A data breach involving Pretoria Bar was reported on February 3. 2026. See incident details, impact on customers, and recommended security measures.

Skills marketplace is full of stuff - like API keys and credit card numbers - that crims will find tasty Another day, another vulnerability (or two, or 200) in the security nightmare that is OpenClaw.…

The distributed denial-of-service (DDoS) botnet known as AISURU/Kimwolf has been attributed to a record-setting attack that peaked at 31.4 Terabits per second (Tbps) and lasted only 35 seconds....

ICE has used Mobile Fortify to identify immigrants and citizens alike over 100,000 times, by one estimate. It wasn't built to work like that—and only got approved after DHS abandoned its own privacy rules.

Contact details were accessed in an intrusion that went undetected for months, the blogging outfit says Newsletter platform Substack has admitted that an intruder swiped user contact details...

In the first two parts of ourLockBit 5.0 series, we provided a comprehensive analysis of this cross-platform ransomware’s ESXi and Linux variants. This final installment features our analysis of...

Chad van Alstin reports: The U.S. Department of Health and Human Services Office of the Inspector General (OIG) released a report focused on a “large Southeastern hospital” that the agency said...

And their toolkit includes a new, Linux kernel rootkit A state-aligned cyber group in Asia compromised government and critical infrastructure organizations across 37 countries in an ongoing...

Helen Whittle reports: The Berlin Hospital Association (BKG) has issued a warning describing a spate of seemingly “inexplicable incidents” at hospitals and healthcare facilities in the capital....

The U.S. cyber defense agency issued an operational directive on Thursday mandating federal agencies to “remove any hardware and software devices that is no longer supported by its original...

This week, Joe cautions the rush to adopt AI tools rife with truly awful security vulnerabilities.

This week didn’t produce one big headline. It produced many small signals — the kind that quietly shape what attacks will look like next. Researchers tracked intrusions that start in ordinary...

A new actor called 0APT is causing a stir after they launched a dark web leak site and posted a large number of major companies, both genuine and fake, triggering real incident responses for named...

With hundreds of malicious OpenClaw skills blending in among legitimate ones, manually reviewing every script or command isn’t realistic — especially when skills are designed to look helpful and...

Today’s “AI everywhere” reality is woven into everyday workflows across the enterprise, embedded in SaaS platforms, browsers, copilots, extensions, and a rapidly expanding universe of shadow tools...

Authorities have arrested multiple members of 764 during the past year, reflecting heightened law enforcement activity targeting the violent extremist collective. The post Alleged 764 member...

Breach-tracking site flags dataset following impersonation-based intrusion Breach-tracking site Have I Been Pwned (HIBP) claims a cyberattack on Betterment affected roughly 1.4 million users –...

Spain's Ministry of Science (Ministerio de Ciencia) announced a partial shutdown of its IT systems, affecting several citizen- and company-facing services. [...]

Ransomware operators are hosting and delivering malicious payloads at scale by abusing virtual machines (VMs) provisioned by ISPsystem, a legitimate virtual infrastructure management provider. [...]

The elusive Iranian threat group known as Infy (aka Prince of Persia) has evolved its tactics as part of efforts to hide its tracks, even as it readied new command-and-control (C2) infrastructure...

Q4 of 2025 was marked by the latest large-scale data theft campaign by the CL0P ransomware gang, this time exploiting a zero-day vulnerability in Oracle E-Business Suite (EBS). The campaign came...

Baseline security controls and practices that help defend against diverse cyberthreats across multiple stages of an attack, and controls crucial for protecting against particular types of cyberthreats.

The number of DDoS attacks more than doubled in 2025. The network layer is under particular threat as hyper-volumetric attacks grew 700%.

While the United States develops its own artificial intelligence (AI) regulatory framework, it’s encouraging other countries to take up similar performance-based approaches to AI governance...

A data breach involving Loyola University Maryland was reported on February 3, 2026. See incident details, impact on customers, and recommended security measures.

A revised government-industry council devoted to critical infrastructure protection could be set up to have broader and more specific discussions on things like cybersecurity and threats to...

A data breach involving Ministerio de Hacienda was reported on February 3, 2026. See incident details, impact on customers, and recommended security measures.

Following more than half a century of arms control treaties that provided at least some guardrails on nuclear competition, today’s expiration of New START confirms that this architecture has...

Microsoft announced today that the Exchange Web Services (EWS) API for Exchange Online will be shut down in April 2027, after nearly 20 years. [...]

Italy has foiled a series of cyberattacks targeting some of its foreign ministry offices, including one in Washington, as well as Winter Olympics websites and hotels in Cortina d’Ampezzo, Foreign...