In recent years, North Korea has deployed thousands of so-called IT workers to infiltrate Western businesses, get paid salaries, and send money back to support the regime. As the schemes have become more successful, they have grown increasingly elaborate and employed new tactics to evade detection.

But this week, the United States Justice Department revealed one of its biggest operations to tackle IT workers to date. The DOJ says it has identified six Americans who allegedly helped enable the schemes and has arrested one of them. Law enforcement officials searched 29 “laptop farms” in 16 states and seized more than 200 computers, as well as web domains and financial accounts.

Meanwhile, a group of young cybercriminals has been causing chaos around the world, leaving grocery stores empty and temporarily grounding some flights in the wake of their crippling cyberattacks. After a quiet period in 2024, the Scattered Spider hackers have returned this year and are ruthlessly targeting retailers, insurers, and airlines.

Also this week, we’ve detailed how LGBTIQ+ organizations in El Salvador are helping activists chronicle attacks against their community and better protect themselves against state surveillance.

And there’s more. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.

Android May Soon Warn You About Fake Cell Towers

Cell-site simulators, often known as stingrays or IMSI catcher...