A SystemBC proxy malware botnet of more than 1,570 hosts, believed to be corporate victims, has been discovered following an investigation into a Gentlemen ransomware attack carried out by a gang...

A U.S. federal grant effort to develop autonomous medical device patching platforms for hospitals evaded the budget-cutting knife of the Trump administration in its annual funding request sent to...

The blockage of the Strait of Hormuz has thrown many nations dependent on Middle East oil and liquefied natural gas (LNG) into crisis. Beyond immediate measures to reduce energy consumption, the...

As Chinese warships and fighter jets staged massive drills around Taiwan in December, a parallel action was unfolding on smartphone screens. On Douyin, China’s version of TikTok, a news outlet run...

[Control Systems] Moxa security advisory (AV26-370)

China’s battery giant is going vertical. CATL, the world’s largest battery manufacturer, announced a $4.4 billion investment to launch a dedicated mining subsidiary focused on securing critical...

Microsoft has released out-of-band (OOB) updates to fix issues affecting Windows Server systems after installing the April 2026 security updates. As Microsoft confirmed last week, some admins may...

In 2025, Daniel Stenberg, the chief maintainer of cURL, an open-source software tool that transfers data using URLs, received 181 notifications of bugs or vulnerabilities across the codebase he...

More than 18 months after a ransomware attack disrupted care at hospitals in South East London, internal documents show at least one NHS trust is still working without fully restored systems and...

Red Hat security advisory (AV26-369)

Jeff Bezos’ space company Blue Origin successfully re-used one of its New Glenn rockets for the first time ever on Sunday, but the company failed at its primary mission: delivering a...

For the latest discoveries in cyber research for the week of 20th April, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Booking.com, the Amsterdam-based travel...

The Seiko USA website was defaced over the weekend, displaying a message from attackers claiming they stole its Shopify customer database and threatening to leak it unless a ransom is paid. [...]

[Control systems] CISA ICS security advisories (AV26-368)

Ubuntu security advisory (AV26-367)

The Houthis are increasingly exchanging arms, training, and drone technology with Al-Qaeda in the Arabian Peninsula (AQAP) and al-Shabaab, marking a collaboration that transcends ideological...

A gold-hued skyscraper is rising above the traffic-clogged streets of the capital city on the Mekong River. The building is already Cambodia’s tallest structure — and a monument to the spoils...

In early 2026, phishing attacks are still among the top contributors to the true positive detections in security operation centers (SOCs). Adversaries constantly come up with new ways of luring...

Dell security advisory (AV26-366)

The U.S. attacked and seized an Iranian-flagged cargo ship it said had tried to evade its naval blockade near the Strait of Hormuz on Monday. It was the first interception since the U.S. blockade...

The Energy Department might be all in on AI, but the increasing apprehension among the American public poses a challenge, according to Secretary Chris Wright. “The country as a whole is going very...

Treasury Secretary Scott Bessent joined a meeting on Friday between White House chief of staff Susie Wiles and Anthropic CEO Dario Amodei, sources briefed on the meeting told Axios. Anthropic is...

Out-of-band or out of control? Microsoft has pushed out an out-of-band update to address the restart loop that hit some Windows Server devices after its April update.…

IBM security advisory (AV26-365)

Cybersecurity researchers have flagged a new malware called ZionSiphon that appears to be specifically designed to target Israeli water treatment and desalination systems. The malware has been...

Key Points The Gentlemen RaaS The Gentlemen ransomware‑as‑a‑service (RaaS) operation is a relatively new group that emerged around mid‑2025. The operators advertise their services across multiple...

Extending Wiz Visibility with the Databricks Data & AI Platform

Attackers have moved upstream, and while security teams have focused on the code developers write, the systems that build and deliver that code have remained a blind spot.

Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability (CVE-2026-5958) has been found in GNU sed software.

New analysis published by the World Economic Forum (WEF) argues that as ports become increasingly digitized and interconnected,... The post WEF urges intelligence sharing as port cyber threats...