5,811 individuals were arrested and $293 million in illicit assets intercepted as part of a global operation codenamed Operation First Light 2026, INTERPOL reported — a striking, specific snapshot of how social engineering and money‑laundering schemes have become transnational problems affecting “individuals, businesses, and governments.”
INTERPOL’s First Light 2026: scope, seizures, and schemes
The coordinated effort ran from January 15 to April 30, 2026, and involved 97 countries and territories. INTERPOL said more than 142,000 victims were identified, over 23,000 cases were solved, and 15,606 suspects were identified. The briefing highlights regional outcomes: Eswatini authorities arrested 82 people and dismantled a network running illegal online gambling, money‑laundering, and impersonation scams; Thai police made two arrests and uncovered a scheme that converted romance‑scam proceeds into cryptocurrency using cross‑chain token swaps. INTERPOL framed the operation as a response to the escalation of social engineering into a major transnational threat.
Palo Alto Networks Unit 42: bucket hijacking and chained cloud risks
Palo Alto Networks Unit 42 described a bucket hijacking technique that exploits a fundamental architectural trade in cloud storage: bucket names are globally unique. Unit 42 said an attacker can delete an organization’s bucket and then recreate it under the attacker’s account using the same name, rerouting active data streams and critical logs to the attacker’s environment. Unit 42 characterized this as a “global namespace risk” and noted there is no evidence the technique has been abused in the wild. In the same brief, Unit 42 warned of several other cloud risks, including insecure default AD CS enrollments, abuse of Kubernetes identities to escalate privileges, and multi‑agent AI risks such as inter‑agent prompt injection and lack of capability scoping.
Supply chain and tooling abuse: typosquats, Claude, and browser persistence
Supply chain and developer tooling emerged repeatedly. Socket reported 17 malicious npm and PyPI packages that typosquat Paysafe, Skrill, and Neteller SDKs to steal system information and developer secrets, exfiltrating data to an Ngrok endpoint; the malware avoided sandboxes and varied obfuscation keys to frustrate signature‑based detection. China’s National Vulnerability Database urged developers to uninstall Claude Code versions 2.1.91 through 2.1.196 after finding “backdoor code” that could collect sensitive user data; Anthropic described the relevant code as an experiment to protect against model distillation.
On the client side, Rubrik Zero Labs flagged GhostChrome‑X, a Chrome‑based threat that modifies Chrome’s protected configuration files and forges integrity metadata so an attacker‑controlled extension is accepted as legitimate. GhostChrome‑X combines browser data collection with OS‑level command execution and persistence via scheduled tasks and Registry Run keys, and can monitor WebAuthn activity to interact with WebAuthn‑enabled sites from within a hijacked session.
Windows privilege escalation and kernel drivers: CVEs and chains
SafeBreach researcher Ron Ben Yizhak and others traced an LPE (local privilege escalation) chain involving two disclosed issues. CVE‑2025‑49760 in Windows RPC and CVE‑2025‑59200 in the Data Sharing Service Client were combined to spoof an RPC server, bypass User Interface Privilege Isolation, and use a scheduled task to inject XML into a toast notification — elevating privileges from low to medium integrity, Ben Yizhak said. Separately, a researcher known as “zwclose” disclosed multiple Realtek RtsPer.sys SD card reader driver vulnerabilities (CVE‑2022‑25477 through CVE‑2024‑40432) that can leak kernel memory, write arbitrary kernel memory, and use DMA to read/write physical memory; Realtek issued fixes in August 2024 for the affected OEMs, including Dell and Lenovo.
Teams scams, LINE account rentals, and Meta phishing: social engineering remains the pivot
Several reports underline that social engineering is rarely a one‑off. Palo Alto Networks Unit 42 documented a lure that begins with an “Employee Survey” email and a Teams call impersonating a system administrator; the attacker used Teams’ remote‑control features to guide victims into installing HopToDesk or AnyDesk and ultimately delivered EtherRAT via a multi‑stage MSI payload. Taiwanese authorities charged two businessmen accused of leasing LINE accounts to actors linked to Chinese government‑linked hackers, enabling impersonation of international journalists as part of a broader espionage campaign. Huntress described an ongoing campaign that abused Meta’s Business Account Manager to send phishing emails from a Meta business account, collecting credentials, MFA codes, phone numbers, and ID images; Meta has since taken steps to plug the attack method.
What this means for technologists, procurement leaders, and end users
- Technologists and security teams: watch egress controls and agent isolation in cloud environments, per AWS’ advice, and monitor for namespace anomalies such as sudden bucket deletions and recreations. Apply vendor patches for CVE‑2025‑59200/CVE‑2025‑49760 chains and the Realtek driver fixes already issued.
- Procurement and platform owners: scrutinize package names and SDK dependencies in software supply chains — Socket’s findings show typosquats can hide in npm/PyPI — and tighten default enrollment rights for services like AD CS and AgentCore to prevent overly broad IAM roles.
- End users and administrators: social engineering remains the common pivot. The unitary lesson across cases — phishing to Teams calls, rented LINE accounts, and impostor Meta messages — is that legitimate tools and trusted channels are being abused; training and stricter remote‑control policies can interrupt those attack flows.
“Most security mess starts as admin work,” the ThreatsDay roundup observed, and the week’s reporting furnishes a string of small administrative failures — namespace reuse, permissive enrollments, lax egress controls, and trusted‑tool abuse — that, compounded, create strategic impact. The details now are specific: CVE identifiers to patch, package names to audit, and development‑tool versions to uninstall. The unanswered operational question is blunt and local: who in each organization will watch the normal paths before the bill arrives?




