5.5 million passwords, wide open — inside the World Cup black market

The cyber risks hiding in the 2026 World Cup ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­  

The UpGuardian Feature How Illegal World Cup Streams and Betting Sites Expose Their Own Fans Blog The Ultimate Ransomware Defense Guide (2026) Opinion Top 25 Cyberattacks in Sports: Does Defense Win? At a Glance May 27th The FBI issues a PSA to warn the public that cybercriminals are actively spoofing the FIFA website to conduct further illegal activity, such as phishing scams, credential harvesting, and other attacks. 19,000 Over 19,000 FIFA-themed domains have been registered, many created by cybercriminals to steal credentials and financial data.  June 3rd The Canadian Centre for Cybersecurity issues a warning, stating cybercriminals "will almost certainly" use the popularity of the World Cup to launch DDoS attacks and exploit organizations through extensive ransomware campaigns.  From the Editor Upon first touch, the throughline between championship soccer and enterprise security might not be crystal clear. However, both ultimately live and die by the effectiveness of their defensive posture, relying on a perfectly synchronized backline to catch aggressive opponents offsides. The difference, of course, is that while a sports team can regroup in the locker room at halftime, security teams are locked in a relentless, 24/7 match where the boundaries of the playing field are constantly expanding. Soccer teams only have to defend a finite, 100-meter patch of grass. Modern cyber infrastructures are infinitely decentralized.   In this issue of The UpGuardian, we analyze the high-stakes digital arena of global sports. We break down the "three-headed" decentralized infrastructure of this year's World Cup host model, expose the hidden risks lurking within the sports underground, and equip you with our ultimate ransomware defense guide. Finally, we take a look back at the top 25 cyberattacks in sports history to answer the ultimate question: Does defense truly win championships?   - Nicholas Sollitto Feature How Illegal World Cup Streams and Betting Sites Expose Their Own Fans By Greg Pollock   The 2026 FIFA World Cup is being called the largest and most complex cyberattack surface in the history of entertainment. Because the tournament is split across three countries (the US, Canada, and Mexico) and relies entirely on deeply integrated digital infrastructure, cybersecurity experts and law enforcement are already tracking severe vulnerabilities and known threat actors within the space. "No ID checks don't mean no risk — it means no protection." — Kai Cantwell, CEO of Responsible Wagering Australia Continue reading Blog The Ultimate Ransomware Defense Guide (2026) By Edward Kost   Ransomware is the fastest-growing category of cybercrime. It’s estimated that over 4,000 ransomware attacks occur daily. Given the sheer volume of these attacks and the deep attack surface connections between organizations and their vendors, there’s a high likelihood that some of your employee credentials have already been compromised in a ransomware attack. Leaked credentials mean the keys to your corporate network could currently be published on a ransomware gang’s leak site. Continue reading Opinion Top 25 Cyberattacks in Sports: Does Defense Win Trophies? By Nicholas Sollitto   First made famous by Bear Bryant in the 1970s, “defense wins championships” has since become a popular sports adage that’s at times overused. But when it comes to the sprawling attack surface of modern athletic events, like the tri-hosted 2026 World Cup or the Super Bowl, that cliché applies just as much to cybersecurity as it does to the playing field. Modern sports franchises are no longer just athletic clubs. They're multi-billion-dollar enterprise networks, which function as massive digital vaults holding significant financial data, scouting analytics, player medical histories, and high-value transaction logs. Continue reading Palette Cleanser Isn't three host nations enough? FIFA doesn't think so. To celebrate the tournament's centennial, the 2030 World Cup will span six countries across three continents: Europe (Spain and Portugal), Africa (Morocco), and South America (Uruguay, Argentina, and Paraguay), exponentially widening the event's attack surface even further than this year's historic tri-national format.  UpGuard Inc., 650 Castro Street, Suite 120-387 , Mountain View, CA , 94041, United States +1 888 882 3223 Unsubscribe | Manage Preferences

The AI Exchange: Innovators in Payment Security Featuring Utimaco

The AI Exchange: Innovators in Payment Security Featuring Utimaco By Alicia Malone, 29 Jun, 2026 Welcome to the PCI Security Standards Council’s blog series, The AI Exchange: Innovators in Payment Security. This special, ongoing feature of our PCI Perspectives blog offers a resource for payment security industry stakeholders to exchange information about how they are adopting and implementing artificial intelligence (AI) into their organizations.   Read more » PCI Security Standards Council, LLC   401 Edgewater Place  Suite 600  Wakefield  MA   01880    You received this email because you are subscribed to PCI Perspectives Subscription from PCI Security Standards Council, LLC. Update your email preferences to choose the types of emails you receive.  Unsubscribe from all future emails