Newsletter platform Substack has confirmed a data breach in an email to users. The company said that in October, an “unauthorized third party” accessed user data, including email addresses, phone...

Cybersecurity researchers have discovered a new supply chain attack in which legitimate packages on npm and the Python Package Index (PyPI) repository have been compromised to push malicious...

Ex-Google engineer convicted of AI espionage, vishing attacks hijack SSO for SaaS theft, and malicious OpenClaw plugins deliver infostealers.

Growing concerns about Trump-era domestic surveillance practices are weighing on Capitol Hill’s debate over the reauthorization of a powerful foreign spying law on track to lapse this spring. At...

Electric utilities are preparing for a major infrastructure buildout to meet growing demand while the cost for key transmission and distribution equipment is rising, sparking cost-recovery...

Before the New England Patriots and Seattle Seahawks face off at Super Bowl LX, Levi’s Stadium needed a tech upgrade package. To equip the venue for Sunday’s Super Bowl, the National Football...

A Cybersecurity and Infrastructure Security Agency order published Thursday directs federal agencies to stop using “edge devices” like firewalls and routers that their manufacturers no longer...

A newly discovered toolkit called DKnife has been used since 2019 to hijack traffic at the edge-device level and deliver malware in espionage campaigns. [...]

Palo Alto Networks released a report Thursday on its investigation into “the Shadow Campaigns” that unveiled a new cyberespionage group tracked by Unit 42 as TGR-STA-1030. Unit 42 assesses with...

SentinelOne secures AI end-to-end, protecting data, infrastructure, and runtime with Data Security Posture Management (DSPM) capabilities.

FalconFriday — Need for Speed: going Underground with near-real-time (NRT) rules — 0xFF26By Alexandros Pallis and Miltos Kalodoukas.TL; DR: Microsoft introduced near-real-time analytic rules in...

Bring Wiz Issues directly into Backstage, so developers can act on security issues in the tools they use everyday

Update 1: After a post by SuspectFile about a DMCA threat was published on his blog and noted by Valery Rieß-Marchive on LinkedIn, The Hacker Network posted this in reply to Valery’s post: Wait…...

The Cybersecurity & Infrastructure Security Agency (CISA) in the U.S. has issued a warning about CVE-2026-24423, an unauthenticated remote code execution (RCE) flaw in SmarterMail that is used in...

404Media is reporting that the FBI could not access a reporter’s iPhone because it had Lockdown Mode enabled: The court record shows what devices and data the FBI was able to ultimately access,...

As the first week of February 2026 concludes, The Cyber Express weekly roundup examines the developments shaping today’s global cybersecurity landscape. Over the past several days, governments,...

Artificial intelligence (AI) company Anthropic revealed that its latest large language model (LLM), Claude Opus 4.6, has found more than 500 previously unknown high-severity security flaws in...

Many modern attacks happen entirely inside the browser, leaving little evidence for traditional security tools. Keep Aware shows why EDR, email, and SASE miss browser-only attacks and how...

Rome’s Sapienza University, Europe’s largest university by number of on-campus students, is grappling with a major IT outage following a cyberattack on La Sapienza that disrupted digital services...

The European Commission said today that TikTok is facing a fine because its addictive features, including infinite scroll, autoplay, push notifications, and personalized recommendation systems,...

An Illinois man pleaded guilty to hacking nearly 600 women's Snapchat accounts to steal nude photos that he kept, sold, or traded online, including accounts he compromised at the request of a...

Photo-sharing platform Flickr is notifying users of a potential data breach after a vulnerability at a third-party email service provider exposed their real names, email addresses, IP addresses,...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a new binding operational directive requiring federal agencies to identify and remove network edge devices that no...

The end isn't nigh after all Chrome's latest revision of its browser extension architecture, known as Manifest v3 (MV3), was widely expected to make content blocking and privacy extensions less...

A data breach involving Lakelands Public Health was reported on February 3, 2026. See incident details, impact on customers, and recommended security measures.

CISA flags critical SolarWinds CVE-2025-40551 flaw as exploited in attacks. Learn all of the key details.

A data breach involving Zenni Optical was reported on February 3, 2026. See incident details, impact on customers, and recommended security measures.

A data breach involving Bellingham, MA was reported on February 3, 2026. See incident details, impact on customers, and recommended security measures.

A data breach involving CHP 11-99 Foundation was reported on February 3, 2026. See incident details, impact on customers, and recommended security measures.

A data breach involving Gentle Care Dental was reported on February 4, 2026. See incident details, impact on customers, and recommended security measures.