Ex-L3Harris exec sells U.S. cyber secrets, "Brash" Chromium flaw crashes browsers, and hacktivists tamper with Canadian industrial systems.

The Trump administration’s nominee to serve at the helm of U.S. Strategic Command told lawmakers Thursday that the Pentagon’s ability to test, exercise and conduct electronic warfare operations...

Executive Summary In October 2025, Cyble Research and Intelligence Labs (CRIL) identified malware that distributed a weaponized ZIP archive masquerading as a military document titled "ТЛГ на...

FortiGuard Labs analyzes TruffleNet, a large-scale campaign abusing AWS SES with stolen credentials and linked to Business Email Compromise (BEC).

Following his extradition from Ireland, a Ukrainian man had his initial appearance today in the Middle District of Tennessee on a 2023 indictment charging him with conspiracy to deploy Conti, a...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw impacting Broadcom VMware Tools and VMware Aria Operations to its Known Exploited...

Hacktivist attacks on critical infrastructure grew throughout the third quarter of 2025, and by September, accounted for 25% of all hacktivist attacks. If that trend continues, it would represent...

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting XWiki Platform to its Known Exploited Vulnerabilities catalog, highlighting the urgent...

The Australian government is warning about ongoing cyberattacks against unpatched Cisco IOS XE devices in the country to infect routers with the BadCandy webshell. [...]

Price hikes, politics, and platform fatigue drive organizations back toward open alternatives OpenInfra Summit Sovereignty might be the word of the hour, but the OpenStack community has another –...

Listen to the Audio on NextBigIdeaClub.com Below, co-authors Bruce Schneier and Nathan E. Sanders share five key insights from their new book, Rewiring Democracy: How AI Will Transform Our...

In mid-2025, Secureworks Counter Threat Unit (CTU) researchers uncovered a sophisticated cyber campaign where Chinese state-sponsored threat actors from the BRONZE BUTLER group exploited a...

Passwords still matter — and weak policies leave the door wide open. Specops Software explains how longer passphrases, smarter banned-password lists, and adaptive rotation strategies can...

From the end of Windows 10 support to scams on TikTok and state-aligned hackers wielding AI, October's headlines offer a glimpse of what's shaping cybersecurity right now

The Russian authorities have arrested three individuals in Moscow who are believed to be the creators and operators of the Meduza Stealer information-stealing malware. [...]

A design firm is editing a new campaign video on a MacBook Pro. The creative director opens a collaboration app that quietly requests microphone and camera permissions. MacOS is supposed to flag...

CISA confirmed on Thursday that a high-severity privilege escalation flaw in the Linux kernel is now being exploited in ransomware attacks. [...]

This week on Uncanny Valley, we break down how one of the most common card shufflers could be altered to cheat, and why that matters—even for those who don’t frequent the poker table.

Many organizations are playing catch-up in key AI security policy areas, such as usage governance, risk oversight, data protection, and staff training. In this Cybersecurity Snapshot special...

Progress Software has released security patches to address a high-severity vulnerability in its MOVEit Transfer platform discovered on October 29, 2025. The flaw, tracked as CVE-2025-10932,...

A sophisticated cyber espionage campaign targeting European diplomatic institutions has been uncovered, signaling a strategic escalation by Chinese-affiliated threat actor UNC6384. Central to this...

Google wants 'AI mode' on Search to be as personal as possible, and it'll soon tap into services like Gmail or Drive to know more about you. [...]

The Cybersecurity and Infrastructure Security Agency (CISA) has raised alarm over active exploitation of a critical privilege escalation vulnerability affecting Broadcom’s VMware Tools and VMware...

A China-linked hacking group is exploiting a Windows zero-day in attacks targeting European diplomats in Hungary, Belgium, and other European nations. [...]

Hospitals told to upgrade, but some medical device makers haven't prescribed compatibility yet NHS hospitals are being blocked from fully upgrading to Windows 11 by a small number of suppliers...

A Ukrainian national believed to be a member of the Conti ransomware operation has been extradited to the United States and faces charges that could get him 25 years in prison. [...]

Because fewer people like banknotes, and payment sovereignty is a problem The Governing Council of the European Central Bank (ECB) has decided the bloc needs a digital version of the Euro, and...

Researchers uncovered a coordinated campaign leveraging stolen AWS credentials to automate reconnaissance and abuse Amazon Simple Email Service (SES) for Business Email Compromise (BEC)...

Google on Thursday revealed that the scam defenses built into Android safeguard users around the world from more than 10 billion suspected malicious calls and messages every month. The tech giant...

The open-source command-and-control (C2) framework known as AdaptixC2 is being used by a growing number of threat actors, some of whom are related to Russian ransomware gangs. AdaptixC2 is an...