Documents say customs officers in the US Virgin Islands had friendly relationships with Epstein years after his 2008 conviction, showing how the infamous sex offender tried to cultivate allies.

Settlement Marks OCR’s 11th Enforcement Action in OCR’s Risk Analysis Initiative Today, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) announced a settlement...

The Fulu Foundation, a nonprofit that pays out bounties for removing user-hostile features, is hunting for a way to keep Ring cameras from sending data to Amazon—without breaking the hardware.

MIT CSAIL's 2025 AI Agent Index puts opaque automated systems under the microscope AI agents are becoming more common and more capable, without consensus or standards on how they should behave,...

According to Socket, the campaign operates as a typosquatting worm: the attacker publishes malicious packages that mimic trusted names (e.g., look-alikes of common utilities and AI coding tools)....

$300 a month buys you a backdoor that looks like legit software Researchers at Proofpoint late last month uncovered what they describe as a "weird twist" on the growing trend of criminals abusing...

Cybersecurity researchers have discovered what they say is the first Android malware that abuses Gemini, Google's generative artificial intelligence (AI) chatbot, as part of its execution flow and...

An international cybercrime operation against online scams has led to 651 arrests and recovered more than $4.3 million as part of an effort led by law enforcement agencies from 16 African...

A staffer of the Incognito dark web market was secretly controlled by the FBI—and still allegedly approved the sale of fentanyl-tainted pills, including those from a dealer linked to a confirmed death.

Dysruption Hub is all over the breach news today. They report: Meriden, Connecticut, took city internet services and public Wi-Fi offline after officials reported an attempted disruption, limiting...

Microsoft has disclosed a now-patched security flaw in Windows Admin Center that could allow an attacker to escalate their privileges. Windows Admin Center is a locally deployed, browser-based...

CVE-2026-1731 is an RCE vulnerability in identity platform BeyondTrust. This flaw allows attackers control of systems without login credentials. The post VShell and SparkRAT Observed in...

Oleksandr Didenko ran laptop farms and provided forged or stolen identities to North Korean operatives who gained remote employment at 40 U.S. businesses. The post Ukrainian sentenced to 5 years...

HPE security advisory (AV26-150)

Tenable security advisory (AV26-149)

The cyber threat space doesn’t pause, and this week makes that clear. New risks, new tactics, and new security gaps are showing up across platforms, tools, and industries — often all at the same...

In this week’s newsletter Martin considers how defenders can turn offensive AI tools against themselves.

A report issued by the Office of the Information and Privacy Commissioner for British Columbia states: Between April 30, 2025 and June 20, 2025 the OIPC received breach notifications from the...

A top FBI cyber official said Salt Typhoon, the Chinese cyber espionage group behind the widespread compromise of U.S. telecommunications infrastructure in 2024, continues to pose a broad threat...

FBI warns these cyber-physical attacks are on the rise Thieves stole more than $20 million from compromised ATMs last year using a malware-assisted technique that the FBI says is on the uptick...

Citizen Lab researchers have co-authored two submissions to the Committee on Enforced Disappearances and UN Working Group on Enforced and Involuntary Disappearances. One submission focuses on...

We’ve all seen this before: a developer deploys a new cloud workload and grants overly broad permissions just to keep the sprint moving. An engineer generates a "temporary" API key for testing and...

IceWarp security advisory (AV26-148)

Two popular AES libraries, aes-js and pyaes, provide a default IV in their AES-CTR API. Although this was seen as helpful from the API standpoint, it actually creates a terrible vulnerability. Why...

The main Solidity code generator had a compiler bug in the intermediate representation (IR). This is the story and impact of the bug from versions 0.8.28 and 0.8.33. The IR pipeline generates...

Splunk security advisory (AV26-147)

HTTP Smuggling is the process of two HTTP parsers parsing data differently and this difference being able to smuggle unintended data through the pipeline. A simple example would be Nginx alongside...

GitHub security advisory (AV26-146)

The real deal or another research project overblown? Cybersecurity researchers say they've spotted the first Android malware strain that uses generative AI to improve performance once installed....

A cyberthreat forecast by Kaspersky experts.