Senior researcher Ksenia Ermoshina spoke to the New York Times about how Russians may start acquiescing to the limits imposed by state censorship. The post A Cat-and-Mouse Game of Russian Internet...
Naomi Diaz reports: Iowa Attorney General Brenna Bird has filed a lawsuit against Change Healthcare, alleging the company violated state consumer protection and data security laws in connection...
Security researchers discovered a remote code execution (RCE) vulnerability in Apache ActiveMQ Classic that has gone undetected for 13 years and could be exploited to execute arbitrary commands. [...]
The North Korea-linked persistent campaign known as Contagious Interview has spread its tentacles by publishing malicious packages targeting the Go, Rust, and PHP ecosystems. "The threat actor's...
Angus Loten reports: From Europe to the Middle East, geopolitical conflicts have companies rereading the fine print on insurance policies that deny coverage for wartime cyberattacks. Act-of-war...
Over on Codamail (fka Cotse.net), Steve Gielda has updated his research on VPN infrastructure and its implications for your privacy. From that article: The Question VPN providers market themselves...
George Allison reports: In a new advisory, the NCSC warned that APT28, a cyber group linked to Russia’s GRU Military Unit 26165, has been exploiting vulnerabilities in edge network devices to...
RTHK reports: Police said they have arrested a man working for a contractor commissioned by the Hospital Authority for allegedly stealing the personal data of tens of thousands of patients. The...
ChipSoft's website remains down but emails are functioning A Dutch healthcare software vendor has been knocked offline following a ransomware attack, officials say.…
U.S. cybersecurity agencies on Tuesday warned of ongoing cyber exploitation of internet-connected OT (operational technology) devices, including programmable... The post Ongoing cyberattacks...
Data from the FBI’s 2025 Internet Crime Report showed that cyber-enabled crime drained nearly US$21 billion from Americans,... The post FBI reports cyber threats to critical infrastructure...
This is news: A malicious supply chain compromise has been identified in the Python Package Index package litellm version 1.82.8. The published wheel contains a malicious .pth file...
OT cybersecurity firm Tosi disclosed that the average U.S. enterprise scores 35.9 out of 50, placing the field... The post Tosi reports US enterprises improve OT security maturity, but vendor...
Cyber risk intelligence company Bitsight announced that it has appointed John Clancy as its chief executive officer, effective... The post Bitsight names John Clancy as CEO to steer growth in...
Cisco Talos uncovered a cluster of activity we track as UAT-10362 conducting spear-phishing campaigns against Taiwanese non-governmental organizations (NGOs) and suspected universities to deliver...
Two practice web addresses appear to have been compromised Multiple domains belonging to Scottish healthcare providers have been hijacked and are now pushing links to adult content and illegal...
A $30,000 AI GPU doesn't outperform consumer GPUs at password cracking. Specops explains why attackers don't need exotic hardware to break weak passwords. [...]
Part 2 of 6: How resilience changes the channel model
Iran-affiliated cyber actors are targeting internet-facing operational technology (OT) devices across critical infrastructures in the U.S., including programmable logic controllers (PLCs),...
In this report, Kaspersky experts share their insights into the 2025 financial threat landscape, including regional statistics and trends in phishing, PC malware, and infostealers.
Another year of CERT Polska’s activities is behind us. It was a special one, as it marked the end of the third decade of our operations – we are celebrating our 30th anniversary! The year 2025 was...
In Telegram groups, men are sharing thousands of nonconsensual images of women and girls, buying spyware, and engaging in doxing and sexual abuse.
President Brad Smith tells an interviewer that Microsoft is reconsidering datacenter design in light of Iran war Microsoft is reevaluating how it designs and builds datacenters in conflict-prone...
WINONA COUNTY, Minn. (WKBT) -- Governor Tim Walz issued an executive order on Tuesday providing emergency assistance to Winona County following a cyberattack that began on Monday, according to a...
In April 2026, the NSFW AI girlfriend platform My Lovely AI suffered a data breach that exposed over 100k users. The data included user-created prompts and links to the resulting AI-generated...
Explore an in-depth analysis of Venezuela’s political landscape following the January 2026 US operation to capture Nicolás Maduro. This executive summary examines Acting President Delcy...
Hasn't released it to the public, because it would break the internet - in a bad way For years, the infosec community’s biggest existential worry has been quantum computers blowing away all...
Forest Blizzard, a threat group attributed to Russia’s GRU, hijacked network traffic to steal credentials and tokens for Microsoft accounts and other services. The post Feds quash widespread...
Your PLCs aren't internet-connected, right? Right?! Iranian-affiliated actors have escalated intrusions targeting critical US water and energy facilities, in some cases disrupting operations, the...
The Russia-linked threat actor known as APT28 (aka Forest Blizzard) has been linked to a new campaign that has compromised insecure MikroTik and TP-Link routers and modified their settings to turn...