Chinese Hacking Group ‘Salt Typhoon’ Breaches U.S. House Committee Emails A Chinese-linked hacking group, nicknamed Salt Typhoon, has reportedly compromised email systems used by staff members of several U.S. House of Representatives committees, including the House China Committee and panels overseeing foreign affairs, intelligence, and the armed services. The breach, detected in December, targeted committee aides, though it remains unclear whether lawmakers’ emails were accessed. The cyberattack is part of ongoing allegations of espionage linked to Chinese intelligence, which has previously been accused of intercepting communications involving U.S. politicians and officials. In response, Beijing has denied involvement, while U.S. authorities have imposed sanctions on individuals and companies allegedly connected to Salt Typhoon’s operations. The Federal Bureau of Investigation has declined to comment, and the White House and the targeted committees have yet to issue official statements. Cybersecurity experts note that U.S. lawmakers and staffers have frequently been targeted for espionage, with prior incidents reported in the Senate and among senior officials. Salt Typhoon’s alleged operations highlight persistent vulnerabilities in U.S. government digital communications and underscore the ongoing geopolitical tensions between the United States and China.

FBI, Nigeria Police Arrest Lagos-Based Suspect Over Global Microsoft 365 Phishing Attack Targeting Corporations, Banks, Schools The Nigeria Police Force, in collaboration with the United States Federal Bureau of Investigation (FBI), has arrested Lagos-based suspect Okitipi Samuel over a large-scale cyberattack that targeted Microsoft 365 users across multiple countries. Police said the operation involved a phishing toolkit known as Raccoon0365, used to create fake Microsoft login portals that harvested user credentials and enabled unauthorised access to corporate, financial, and educational email accounts. Digital forensic analysis and cryptocurrency tracing linked Samuel to the scheme, while two other arrested individuals were cleared as victims of identity theft. Authorities say Samuel will be charged under Nigeria’s Cybercrimes Act as investigations continue.

Which of the following is the best way to protect your PC or phone from AI-powered cyberattacks?

NITDA Alerts Nigerians To eSIM Security Flaw Exploited Globally The National Information Technology Development Agency (NITDA) has warned of a critical vulnerability in embedded SIM (eSIM) technology that could allow attackers to hijack devices, intercept communications, and clone eSIM profiles. The flaw, linked to outdated GSMA TS 48 test profiles, affects over 2 billion smartphones, tablets, wearables, and IoT devices worldwide. NITDA urged device makers and service providers to apply Kigen OS patches via OTA updates, adopt the updated GSMA TS 48 version 7.0 standard, and remove legacy profiles to block exploitation. The agency stressed that swift action is essential to avert large-scale cyberattacks and protect user data. #CyberSecurity #NITDA #eSIM #NigeriaTech

FIJ Website Hit By Cyberattacks After Exposing Illegal NIN Data Sales, Attack Linked To NIMC The Foundation for Investigative Journalism (FIJ) has come under coordinated cyberattacks days after publishing investigations that exposed the illegal sale of Nigerians’ National Identification Number (NIN) data. According to FIJ, its website suffered a Distributed Denial of Service (DDoS) attack on Thursday, briefly knocking it offline. Technical analysis revealed a single IP address launched over 50,000 requests in one hour, with traces linked to the National Identity Management Commission (NIMC) headquarters in Abuja. The attack came after a series of FIJ investigations uncovered multiple platforms—NINPrint, NINCard, nimcverify.ng, and IloTech—illegally selling Nigerians’ personal data for as low as ₦150 per record. In some cases, FIJ was able to buy the records of prominent Nigerians, including Aviation Minister Festus Keyamo and Senator Orji Uzor Kalu. Despite NIMC’s mandate to safeguard national identity data, FIJ reported that the agency failed to act against these companies for months, even when aware of their activities. Following FIJ’s publications, however, the illegal websites were shut down within days. FIJ said the DDoS attack highlights an attempt to silence investigative journalism and shield entrenched interests. #CyberAttack #DataPrivacy #Nigeria #FIJInvestigates

EFCC Reveals Sophisticated Cyberattacks On Six Nigerian Banks, Recovers Over N20Billion