The Drift Protocol lost at least $280 million after a threat actor took control of its Security Council administrative powers in a planned, sophisticated operation. [...]

During this quarter, the percentage of ICS computers on which worms in email attachments were blocked increased in all regions of the world.

Multiple vulnerabilities have been discovered in Progress ShareFile, which when chained together, could allow for remote code execution. Progress ShareFile is a secure, cloud-based content...

Written by: Stuart Carrera Introduction Building on recent BRICKSTORM research from Google Threat Intelligence Group (GTIG), this post explores the evolving threats facing virtualized...

Hackers got into the Minot water treatment plant computer system earlier this month, but city officials stressed the water stayed safe and the plant never stopped operating. City Manager Tom Joyce...

While much ink has been spilled over how 3D printing has enabled intense drone-on-drone warfare in Ukraine, the U.S. defense and intelligence communities have overlooked a stealthier development:...

Iranian hackers are now taking their psychological warfare tactics directly to government officials and employees at major companies. Even unproven threats from Iranian hackers can create fear,...

President Trump threatened to annihilate Iran’s energy infrastructure if its leaders refuse to agree to a peace deal in the coming weeks, reiterating a threat that many legal experts say would...

The FBI last week deemed a recent China-linked cyber intrusion into a sensitive agency surveillance system a “major incident,” meaning it poses significant risks to U.S. national security,...

An episode of the Talos Threat Perspective on the 2025 Year in Review trends. We explore how identity is being used to gain, extend, and maintain access inside environments.

Identity attacks are rising as trust expands — learn how to detect misuse, close gaps, and defend beyond authentication.

Analysis of DPRK-linked LNK-based attacks using GitHub as covert C2 infrastructure, detailing multi-stage PowerShell execution, persistence mechanisms, and data exfiltration techniques targeting...

Apple on Wednesday expanded the availability of iOS 18.7.7 and iPadOS 18.7.7 to a broader range of devices to protect users from the risk posed by a recently disclosed exploit kit known as...

An expert says Ukraine’s cyber defense offers a hard-earned lesson for the United States: stop assuming good defense means stopping every attack. On a recent episode of Cyber Focus, Greg Rattray...

CERT Polska has received a report about 2 vulnerabilities (CVE-2026-26927, CVE-2026-26928) found in Szafir software.

New data from ESET shows that 78% of U.K. manufacturers experienced a cybersecurity incident in the last 12... The post ESET reports 78% of UK manufacturers face cyber incidents as disruption...

Researchers warn that residential proxies used to route malicious traffic are a big problem for IP reputation systems, as there is no clear distinction between attackers and legitimate users. [...]

Hitachi Digital Services announced it is strengthening its operational technology (OT) and information technology (IT) integration via the... The post Hitachi Digital Services boosts OT-IT...

Industrial cybersecurity firm Dragos Inc. announced on Wednesday the appointment of Kaori Nieda as its first Country Manager in Japan.... The post Dragos appoints Kaori Nieda as country manager to...

Multiple vulnerabilities have been discovered in Cisco products, the most severe of which could allow for arbitrary code execution. Cisco Smart Software Manager On‑Prem is a centralized Cisco tool...

Wired writes (alternate source): Security researchers at Google on Tuesday released a report describing what they’re calling “Coruna,” a highly sophisticated iPhone hacking toolkit that includes...

Threat actors are exploiting vacant homes as "drop addresses" to intercept mail and enable fraud. Flare shows how postal services and fake identities are abused to turn mail into a fraud vector. [...]

Talos is disclosing a large-scale automated credential harvesting campaign carried out by a threat cluster we currently track as UAT-10608. The campaign is primarily leveraging a collection...

This blog provides an in-depth analysis of the malicious “msimg32.dll” used in Qilin ransomware attacks, which is a multi-stage infection chain targeting EDR systems.

A conversation between Cisco Talos and Cisco Security leaders on the 2025 threat landscape, from identity attacks and legacy vulnerabilities to AI-driven threats, and what defenders should prioritize now.

There were 134 ransomware incidents reported in Japan in 2025, representing a 17.5% year-over-year increase from 2024.

A WIRED analysis of DHS records identified dozens of specialized federal agents who used force against US civilians during the largest known deployment of its kind in US history.

Two vulnerabilities in Progress ShareFile, an enterprise-grade secure file transfer solution, can be chained to enable unauthenticated file exfiltration from affected environments. [...]

Stryker Corporation, one of the world's leading medical technology companies, says it's fully operational three weeks after many of its systems were wiped out in a cyberattack claimed by the...

Connected devices can leave an otherwise secure network vulnerable Pwned Welcome to Pwned, The Register's new column, where we highlight the worst infosec own goals so you can, hopefully, protect...