This Week in Cyber: Interpol Takes Down 574 Cybercriminals

By Your Friendly Tech Journalist | December 2025

If you thought your password was safe because it had an exclamation point, boy do we have news for you this week. Interpol just pulled off a massive sting operation that netted 574 cybercriminals in Africa. Yes, you read that right—574! It’s like catching the entire cast of a cybercrime version of “Survivor.”

The Week in Review

As we sip our coffee and look back at the week, one theme stands out: cybercrime is not just a trend; it's a tidal wave. From North Korea's audacious cryptocurrency heists to the alarming number of malicious Chrome extensions stealing user data, it seems the bad actors are getting bolder by the day. Meanwhile, organizations are stepping up their game, with the U.S. Justice Department seizing a domain linked to a $14.6 million bank account takeover scam. It’s a bit like a game of whack-a-mole, where the moles just keep multiplying.

In the midst of all this chaos, major tech players like Cisco are battling sophisticated attack campaigns aimed at trusted tools like VPNs and email services. The message is clear: if you think your organization is safe because you have a reputable provider, think again. Cybercriminals are probing everywhere, and if you’re not on your toes, you might just end up as the next headline.

The Big Stories

  • Interpol Busts 574 Cybercriminals in Massive African Sting: Interpol coordinated a huge law enforcement sweep across 19 African countries, arresting 574 suspects involved in email scams, digital extortion, and ransomware. They also recovered $3 million, hitting organized cybercrime networks hard. Read more.

  • WatchGuard Firewall Vulnerability Under Real-World Attack, Fixes Released: A critical security flaw in WatchGuard Fireware OS is actively being exploited by hackers. Patches are now available, and users are urged to update immediately. Read more.

  • Two Chrome Extensions Secretly Stealing Login Details Across 170+ Websites: Malicious Chrome extensions disguised as network speed tools have been caught intercepting user credentials from over 170 websites. If your team uses Chrome extensions without oversight, these sneaky tools could be quietly stealing login info. Read more.

  • North Korean Hackers Steal Over $2 Billion in Crypto in 2025: North Korea-linked cybercriminals escalated their cryptocurrency thefts to a record $2.02 billion this year, exploiting lax security worldwide. If you deal in crypto, your security needs to get serious, fast. Read more.

  • U.S. Justice Department Seizes Domain in $14.6 Million Bank Account Takeover Scam: The DoJ took down a website that served as the control center for a cybercriminal operation that hijacked bank accounts and stole millions. This takedown highlights the need for increased vigilance against fraud attempts. Read more.

Quick Hits by Category

Security Watch

  • Amazon Fends Off 1,800 State-Sponsored IT Job Scammers: Amazon thwarted thousands of job scams connected to North Korean operatives trying to exploit IT hiring processes. Read more.

  • Cisco VPNs and Email Services Under Multiple Cyber Attack Campaigns: Cisco is facing sophisticated attacks against its VPNs and email systems, showcasing cybercriminals probing trusted enterprise tools. Read more.

  • Critical Flaw in HPE OneView Software Lets Hackers Run Any Code Unchecked: A high-severity bug in HPE’s management software could allow attackers to take over IT infrastructure remotely if left unpatched. Read more.

Privacy Pulse

  • China-Aligned Hackers Using Windows Tools to Spy on Southeast Asian Governments: The LongNosedGoblin group is using Windows Group Policy features to spread espionage malware in governments across Southeast Asia and Japan. Read more.

  • Kimwolf Botnet Controls 1.8 Million Android TVs for Massive DDoS Attacks: A botnet made up of infected Android smart devices is actively launching disruptive internet attacks. Read more.

Compliance Corner

  • GRC International’s Growth Moves: Partnership and Rebranding: GRC International is teaming up with Bloom Equity to boost growth and has rebranded IT Governance Ltd as GRC Solutions. Read more.

  • What’s the Situationship Between TPRM and AI in 2026?: A webinar exploring how third-party risk management (TPRM) and AI will interact in the upcoming year. Read more.

The Bottom Line

This week, we learned that cybercriminals are relentless. Whether it's stealing credentials or hijacking bank accounts, the threats are real. If you do one thing this week, tighten your organization's security protocols and keep your software updated. Remember, a stitch in time saves nine—and in cyber terms, it can save you millions!

Blog, SecurityLawton Brownsecurity, it compliance, it security