The FBI has launched Operation Winter SHIELD outlining ten actions which organizations should implement to help protect themselves, society and the state against cyber-attacks and malicious...
A new joint investigation by SentinelOne SentinelLABS, and Censys has revealed that the open-source artificial intelligence (AI) deployment has created a vast “unmanaged, publicly accessible layer...
The number of US data “compromises” in 2025 reached a record high of 3332, a 5% increase on the previous year, according to new figures from the Identity Theft Resource Center (ITRC). The...
Alphabet-owned Waymo has informed the National Highway Traffic Safety Administration that one of its driverless vehicles “struck a child near an elementary school” in Santa Monica, California. The...
Ransomware gangs claimed a deluge of victims during the final quarter of 2025, despite a decline in the number of active ransomware groups, analysis by cybersecurity researchers at ReliaQuest has...
The U.S. government wants the rest of the world to adopt its artificial intelligence cybersecurity standards, a top official with the Office of the National Cyber Director said Thursday. As part...
Introduction Mandiant has identified an expansion in threat activity that uses tactics, techniques, and procedures (TTPs) consistent with prior ShinyHunters-branded extortion operations. These...
Introduction Mandiant is tracking a significant expansion and escalation in the operations of threat clusters associated with ShinyHunters-branded extortion. As detailed in our companion report,...
Bumble and Match said they each recently responded to network intrusions. The group ShinyHunters claimed to have stolen data from both.
AI assistants are now embedded in our daily lives—used most often for instrumental tasks like writing code, but increasingly in personal domains: navigating relationships, processing emotions, or...
The Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response brought utilities, industry experts, and government defenders together on Plum Island, New York, for the...
In October 2025, at a large ceremony organized in Hanoi, 72 states signed the U.N. Cybercrime Convention (UNCC, or Hanoi Convention), the first U.N.-wide convention to combat cybercrime and...
Two Critical vulnerabilities in Ivanti’s popular mobile device management solution have been exploited in the wild in limited attacksBackgroundOn January 29, Ivanti released a security advisory to...
Two Critical vulnerabilities in Ivanti’s popular mobile device management solution have been exploited in the wild in limited attacksKey takeaways:Patch Ivanti EPMM immediately. Both CVE-2026-1281...
NERC’s 2025 Long-Term Reliability Assessment (LTRA) and infographic spotlight intensifying resource adequacy risks throughout the North American bulk power system (BPS) over the next 10 years....
President Donald Trump’s choice to lead the National Security Agency on Thursday repeatedly defended a mass foreign surveillance power that is weeks away from expiring without congressional...
A former Google engineer accused of stealing thousands of the company's confidential documents to build a startup in China has been convicted in the U.S., the Department of Justice (DoJ) announced...
A look back at the cloud security investigations and vulnerabilities that defined the year, from AI breakthroughs to supply chain shifts.
SmarterTools has addressed two more security flaws in SmarterMail email software, including one critical security flaw that could result in arbitrary code execution. The vulnerability, tracked as...
As January 2026 comes to a close, The Cyber Express takes a comprehensive look at the events defining the global cybersecurity landscape. Over the past week, organizations worldwide faced...
CERT Polska presents a report on the analysis of an incident in the energy sector that occurred on 29 December 2025. The attacks were destructive in nature and targeted wind and photovoltaic...
ESET researchers present technical details on a recent data destruction incident affecting a company in Poland’s energy sector
Ivanti has rolled out security updates to address two security flaws impacting Ivanti Endpoint Manager Mobile (EPMM) that have been exploited in zero-day attacks, one of which has been added by...
Two code injection vulnerabilities allowed unauthenticated attackers to execute arbitrary code and access sensitive device information across compromised networks. Ivanti released emergency...
Cyble Research & Intelligence Labs (CRIL) has uncovered a post-exploitation Linux framework called ShadowHS, designed for stealthy, in-memory operations. Unlike traditional malware, ShadowHS...
A data breach involving Match.com was reported on January 28, 2026. Learn about the incident details, impact on customers, and recommended security measures.
Executive Summary Cyble Research & Intelligence Labs (CRIL) has identified a Linux intrusion chain leveraging a highly obfuscated, fileless loader that deploys a weaponized variant of hackshell...
Multiple vulnerabilities have been discovered in Ivanti Endpoint Manager Mobile which could allow for remote code execution. Ivanti Endpoint Manager Mobile is a mobile management software engine...
BellSoft survey finds 48% prefer pre‑hardened images over managing vulnerabilities themselves Java developers still struggle to secure containers, with nearly half (48 percent) saying they'd...
A new joint investigation by SentinelOne SentinelLABS, and Censys has revealed that the open-source artificial intelligence (AI) deployment has created a vast "unmanaged, publicly accessible layer...