zerofox logo
Advisories

ZeroFox Weekly Intelligence Brief – May 30, 2026

|by Alpha Team

banner image

ZeroFox Weekly Intelligence Brief – May 30, 2026

ZeroFox’s Weekly Intelligence Briefing highlights the major developments and trends across the threat landscape, including digital, cyber, and physical threats. ZeroFox Intelligence is derived from a variety of sources, including—but not limited to—curated open-source accesses, vetted social media, proprietary data sources, and direct access to threat actors and groups through covert communication channels. Information relied upon to complete any report cannot always be independently verified. As such, ZeroFox applies rigorous analytic standards and tradecraft in accordance with best practices and includes caveat language and source citations to clearly identify the veracity of our Intelligence reporting and substantiate our assessments and recommendations. All sources used in this particular Intelligence product were identified prior to 6:00 AM (EDT) on May 28, 2026; per cyber hygiene best practices, caution is advised when clicking on any third-party links.

Read the Brief

View the full report here

FBI Warns of Spoofed FIFA Domains Targeting the 2026 World Cup

What we know:

  • The Federal Bureau of Investigation (FBI) has warned that threat actors are using spoofed versions of the official Fédération Internationale de Football Association (FIFA) website for cybercriminal activity ahead of the 2026 FIFA World Cup.
  • These spoofed sites are being used to sell fraudulent tickets and hospitality packages, conduct FIFA recruitment scams, and collect personally identifiable information (PII).

Los Angeles Transit Breach Tied to Pro-Iran Hacktivist Operation

What we know:

  • Pro-Iran hacktivist group “Ababil of Minab” has been attributed to the March 16 breach of the Los Angeles County Metropolitan Transportation Authority (LACMTA).
  • The attackers reportedly stole at least 700 GB of emails, backups, and internal files from LACMTA systems.

FBI Issues Alert on “Silent Ransom Group” Targeting U.S. Law Firms

What we know:

  • The FBI has issued an advisory warning that the Silent Ransom Group (SRG) is targeting U.S. law firms using social engineering techniques.
  • SRG actors pose as IT employees to establish access to victim systems to exfiltrate data without encryption, either using legitimate remote access tools or by visiting the target’s location in-person.

Tags: tlp:green