The National Police have arrested a high school teacher in Jaén accused of hacking into the Andalusian educational platform Séneca, committing identity theft, and falsifying academic records.

The investigation began after a teacher at IES San Juan Bosco reported unauthorized access to the platform. Authorities uncovered evidence that email accounts of several educators holding senior positions were also compromised.

At least 13 university professors from institutions across Andalusia had their corporate email accounts breached. Among the victims were educators involved in preparing the 2025 university entrance exams (Selectividad or PAU). The suspect arrested in Sevilla allegedly used the access to manipulate academic records, including his own and those of individuals close to him.

During a search of his residence, police seized multiple electronic devices used in the attacks, along with a notebook containing details of the altered grades. The investigation remains open as police continue to analyze the seized data.

Over 1,200 arrested in major African cybercrime crackdown

Law enforcement agencies from 18 African countries have arrested 1,209 individuals involved in online scams, ransomware attacks, and business email compromise (BEC) schemes. The operation, codenamed ‘Operation Serengeti 2.0’, took place between June and August 2025.

Authorities reported that nearly 88,000 victims were targeted, with losses totaling millions of dollars. In total, $97.4 million in stolen assets was recovered, and over 11,400 malicious online infrastructures were dismantled.

In Angola, 25 illegal cryptocurrency mining centers were shut down. Sixty Chinese nationals were arrested for illegally validating blockchain transactions, and equipment worth $37 million was seized.

Zambian authorities uncovered a massive crypto investment scam that defrauded around 65,000 victims out of $300 million. Fifteen suspects were arrested, with bank accounts and domains seized. In a separate operation, officials in Zambia also broke up a human trafficking ring and confiscated 372 fake passports. Meanwhile, police in Côte d'Ivoire dismantled an inheritance scam that originated in Germany. The operation led to the arrest of the main suspect and the recovery of $1.6 million in assets.

In November 2024, Interpol announced the arrest of over 1,000 people in operations that had targeted 35,000 victims as part of the first Operation Serengeti. Besides arrests, authorities dismantled more than 134,000 malicious infrastructures and networks.

Previously, an alleged key member of OPERA1ER, a highly organized cybercrime gang that has stolen at least $11 million in more than 30 attacks across 15 countries in Africa, Asia, and Latin America, was arrested as part of a joint law enforcement effort called “Operation Nervone.” (https://www.immuniweb.com/blog/interpol-nabs-suspected-key-member-of-opera1er-cybercrime-group.html)

Software dev sentenced to 4 years for sabotaging former employer’s network

A Chinese national living legally in the US has been sentenced to four years in prison for writing and installing malicious code that damaged his employer’s computer systems.

Davis Lu, 55, was also given three years of supervised release after being convicted in March of intentionally damaging protected computers.

Lu worked as a software developer for an Ohio-based company from 2007 until 2019. According to court records, after a company restructuring in 2018 reduced his job duties and system access, Lu began secretly sabotaging internal systems.

By August 2019, Lu had planted malicious code that crashed company servers and blocked user logins. The code implemented a “kill switch,” which was designed to lock out all employees if Lu’s account was ever disabled. The switch, triggered when Lu was placed on leave in September 2019, affected thousands of users worldwide.

Lu also deleted encrypted files from his laptop and researched ways to hide his actions online. The attack caused hundreds of thousands of dollars in damage to the company.

South Korea extradites alleged hacker linked to a $275M celebrity data theft

South Korean authorities have extradited a Chinese national accused of masterminding a massive international hacking operation that stole personal and financial data from high-profile victims, including a member of the widely popular K-pop group BTS.

The suspect, a 34-year-old man identified only by his surname, Jeon, was taken into custody after being extradited from Thailand. Jeon is believed to have led a hacking group that breached a South Korean telecommunications company in 2023. Authorities say the group stole personal data of celebrities, corporate executives, and tech entrepreneurs, using the information to access victims’ banking and cryptocurrency accounts.

Seoul police said the operation ran from August 2023 to January 2024. Using stolen identities, the group allegedly opened mobile accounts and funneled stolen assets worth over 38 billion won (approximately $29 million). South Korea’s justice ministry estimates the broader damages at over $275 million.

In an unrelated case, Thai cyber police arrested a 33-year-old South Korean man at Bangkok airport. The suspect is accused of laundering cryptocurrency into gold bars on behalf of international fraud rings. He denied the charges but admitted to studying in China and later working in digital asset conversion.

Get a Demo

ImmuniWeb can help you to prevent data breaches and meet regulatory requirements.

A $40 million tech support scam dismantled in the FBI-CBI crackdown

India’s Central Bureau of Investigation (CBI) and the US Federal Bureau of Investigation (FBI) have dismantled a transnational cybercrime syndicate responsible for defrauding American citizens of nearly $40 million via technical support scams.

According to media reports, three individuals were arrested in connection with the case. Between 2023 and 2025, the suspects allegedly posed as technical-support personnel to gain remote access to victims’ computers and bank accounts. They then convinced victims that their financial data had been compromised and tricked them into transferring funds to cryptocurrency wallets controlled by the scammers.

The CBI carried out raids in Amritsar and Delhi, uncovering a major illegal call center operating in Amritsar, with 34 people arrested during the raid.

Authorities seized multiple electronic devices, digital evidence, and cash. Investigations are ongoing as officials examine the potential international links.