features Strengthening TicNote’s Intelligence********Shadow and Projects****

TicNote captures audio, images, and documents in one place and instantly turns them into clean summaries using multimodal AI.

****Deep Research****

Users can ask questions across their recordings and files. TicNote understands intent and retrieves context-rich answers.

****Aha Moments****

The system identifies hidden relationships across stored content, revealing insights users may not notice on their own.

****AI Podcast Mode****

Recordings can be transformed into professional podcast-style audio, with optional voice changes for privacy or creativity.

****AI Voiceprint Recognition****

The device automatically identifies speakers, offering precise and organised transcripts for teams, interviews, and collaborative work.

****Pricing Built for Transparency and Value********Free (Plus)****

600 minutes per month, multilingual transcription, translation, basic templates, and document import.

****Pro****

2100 minutes per year, unlimited cloud storage, Deep Research, Aha Moments, AI Podcast Mode, and advanced templates.

****Business****

6600 minutes per year, eight-hour sessions, speaker recognition, and advanced workflows for teams.

****Why TicNote Matters in Today’s Workflows****

Information overload has become a major challenge for modern professionals. TicNote responds with a system that converts disorganised conversations into structured knowledge. 

Instead of just storing words, it helps users think more clearly, plan effectively, and revisit insights confidently. From remote teams to journalists and podcasters, TicNote offers clarity with secure handling of user data.

****Why Users Are Turning to TicNote AI****

The device stands out for combining intelligence, context awareness, and secure processing. Instead of acting as just another note-taker, it becomes a thinking partner. Users choose TicNote for its ability to transform daily conversations into meaningful insights and organised ideas.

****Messaging Behind TicNote’s Vision********Key Statements****

“TicNote isn’t just an AI recorder – it’s an Agentic OS designed to help every mind work smarter.”

“It doesn’t just record; it thinks with you, turning chaos into clarity.”

“The future of productivity is not more tools, but more intelligence.”

****Black Friday Campaign Details****

TicNote offers its best pricing of the year during its Black Friday launch. The TicNote Official US Store promotion runs from November 12 to December 1, 2025, priced at $99.99 for the United States, CA$139.99 in Canada and EUR 169.99 in Europe, with a special lowest price of EUR 135.99 on November 28 and December 1. 

On the TicNote Amazon US store, the campaign runs from November 20 to December 1 at USD 99.99 (Code **XGDP8422**). Affiliates can request personalised tracking links to earn commissions during the campaign.

****Final Thoughts****

As AI meeting assistants continue to rise, concerns about data security and long-term reliability become more important. TicNote answers these concerns with an Agentic OS that goes beyond basic transcription. With multimodal intelligence, deep research capabilities, and clear data practices, TicNote offers a smarter and safer path for capturing and understanding daily conversations. For professionals seeking meaningful clarity and control, TicNote represents the next evolution of AI-powered productivity.

AI Meeting Assistants Are Rising – But Is Your Data Safe? A Deep Look at TicNote AI

New research from Ontinue exposes a major security flaw in Microsoft Teams B2B Guest Access. Learn how attackers bypass all Defender for Office 365 protections with a single invite.

Microsoft Teams has become the main tool for communication in businesses globally. Due to this, security teams spend a lot of time and money on protection services like Microsoft Defender for Office 365 to guard against dangers like phishing emails, malicious links, and malware.

However, new research from the security firm Ontinue, released on Wednesday, November 26, shows a huge security flaw in the standard setup of Microsoft Teams collaboration with outside partners, known as B2B Guest Access, which lets attackers entirely bypass a company’s Microsoft Defender protections.

****Who Controls Your Security as a Guest?****

The problem isn’t actually a software bug in Teams; it’s about the way security is managed when employees work with external groups. Ontinue’s blog post makes it clear; when your staff accepts an outside invitation and joins another company’s chat, their security is no longer determined by their home organisation. Instead, the research found that security is controlled “entirely by that hosting environment.”

This finding is highly worrying. The moment a user accepts a guest invite, they instantly lose all their home security features, including Safe Links (the system that checks if a link is dangerous before you click it) and Zero-hour Auto Purge (ZAP), which is designed to retroactively delete malicious messages. Attackers are exploiting this. Attackers know this and can create their own basic Teams accounts with security policies completely switched off, basically creating a perfect trap.

Further probing revealed that the attacker needs minimal resources. They can set up a basic Microsoft 365 environment using a low-cost subscription or even a trial. Since these basic accounts lack security packages like Defender, they are unprotected by default, which means the attacker doesn’t need any complex setup to achieve a “protection-free zone.”

Diagram showing the “protection-free zone” attackers create (source: Ontinue)

****The Easy Way In****

The risk has become even simpler because of a feature Microsoft rolled out in November 2025 (MC1182004), which is turned on by default for most users. This setting allows any Teams user to start a chat with any email address, even people not currently using Teams. The victim receives a genuine-looking Microsoft invitation and needs only a single click to enter the malicious, unprotected environment.

This easy invitation method, combined with the fact that most organisations are defaulted to accept guest invites from any company worldwide, means a lot of companies are exposed. Once inside, attackers can easily deliver phishing links and malware to employees without any security warnings appearing. Also, they can exfiltrate information (or steal sensitive data) and conduct large-scale social engineering attacks.

Phishing Email Sample (source: Ontinue)

****Experts Urge Immediate Action****

Ontinue strongly recommends companies move quickly to change their configurations, suggesting they limit guest invitations to only those domains they explicitly trust.

Industry leaders also weighed in on the findings, sharing their perspectives with Hackread.com. They emphasised that this is a serious architectural problem requiring a configuration change, not just a patch.

Shane Barney, Chief Information Security Officer at Keeper Security, noted the deceptive nature of the attack: “The familiar interface can give the impression that security remains consistent, but the safeguards in place are entirely dependent on how the hosting tenant is configured.” He added that organisations must ensure “access is appropriately limited and activity tied to sensitive systems is consistently monitored.”

Julian Brownlow Davies, Senior Vice President, Offensive Security Strategy & Operations at Bugcrowd, clarified the uncomfortable truth for users: “The moment your users cross into someone else’s tenant as guests, your own Defender for Office 365 protections effectively disappear.” He concluded that because attackers abuse collaboration features, “you have to assume that attackers will abuse ‘legitimate’ collaboration features.”

Finally, Agnidipta Sarkar, Chief Evangelist at ColorTokens, stressed the immediate policy response needed: “Until Microsoft addresses this vulnerability, organisations must set up a policy to address this immediately, and disallow all B2B meetings using Teams from anyone not previously known.” He recommends that companies configure technical controls to ensure Teams allows B2B connections to predefined domains.

Microsoft Teams Flaw in Guest Chat Exposes Users to Malware Attacks

Cary, North Carolina, USA, 26th November 2025, CyberNewsWire

**Cary, North Carolina, USA, November 26th, 2025, CyberNewsWire**

**New courses, certifications, and hands-on training strengthen workforce readiness.**

INE, the leading provider of hands-on IT and Cybersecurity training and industry-recognized certification prep, today announced a significant expansion of its learning portfolio, reaffirming its commitment to empowering technology professionals with the skills they need to thrive.

As organizations across the globe accelerate their adoption of cloud, AI, automation, and advanced security technologies, IT teams must remain more adaptable than ever. INE continues to meet this demand by releasing new, high-impact content and refreshing existing learning paths to ensure learners stay aligned with industry standards, master emerging tools, and build real-world, muscle-memory expertise.

**Expanding Content for Today’s Most In-Demand Skills**

Over the last quarter, INE has rolled out a wide range of new courses, hands-on labs, and certification prep resources designed to help professionals cross-skill and upskill within one integrated training platform. New and updated content includes:

*   **AI in Automation Course** — Now part of INE’s Cisco certification prep, enabling learners to integrate AI-driven automation capabilities into modern enterprise infrastructures.
*   **Enterprise Network Design Scenarios** — Advanced modules supporting CCIE Enterprise Infrastructure candidates with realistic scenario-based design and troubleshooting.
*   **Updated INE Security Certifications & Prep** — Enhancements to Certified Incident Responder (CIR) and Certified Threat Hunting Professional (CTHP) programs, ensuring security specialists train on current adversarial tactics and defense strategies.
*   **Expanded Certification Prep for Industry-Leading Vendors** — Including updated pathways for CISSP, CompTIA Security+, and Network+.
*   **New** **Junior Data Scientist (eJDS)** **Learning Path & Certification** — A guided, practical path designed to introduce learners to Python, data analysis, machine learning foundations, and real-world data workflows.

> “Technology doesn’t stand still, and neither should the people who power it,” said Lindsey Rinehart, INE Chief Executive Officer. “Our goal is to give learners one place to grow from novice to expert, with continuously refreshed, hands-on content that reflects what top employers need right now.”

**A Platform Built for Real Skill Development**

INE’s training model emphasizes hands-on learning, scenario-based exercises, and progressive skill-building paths. Learners can practice concepts in real environments, gaining practical experience that transfers directly to on-the-job performance. Through this approach, INE enables individuals and teams to build lasting, applied knowledge rather than rely on passive video training.

**Supporting Professionals on Their Learning Journey**

In an effort to make high-quality technical training accessible to as many professionals as possible, INE is also offering limited-time pricing during the Black Friday period. These offers provide reduced-cost access to INE’s most comprehensive training plans and certifications, supporting learners at every stage of their career development.

Learners can choose from bundles that include annual subscriptions, certification vouchers, and hands-on labs, saving up to $750! For the first time, INE is offering the INE Premium Subscription for 50% off to ensure the most comprehensive training subscription is accessible to learners at every level. 

To learn more about INE’s commitment to accessible, high-impact training—and to explore this year’s limited-time Black Friday opportunities—users can visit https://learn.ine.com/promo/black-friday-2025. 

**About INE**

INE x INE Security is the premier provider of online networking and cybersecurity training and certification. Harnessing a powerful hands-on lab platform, cutting-edge technology, a global video distribution network, and world-class instructors, INE Security is the top training choice for Fortune 500 companies worldwide for cybersecurity training in business and for IT professionals looking to advance their careers. INE Security’s suite of learning paths offers an incomparable depth of expertise across cybersecurity and is committed to delivering advanced technical training while also lowering the barriers worldwide for those looking to enter and excel in an IT career.

**Contact**

**Chief Marketing Officer**  
**Kim Lucht**  
**INE**  
**\[email protected\]**

INE Expands Cross-Skilling Innovations

Samourai Wallet founders Keonne Rodriguez and William Hill were sentenced to 4 and 5 years for laundering $237M via their crypto mixer.

Two co-founders of the privacy-centric Samourai Wallet Cryptocurrency service are now facing time behind bars after admitting to their roles in a massive money laundering operation.

According to the US DoJ’s **press release**, Keonne Rodriguez, 37, the CEO, was sentenced to five years in prison on November 6, 2025, while William Lonergan Hill, 67, the Chief Technology Officer, was sentenced to four years on November 19, 2025. Both received their sentences from US District Judge Denise L. Cote in New York.

The seized website of the Samourai Wallet (Screenshot: Hackread.com)

****What Happened – Concealing Dirty Money****

The pair pleaded guilty in late July to conspiracy charges for running an unlicensed money transmitting business. This means they operated a service that moved money on behalf of others without the required government permission, using it to help users with money laundering (the act of hiding illegally obtained cash).

Authorities argued that the platform, launched in 2015 as a mobile application, was intentionally built to hide illicit Bitcoin transactions. This was achieved through two tools: Whirlpool (launched in 2019), which mixed a user’s Bitcoin with that of other users in groups, and Ricochet (launched in 2017), which added extra steps, called hops, between the person sending the money and the person receiving it, specifically to block law enforcement from tracking the transfers.

****Fraud and Penalties****

Further probing revealed the executives actively promoted the service to criminals. Hill marketed Samourai on the dark web forum Dread, advising users on “cleaning dirty BTC,” and Rodriguez, in a WhatsApp exchange, explicitly described their mixing activity as “money laundering for bitcoin.”

Prosecutors proved the company knowingly handled over $237 million from various criminal activities, including drug trafficking, online fraud, cyberattacks, websites linked to child exploitation, and even schemes involving murder-for-hire and sanctioned countries.

It is worth noting that while $237 million was directly tied to illegal activity, the services processed over 80,000 Bitcoin (worth over $2 billion at the time), which earned Samourai approximately $6 million in fees.

In addition to prison time, both were sentenced to three years of supervised release and ordered to pay $250,000 in fines each. They have already given up over $6.36 million, the money Samourai earned in fees, and are responsible for the remaining balance of the total forfeiture order, which is over $237 million.

US Attorney Nicolas Roos commented that the sentences reflect the harm done to victims by making it nearly impossible for them to recover stolen funds. The arrests and platform’s seizure, **announced in April 2024**, involved extensive teamwork between the Justice Department, the FBI, IRS-Criminal Investigation, Europol, and police in Iceland and Portugal, which helped authorities seize Samourai’s domain and servers at the time of the arrests.

Samourai Wallet Founders Jailed in $237M Crypto Laundering Case

Bitdefender Labs found fake Battlefield 6 pirated copies and trainers spreading aggressive malware, C2 agents, and infostealers, designed to steal player data and crypto-wallets.

A new report from Bitdefender Labs has brought unsettling news for the gaming community, especially those looking for free or hacked versions of popular titles. Cybercriminals are using the hype around the major first-person shooter, Battlefield 6, to trick players into downloading malicious software that can steal their private information and even take over their PCs.

Battlefield 6, developed by DICE and published by Electronic Arts (EA), hit the market in October and was, as we know it, one of the year’s most anticipated releases. Unfortunately, this popularity became a perfect target for attackers who started spreading infected files the moment the game became available.

** **Counterfeit Games and Malicious Cheats****

The researchers found fake pirated versions of the game, installers, and phoney “game trainers” being spread across torrent sites and other easily found domains. For your information, a game trainer is a program (sometimes real) that gives a player an advantage, like unlimited coins or health. However, in this case, the fake ones do the opposite; they steal your data. Also, none of the fake files actually work as a game or a cheat.

Bitdefender Labs’ research, shared with Hackread.com, further revealed that the attackers made their malicious downloads appear legitimate by using the names of real, well-known game cracking groups, like InsaneRamZes and RUNE.

Researchers assessed a pirated version using the RUNE name, which was disguised as a Battlefield 6 ISO image and deployed a dangerous Command-and-Control (C2) agent. This agent allows an attacker to remotely control an infected computer for future exploitation.

One sample, disguised as a trainer, acted as an aggressive infostealer, focused on secretly gathering personal data. Another file, distributed as Battlefield 6.GOG-InsaneRamZes used a completely different strategy that involved stealth and environmental awareness. 

It then checked regional settings and shuts down if it detects Russian or CIS countries (like Armenia, Belarus, etc.). This evasion, common for some groups, helps them avoid legal issues and detection by security programs.

****Data at Risk****

This infostealer specifically targets sensitive data. Researchers noted that this malware aggressively targets “Crypto Wallets and Cookie Sessions from Chrome, Edge, Firefox, Opera,” session tokens from Discord, and crypto-wallet extension data from Chrome add-ons like iWallet and Yoroi. Bitdefender’s analysis also found that hundreds of people (potential victims) were actively downloading the malicious torrent files.

** **How to Stay Safe****

Bitdefender’s advice is clear: always buy and download Battlefield 6 and other games only from official sources like the EA App, Steam, or GOG. They strongly recommend avoiding third-party utilities, torrents, or any unknown programs, warning that: “attackers are exploiting players’ curiosity and impatience for newly launched titles.”

Fake Battlefield 6 Downloads Are Spreading Malware, Stealing Player Data

Artificial intelligence (AI) helps us in doing small and big things that are important in our daily lives.…

Artificial intelligence (AI) helps us in doing small and big things that are important in our daily lives. Many companies also use AI to protect their data from hackers, but it is not clear if we can rely on AI to protect us from online threats. 

Our private information is protected by cybersecurity from those who would try to steal or change it. Earlier, this was mostly done by people manually, but now, smarter protection is needed as the attacks are increasing and they are becoming more advanced. That is why AI is important because it can watch over huge amounts of data and catch unusual behaviour within seconds.

****How AI Helps In Cybersecurity****

AI can look at thousands of activities at once and can immediately raise a warning. AI systems can also learn from past attacks, which makes them so powerful. It also helps companies save a lot of time and money.

These features have led to an increasing number of businesses using AI to protect their systems. For example, when a company’s employee clicks a suspicious link, AI can quickly isolate that computer and stop the virus from spreading, which can prevent the company from huge losses.

****The Problems With AI****

The same technology can also be used by attackers, as cybercriminals are now using AI to make their attacks smarter. For example, they use AI to write fake emails that look realistic. These emails can copy the tone and language of your boss or your bank. It becomes very hard for a normal person to tell the difference. This is why so many people fall for scams these days.

AI can also be tricked. Hackers can feed it the wrong information so that it learns bad habits. This is called data poisoning. Also, AI can make mistakes sometimes. It can mark safe files as dangerous and allow the dangerous files by accident. Also, if hackers understand how an AI system works, they can easily confuse it.

****Can AI Be Trusted?****

Most of the time, it works perfectly, but if something goes wrong, it can become serious. AI just follows patterns. It might not know what to do if something happens that it has never seen before. Assuming that something is dangerous, it can occasionally even block something safe.

Also, AI decisions are not always easy to explain. Sometimes, even the people who create AI can’t explain why it behaves a certain way. Therefore, AI should not be fully trusted. AI can only work perfectly if it works with humans.

****Why AI Security Matters****

AI security means keeping AI itself safe from being attacked or misused.

AI learns from data; therefore, it is important to make sure that the data it uses is correct and protected. The behaviour of the AI can be altered by hackers if they manage to obtain this data. They can damage it or make it ignore actual threats.

AI security also includes checking how the AI makes decisions and testing it regularly. Since AI is becoming a part of everything, protecting it is now just as crucial as using it. AI systems will become a new target for hackers if we don’t protect them.

****What Companies and People Should Do****

The best step is not to depend completely on AI. Regular security audits should be done, and AI systems should be observed continuously. Testing and updating these systems on a regular basis is important.

You should use a strong password and avoid clicking on any unknown links, as they can be dangerous. Companies should also train their employees so that they can understand how to use AI safely.

****Future Of AI****

Artificial intelligence will be crucial to our online safety in the future, as it is fast and smart, but it should be kept in safe hands. We must build systems that are safe. The real challenge is protecting AI while using it. That is why AI security is becoming very important now.

We can trust AI with our cybersecurity if we make sure that it is protected and supervised by human experts. It will become more advanced and will be connected to anything that we use. AI can become one of the strongest tools to keep us digitally safe if we balance it with technology and humans.

(Photo by Rohan on Unsplash)

Can We Trust AI with Our Cybersecurity? The Growing Importance of AI Security

Everest claims large breaches at Iberia and Air Miles España with major data taken from both travel platforms placing millions of users at risk.

Everest ransomware group has published a claim saying it breached Iberia, Spain’s flag-carrier airline and extracted a 596 GB database along with 430 GB of booking-related mail files. The group states that the data covers millions of customers in multiple countries.

As seen by Hackread.com on the group’s dark web leak site, the group claims the stolen data includes full identity information, loyalty details, Avios balances, travel histories, ticket numbers, booking structures, message content and payment records from IberiaPay.

Everest also says it had long-term access with the ability to read and alter bookings. They outline actions such as changing contact details, adjusting emergency contacts, modifying seats, meals, and other add-ons, and viewing or cancelling tickets within fare rules.

The group says it is waiting for Iberia to respond before starting negotiations. They claim to have removed personal data from the samples, but their previous cases show that full files get released if talks fail. A leak would circulate rapidly across criminal sites and would impact passengers in Spain, Latin America and other regions where Iberia holds a strong market share.

Screenshot from the Everest ransomware group’s dark web leak site (Image credit: Hackread.com)

****Air Miles España, S.A Breach Claims****

In another listing, Everest has published another claim targeting Air Miles España, S.A., the operator of Spain’s Travel Club rewards program. This incident was reported on November 25 2025. Travel Club is widely used across Spain through partners such as airlines, fuel companies and retailers, so its exposure affects millions of people.

Everest says it stole about 131 GB of data from Air Miles España and then locked internal systems. This follows the double extortion pattern where the attackers take files, then encrypt systems and demand payment to stop public release. If Air Miles España does not pay, the Everest ransomware group usually leaks everything on its site.

Early indications suggest the stolen Travel Club data could include names, home and email addresses, phone numbers, loyalty account identifiers, point balances, purchase records and broad marketing profiles. This creates a significant phishing and identity theft risk across Spain.

Travel Club stores high-value behavioural information gathered through brands such as Repsol, Eroski and Iberia; therefore, a breach affects both consumers and business partners.

****Everest, An Active Threat****

The Everest group has recently been very active; in November, Hackread.com reported claims that the group stole 343 GB of data from sportswear giant Under Armour (November 17) and targeted Brazilian petroleum giant Petrobras (November 20), claiming to have stolen over 176 GB of seismic navigation data, which included files from a partner firm. Everest also claimed to have stolen 1.5 million Dublin Airport passenger records in October.

If customer information was taken, Air Miles España must notify the Spanish Data Protection Agency and the affected users under GDPR. Failure to act quickly would result in heavy penalties.

This is a developing story. Until an official statement is released, customers should change their passwords immediately and monitor their accounts for unusual activity.

Source

HackRead