We’ve gathered the most important cybersecurity news from the past week.

  • Four fraudulent call centers were dismantled in Dnipro.
  • Experts deemed AI-generated passwords unsafe.
  • French football club Olympique Marseille was targeted in a cyberattack.
  • A Ukrainian faces 15 years in prison for selling fake documents.

Four Fraudulent Call Centers Dismantled in Dnipro

Ukrainian law enforcement, along with Baltic states, dismantled a large fraud scheme in Dnipro. This was reported by the press center of the SBU.

During the operation, the organizer and ten accomplices were arrested. Over the past year, they defrauded EU citizens of at least $1.2 million. The suspects face up to 12 years in prison with asset confiscation.

To execute their scheme, the fraudsters opened four call centers in Dnipro, where operators convinced foreigners to invest in "promising" crypto projects. They used a website that fully mimicked an exchange, showing victims fake profit growth charts.

According to law enforcement, to lull investors' suspicions, they initially paid out small real dividends. After that, victims transferred larger sums to the fraudsters' crypto wallets.

Once the investment amount reached a certain threshold, the fraudsters blocked the victims' contacts and disappeared.

Experts Deem AI-Generated Passwords Unsafe

Passwords generated by large language models (LLMs) can be cracked in just a few hours, according to an experiment conducted by Irregular specialists.

The three tested models—Claude, ChatGPT, and Gemini—create passwords based on predictable patterns that hackers can exploit.

Researchers asked each LLM to generate a 16-character password containing uppercase and lowercase letters, numbers, and special characters, repeating the process 50 times. The results were checked against popular password strength analysis services. The generated phrases received high ratings as the systems did not track the patterns of their creation.

According to specialists, out of 50 generated passwords, Claude produced only 30 unique ones. Two were duplicates, and 18 were exact copies. Most had matching first and last characters. Similar results were found for ChatGPT and Gemini.

While testing Google’s image generation model, Nano Banana Pro, researchers tasked it with creating a unique password written on a sticky note. They discovered patterns in Gemini’s output.

Irregular specialists concluded that the combinations generated by LLMs could be cracked in a few hours using simple software on old hardware. They noted that the identified patterns have already infiltrated open repositories, with programmers widely using AI-generated symbols for security in real projects.

Researchers recommended that developers change all passwords created with artificial intelligence and use specialized solutions and password managers for this purpose.

Olympique Marseille Targeted in Cyberattack

On February 24, the management of French football club Olympique Marseille confirmed a cyberattack following a hacker's claim of a breach earlier in the month.

According to BleepingComputer, the hacker posted a sample of allegedly stolen information on a hacker forum, claiming to have stolen a database containing data on club employees and fans.

The club did not provide details about the incident, but the hacker claimed the stolen database contains information on 400,000 individuals, including:

  • names and email addresses;
  • order information;
  • email addresses;
  • mobile phone numbers.

The hacker also claimed that the data includes information on more than 2,050 accounts in the CMS Drupal content management system, including 34 club employees and 1,770 authors and moderators.

Ukrainian Faces 15 Years for Selling Fake Documents

Ukrainian citizen Yuriy Nazarenko pleaded guilty to creating and managing the OnlyFake website. This was reported by the U.S. Department of Justice.

The platform used AI technologies to generate over 10,000 realistic fake identification documents, including passports, driver's licenses, and Social Security cards from the U.S. and 56 other countries.

According to the investigation, the service allowed clients to customize the fakes in detail, choosing personal data or random generation. The finished documents could appear as digital scans or photographs on a desk. The primary goal of users was to bypass KYC verification procedures at banks and cryptocurrency exchanges for money laundering.

During the investigation in 2024, undercover FBI agents purchased fake passports and ID cards from the site. Nazarenko accepted payment only in cryptocurrency and offered bulk discounts for packages of up to 1,000 documents, attempting to obscure transaction trails through a network of anonymous wallets.

The defendant was extradited from Romania in September 2025. He faces up to 15 years in prison, with a final verdict expected on June 26, 2026.

PayPal Notifies Clients of Data Breach Due to Internal Error

A software bug in PayPal's Working Capital small business loan application led to the exposure of users' confidential information. This was reported by the company’s management.

According to the statement, the breach began on July 1, 2025, but was only discovered on December 12. The stolen data included:

  • names and email addresses;
  • phone numbers and work addresses;
  • Social Security numbers;
  • dates of birth.

The fintech giant stated that it canceled the code change that caused the issue and blocked access to the data the day after the error was discovered. As a result of the incident, PayPal also recorded unauthorized transactions on some clients' accounts and has already compensated them.

The company reminded users that it never asks for passwords or one-time codes via phone, SMS, or email. According to a PayPal representative, the incident affected about 100 clients.

Also on ForkLog:

  • An AI audit revealed a critical bug in the Ethereum client.
  • Binance management denied allegations of transferring $1.7 billion to Iranian entities.
  • ZachXBT accused an Axiom employee of insider trading.
  • The AI agent OpenClaw went rogue and deleted a Meta researcher’s email.
  • Anthropic accused Chinese AI labs of "data theft."
  • Terra representatives blamed Jane Street for the ecosystem collapse.
  • An AI bot from an OpenAI employee accidentally donated "for tetanus treatment."
  • Opinion: simulating transactions can help protect crypto wallets.

What to Read This Weekend?

In a new article, ForkLog explores how the philosophical concept of biopolitics is implemented in blockchain networks, why metaverses need users' biological data, and what risks are associated with trading one's genome.