Angelo Martino helped accomplices extort a combined $75.3 million in ransom payments from five victim companies. The post Former DigitalMint ransomware negotiator pleads guilty to extortion scheme...

Atlassian security advisory (AV26-375)

Lawmakers decry CISA cuts: 'We are shooting ourselves in the foot' If a cyberattack leads to a death, that's murder. A former FBI cyber division chief urged the US Justice Department to consider...

A third individual who was employed as a ransomware negotiator has pleaded guilty to conducting ransomware attacks against U.S. companies in 2023. Angelo Martino, 41, of Land O'Lakes, Florida,...

Fortra security advisory (AV26-374)

Spring security advisory (AV26-373)

Tyler Robert Buchanan “was the glue that held this gang together,” a cybercrime researcher said. He faces up to 22 years in federal prison. The post Scottish man pleads guilty to attack spree that...

Security teams often present MTTR as an internal KPI. Leadership sees it differently: every hour a threat dwells inside the environment is an hour of potential data exfiltration, service...

The Firefox team doesn’t think emerging AI capabilities will upend cybersecurity long term, but they warn that software developers are likely in for a rocky transition.

The Firefox team doesn’t think emerging AI capabilities will upend cybersecurity long term, but they warn that software developers are likely in for a rocky transition.

France Titres, the government agency in France for issuing and managince administrative documents has disclosed a data breach after a threat actor claimed the attack and stealing citizen data. [...]

CISA gives federal agencies 4 days to patch America's lead cyber-defense agency has warned that three Cisco Catalyst SD-WAN Manager bugs are under attack, and given federal agencies just four days...

The cybersecurity industry has spent the last several years chasing sophisticated threats like zero-days, supply chain compromises, and AI-generated exploits. However, the most reliable entry...

Oracle addresses 241 CVEs in its second quarterly update of 2026 with 481 patches, including 34 critical updates.Key takeaways:The second Critical Patch Update (CPU) for 2026 contains fixes for...

Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the...

A lawsuit from the Consumer Federation of America accuses Meta of misleading consumers about its efforts to combat scams advertisements on its platforms.

SSH Communications Security, a defensive cybersecurity company for humans, systems, and networks, announced on Tuesday that its PrivX... The post SSH brings PrivX OT to Nokia Industrial Edge to...

TXOne Networks, an operations-first OT security partner, announced preview of Stellar Discover, a lightweight endpoint sensor designed to... The post TXOne introduces Stellar Discover to extend OT...

Industrial Defender, vendor of OT asset visibility and risk management, announced a partnership with KYrON, a cybersecurity integration... The post Industrial Defender partners with KYrON to boost...

Semperis, an identity-driven cyber resilience and crisis response company, announced that Purple Knight, its free, community-driven Active Directory... The post Semperis extends Purple Knight...

Cybersecurity researchers have discovered a new iteration of an Android malware family calledNGate that has been found to abuse a legitimate application called HandyPay instead of NFCGate. "The...

Cybersecurity researchers have discovered a vulnerability in Google's agentic integrated development environment (IDE), Antigravity, that could be exploited to achieve code execution. The flaw,...

Data from browsers, cryptocurrency wallets, 200+ extensions hoovered up A ClickFix campaign targeting macOS users delivers an AppleScript-based infostealer that collects credentials and live...

Mozilla security advisory (AV26-372)

A previously undocumented data-wiping malware dubbed Lotus was used last year in targeted attacks against energy and utilities organizations in Venezuela. [...]

Tal Be’ery knew that I was online the night before I called him. He knew what kind of device I was using. I didn’t share this information with him. All he had was my phone number. I had no way to...

Plus: Court papers reveal nonprofit paid a ransom worth nearly $26.8 million The third of three former ransomware negotiators accused of assisting the ALPHV/BlackCat ransomware gang in extorting...

A Chinese national was arrested at New York’s John F. Kennedy International Airport after federal authorities say he photographed sensitive military aircraft near Offutt Air Force Base in Nebraska...

For almost three decades now, threat actors have used remote access trojans (RATs) to monitor user activity and steal sensitive information and credentials. The RAT’s surreptitious nature has...

China will hit EU firms with reciprocal measures if the bloc targets Chinese firms as planned under its proposed cybersecurity regulations, Beijing has warned. In a 30-page document submitted to...