Website built around buying and selling stolen data has lost control of its own BreachForums, the serially resurrected cybercrime marketplace, has tripped over itself after a data breach spilled...

Cybersecurity researchers have shed light on two service providers that supply online criminal networks with the necessary tools and infrastructure to fuel the pig butchering-as-a-service (PBaaS)...

Tech minister Liz Kendall says the government will back a robust regulatory response Ofcom is investigating X over potential violations of the Online Safety Act, Britian's comms watchdog has confirmed.…

Fascinating research: Weird Generalization and Inductive Backdoors: New Ways to Corrupt LLMs. AbstractLLMs are useful because they generalize so well. But can you have too much of a good thing? We...

Opposition leader Kemi Badenoch pitches age limits and classroom curbs as fixes for behavior and mental health The Tories have pledged to kick under-16s off social media, betting that banning...

This recognition — based entirely on feedback from the people who use our products every day — to us is a testament to the unmatched value Tenable Cloud Security CNAPP offers organizations...

Kyowon Group Investigates Ransomware Attack, Potential Data Leak Company confirms internal systems compromised, verifying if personal data of millions

On 18 July 2025, Canopy Healthcare identified that an unknown person temporarily obtained unauthorised access to a part of our systems used by our administration team. All our services continued...

Says ongoing talks about security are about understanding best practice, not strong-arming vendors India’s government has denied that it is working on rules that would require smartphone...

PLUS: Cambodia arrests alleged scam camp boss; Baidu spins out chip biz; Panasonic’s noodle shop plan; And more! Asia in Brief The governments of Malaysia and Indonesia have suspended access to...

January 12, 2026 According to detection statistics collected by Dr.Web Security Space for mobile devices, the trojans Android.MobiDash and Android.HiddenAds, which display intrusive ads, were...

January 12 2026 According to statistics collected by the Dr.Web anti-virus, the total number of threats detected in the fourth quarter of 2025 increased by 16.05%, compared to the third quarter....

PLUS: Veeam patches critical vuln; Crims bribing dark web insiders; UK school takedown; And more infosec in brief Meta has fixed a flaw in its Instagram service that allowed third parties to...

In January 2026, data allegedly scraped via an Instagram API was posted to a popular hacking forum. The dataset contained 17M rows of public Instagram information, including usernames, display...

We are writing to tell you about a data security incident that Gulshan Management Services, Inc. (“GMS”) has experienced that may have involved some personal information about you. On the weekend...

There are many great free tools on this website for many things. EVM Bytecode analysis, storage slot preimages, invariants sandbox... lots of good stuff!

The Iranian threat actor known as MuddyWater has been attributed to a spear-phishing campaign targeting diplomatic, maritime, financial, and telecom entities in the Middle East with a Rust-based...

Europol on Friday announced the arrest of 34 individuals in Spain who are alleged to be part of an international criminal organization called Black Axe. As part of an operation conducted by the...

Plus: Iran shuts down its internet amid sweeping protests, an alleged scam boss gets extradited to China, and more.

In October 2025, a reincarnation of the hacking forum BreachForums, which had previously been shut down multiple times, was taken offline by a coalition of law enforcement agencies. In the months...

The city of Inman confirmed it was the victim of a cyber attack. Officials said the hack took place back in June. The Spartanburg County Sheriff’s Office and FBI Cypher Crimes are still investigating.

City officials in Midway have confirmed a cybersecurity breach involving the police department’s SmartCOP system, raising concerns about the security of public records and sensitive documents.

Ministers promise equivalent standards just without the legal obligation ANALYSIS From May's cyberattack on the Legal Aid Agency to the Foreign Office breach months later, cyber incidents have...

GreyNoise observed 30,165 sessions from 64 unique IP addresses containing Well-known Out-of-band Interaction Domains during the week of January 3-9, 2026. Analysis reveals three distinct...

Overview Between January 10, 2026 06:10 UTC and January 17, 2026 04:59 UTC, GreyNoise sensors recorded 8,126 HTTP sessions from 34 unique IP addresses containing Well-known Out-of-band Interaction...

Chinese-speaking threat actors are suspected to have leveraged a compromised SonicWall VPN appliance as an initial access vector to deploy a VMware ESXi exploit that may have been developed as far...

In 2026, incident response (IR) will continue its shift away from traditional malware-centric investigations toward identity-driven intrusions, abuse of trusted cloud services, and low-signal,...

The latest article on this topic. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy.

Remember when government agents didn't wear masks? While watching us now seems like the least of its sins, the US Immigration and Customs Enforcement (ICE) was once best known (and despised) for...

Russian state-sponsored threat actors have been linked to a fresh set of credential harvesting attacks targeting individuals associated with a Turkish energy and nuclear research agency, as well...