A Tennessee man has pleaded guilty to hacking the US Supreme Court’s electronic filing system more than two dozen times and illegally accessing sensitive records from other federal platforms.

Nicholas Moore, 24, admitted to using stolen login credentials to gain unauthorized access to the Supreme Court’s restricted filing system between August 29 and October 22, 2023. Prosecutors said Moore accessed the system on more than 25 days, sometimes multiple times in a single day, and viewed personal information belonging to an authorized user.

Court documents say Moore posted screenshots of the stolen information on Instagram under the handle “@ihackedthegovernment,” publicly identifying his victims and their details.

Moore also confessed to hacking AmeriCorps servers using stolen credentials, obtaining a second victim’s personal information between August and October 2023, and later posting it online. In addition, he accessed a US Marine Corps veteran’s account on the Department of Veterans Affairs’ My HealtheVet platform, exposing private health information, including prescribed medications.

Moore pleaded guilty to one misdemeanor count of computer fraud, which carries a maximum sentence of one year in prison. His sentencing is scheduled for April 17, 2026.

Initial access broker pleads guilty for selling access to more than 50 organizations

A 40-year-old Jordanian national pleaded guilty to operating as an initial access broker, selling unauthorized access to dozens of corporate networks he compromised in 2023.

Feras Khalil Ahmad Albashiti, aka Feras Bashiti, who was living in the Republic of Georgia at the time, admitted to selling access to at least 50 victim company networks after exploiting vulnerabilities in two commercial firewall products. According to the authorities, Albashiti advertised his services on a cybercrime forum, where he was known as “r1z.”

In May 2023, Albashiti sold access to networks of dozens of companies to an undercover FBI agent, who continued communicating with the defendant for five months. Unaware he was being monitored, Albashiti demonstrated the malware on an FBI-controlled server. He also sold tools designed for privilege escalation and a modified commercial penetration-testing software.

Albashiti is accused of selling malware designed to disable endpoint detection and response (EDR) products. The authorities have also linked him to a ransomware attack against an American manufacturing company that caused at least $50 million in losses, as well as intrusions into government systems in a US territory. Albashiti was arrested in July 2024 and has remained in custody. He faces up to 10 years in prison and a $250,000 fine. His sentencing is scheduled for May.

Ukrainian and German police target suspected Black Basta ransomware affiliates

Ukrainian and German law enforcement authorities have identified two Ukrainian nationals suspected of working for the Russia-linked Black Basta ransomware group and have placed the group’s alleged leader on an international wanted list.

Active since at least early 2022, Black Basta is believed to have extorted hundreds of companies, hospitals, and public institutions worldwide, including Swiss industrial firm ABB and US healthcare provider Ascension. Authorities estimate the group has caused hundreds of millions of dollars in damages.

The two suspects, who allegedly operated from western Ukraine, are accused of breaching protected systems and aiding ransomware attacks by stealing login credentials from compromised networks. Police described them as “hash crackers,” responsible for recovering passwords from stolen data using specialized software. The stolen credentials were used to gain unauthorized access to corporate systems, escalate network privileges, steal sensitive data, and deploy ransomware to encrypt systems and extort cryptocurrency payments.

During searches in Ukraine’s Ivano-Frankivsk and Lviv regions, authorities seized digital storage devices and cryptocurrency assets. Ukrainian prosecutors said analysis of the seized material is ongoing.

In parallel, Germany’s Federal Criminal Police Office (BKA) identified the suspected leader of Black Basta as Oleg Nefedov, a 36-year-old Russian national. He is wanted on suspicion of forming a criminal organization abroad, large-scale extortion, and related cyber offenses and has been placed on an international wanted list through Interpol.

As the group’s alleged ringleader, Nefedov (aka ‘tramp’, ‘tr’, ‘gg’, ‘AA’, ‘kurva’, ‘Washigt0n’, and ‘S.Jimmi’) is suspected of selecting targets, recruiting members, assigning tasks, negotiating ransom payments, and distributing extortion proceeds, typically demanded in cryptocurrency. Authorities say he may have ties to the now-defunct Conti ransomware group. German police believe Nefedov is currently in Russia, though his exact whereabouts remain unknown.

Ghana arrests nine Nigerians in a cybercrime crackdown

Ghana’s law enforcement has arrested nine Nigerians suspected of coordinating a range of cybercrime activities from makeshift offices in and around the country’s capital, Accra. The arrests followed a two-day, intelligence-led operation that also led to the detention of 44 other Nigerians believed to be victims trafficked to Ghana under false pretenses and later forced into cybercrime.

During the raids, 62 laptops, 52 mobile phones, and two pump-action guns were seized. The authorities said that there’s a growing trend of foreigners being lured to Ghana with promises of lucrative jobs, only to be confined in gated compounds, have their documents taken away, and be forced to engage in online fraud, including romance scams and business email compromise schemes.

The operation was jointly coordinated by several agencies, including the Cyber Security Authority (CSA). Communications Minister Sam George said all arrested people had been profiled and handed over to the Ghana Immigration Service for further investigations, warning foreign nationals to verify claims made to lure them to Ghana. He added that suspects from previous operations have either been handed over to Nigerian authorities or are facing prosecution.

Late last year, police in Ghana and Nigeria dismantled a major scam impersonating fast-food brands that defrauded more than 200 victims of over $400,000 as part of an Interpol-led operation against cybercrime in Africa.

Get a Demo

ImmuniWeb can help you to prevent data breaches and meet regulatory requirements.

Japanese police arrest a man over AI-generated deepfake images of celebrities

Tokyo police have arrested a 31-year-old unemployed man on suspicion of creating and selling deepfake sexual images of female celebrities using generative artificial intelligence, authorities said.

According to police, the suspect, identified as Tatsuro Chiba of Sapporo, allegedly posted at least 14 deepfake images online between December 2024 and May 2025, making them accessible to an unspecified number of users. Investigators believe Chiba began producing the images around the summer of 2023.

Police said Chiba collected images of approximately 300 celebrities, including female idol singers, and generated more than 520,000 deepfake images. He is suspected of earning around 11 million yen (~EUR 59 000) by posting the images on a members-only website, where users paid to view them. For higher fees, he also allegedly created images based on individual requests.

Authorities say the damage caused by easily accessible generative AI tools is spreading across Japan, with not only celebrities but also ordinary people being targeted. In one confirmed case, a male office worker created a pornographic video of a female colleague using an image saved from an online meeting and shared it with coworkers. In another, a junior high school student allegedly produced pornographic images of female classmates using photos from a school event album.