SMS blaster arrests, OpenEMR flaws and 610K Roblox hacks
Three arrested in Canada over an SMS blaster phishing scheme; OpenEMR patched 38 vulnerabilities; three detained in Ukraine for hacking 610,000+ Roblox accounts.
Canadian police arrested three men after investigators found they used a device that posed as a cellular tower to send phishing text messages to nearby phones. Authorities reported tens of thousands of devices connected to the fake transmitter over several months. The suspects face 44 charges tied to fraud and unauthorized access. The messages directed recipients to counterfeit websites designed to capture banking credentials and passwords. Authorities described the method this way: “An SMS blaster works by mimicking a legitimate cellular tower. When nearby phones connect to it, users receive fraudulent text messages that appear to come from trusted organizations.”
Security researchers disclosed 38 vulnerabilities in the OpenEMR electronic medical-records platform this week; maintainers issued patches. The flaws range from incorrect authorization checks and cross-site scripting to SQL injection, path traversal and insufficient session expiration. Two issues received critical ratings: CVE-2026-24908 and CVE-2026-23627. Security firm AISLE warned that the most severe SQL injection bugs could allow attackers with modest database privileges to fully compromise databases, extract protected health information at scale, or execute code on servers. OpenEMR is used by more than 100,000 medical providers serving over 200 million patients in 34 languages.
Ukrainian investigators detained three suspects they say hacked more than 610,000 Roblox accounts between October 2025 and January 2026. Investigators allege the group sold the accounts for about $225,000 on Russian-language websites. The suspects are in pretrial detention and face up to 15 years in prison if convicted. Authorities identified a 19-year-old from Drohobych as the alleged ringleader and two accomplices, aged 21 and 22, who reportedly met on gaming forums.
Vendors and law enforcement have taken action: OpenEMR maintainers released patches and advisories, and police in Canada and Ukraine made arrests. Security teams are advised to apply OpenEMR patches, review access controls and audit logs, and monitor exposed services. Users who receive unexpected texts should not click links and should verify messages directly with the organization named.
Investigations into the Canadian and Ukrainian incidents are ongoing and OpenEMR distributors continue to distribute updates to users.
