The U.S. Federal Bureau of Investigation (FBI) confirmed on Thursday that it's investigating a breach that affected systems used to manage surveillance and wiretap warrants. [...]
Of the 90 zero-days GTIG tracked in 2025, 43 hit enterprise tech Zero-day exploitation targeting enterprise tech products reached an all-time high last year, with China-linked cyber-espionage...
As the conflict in the Middle East continues to escalate, more than a dozen countries in the region have reportedly been affected by strikes.
Cisco has disclosed that two more vulnerabilities affecting Catalyst SD-WAN Manager (formerly SD-WAN vManage) have come under active exploitation in the wild. The vulnerabilities in question are...
The bureau didn’t provide any further details on the incident, which reportedly targeted a network for managing surveillance activity. The post FBI targeted with ‘suspicious’ activity on its...
Donald Trump said he would replace the secretary of the Department of Homeland Security. Noem's tenure was marked by aggressive anti-immigration tactics and ICE's killing of two US protestors.
HHS has updated its free RISC 2.0 toolkit with a new cybersecurity module, asking hospitals to assess digital threats alongside hurricanes, power failures and other hazards. The post HHS updates a...
Some weeks in cybersecurity feel routine. This one doesn’t. Several new developments surfaced over the past few days, showing how quickly the threat landscape keeps shifting. Researchers uncovered...
From a press release by HHS OCR: Today, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) announced a settlement with MMG Fusion, LLC (MMG), a Maryland software...
Thor analyzes CVE data from 2025 and provides recommendations for where and how organizations should strengthen their defenses.
MOIS-linked MuddyWater crew has a new, custom implant An Iranian cyber crew believed to be part of the Iranian Ministry of Intelligence and Security (MOIS) has been embedded in multiple US...
Most organizations assume encrypted data is safe. But many attackers are already preparing for a future where today’s encryption can be broken. Instead of trying to decrypt information now, they...
A China-linked advanced persistent threat actor tracked as UAT-9244 has been targeting telecommunication service providers in South America since 2024, compromising Windows, Linux, and...
A Greek court sentenced four Intellexa executives to prison for their role in a 2022 scandal that involved the use of Predator spyware against more than 90 public figures in the country. Citizen...
Executive Abstract Operational Technology (OT) convergence has eliminated the historical separation between digital compromise and physical consequence. As... The post The Decoupling Phase and the...
The 43-year-old Russian national ran a ransomware operation that impacted more than 1,000 victims globally. The conspiracy netted more than $39 million in extortion payments. The post Phobos...
New research from Macrium Software reveals that increased spending on cybersecurity in the manufacturing sector may be misplaced... The post Macrium reports manufacturers may be overinvesting in...
Fake OpenClaw installers hosted in GitHub repositories and promoted by Microsoft Bing's AI-enhanced search feature instructed users to run commands that deployed information stealers and proxy...
Multiple news outlets are reporting on Israel’s hacking of Iranian traffic cameras and how they assisted with the killing of that country’s leadership. The New York Times has an on the...
A suspected Iran-nexus threat actor has been attributed to a campaign targeting government officials in Iraq by impersonating the country's Ministry of Foreign Affairs to deliver a set of...
CVE-2025-61915 is a stack-based out-of-bounds write bug in CUPS (Common Unix Printing System). When exploited, an unauthorized user can modify cupsd.conf and add a malicious IPv6 address. CUPS,...
Organizations typically roll out multi-factor authentication (MFA) and assume stolen passwords are no longer enough to access systems. In Windows environments, that assumption is often wrong....
Getting DLP without giving up data control
Cal OES offers up to $250,000 to help California’s state, local, and tribal agencies strengthen their digital infrastructure against evolving cyber threats. Organizations must submit their...
The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis. [...]
Cybersecurity researchers have disclosed details of a new Russian cyber campaign that has targeted Ukrainian entities with two previously undocumented malware families named BadPaw and MeowMeow....
The vendor said it’s not aware of any active exploitation of the vulnerabilities, which could allow remote attackers to achieve root access and execute code. The post Cisco reveals 2 max-severity...
The phishing-as-a-service platform was popular among cyber threat actors because of its ability to bypass multi-factor authentication defenses.
Google Threat Intelligence Group said it tracked 90 zero-day vulnerabilities that were exploited by a variety of actors last year, surpassing the 78 that were used by threat actors in 2024.
Seven governments in the Global Coalition on Telecoms unveiled a set of 6G Security and Resilience Principles at... The post Global Coalition on Telecoms set 6G security rules as next-gen networks...