While there will be heated disagreements on how President Donald Trump’s new National Security Strategy characterizes America’s relationship with both China and Europe, few will disagree with the...
The Center for Cybersecurity Policy and Law (CCPL) has released a new report that examines the rise of malicious drone activity and potential gaps in the United States’ current counter-uncrewed...
The Space Force is putting top priority on training Guardians for fighting and winning in space, using both virtual environments and, in the future, a dedicated fleet of live satellites. “There...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting ASUS Live Update to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence...
ESET researchers discovered a China-aligned APT group, LongNosedGoblin, which uses Group Policy to deploy cyberespionage tools across networks of governmental institutions
Cisco has alerted users of a maximum-severity zero-day flaw in Cisco AsyncOS software that has been actively exploited by a China-nexus advanced persistent threat (APT) actor codenamed UAT-9686 in...
18-year-old platform crumbles under 94M daily requests while resellers flog £62 tests for £500 The UK's Driver and Vehicle Standards Agency (DVSA) has appointed a new chief exec to tackle...
Investigatory Powers Commissioner says reforms have failed to close oversight gaps The UK's Investigatory Powers Act 2016 (IPA) has several regulatory gaps that must be plugged in future...
The attack on Jaguar Land Rover affected about 5,000 organizations, as well as more than 100 other incidents, including some significant occurred in the transport and logistics sector.
The Minersville School District on Wednesday continued to investigate a ransomware attack that forced it to close schools for two days so far and left the district unable to access some of its...
Officials at the Ungava Tulattavik Health Centre (UTHC) in Kuujjuaq, Que., say a cyberattack in November compromised some client and staff information. Early analyses "indicated that no sensitive...
THE OFFICE OF the Ombudsman has taken its IT systems offline after being targeted in a “financially motivated” ransomware attack, with investigators operating on the basis that data may have been...
Threat actors with ties to the Democratic People's Republic of Korea (DPRK or North Korea) have been instrumental in driving a surge in global cryptocurrency theft in 2025, accounting for at least...
In March 2025, the French vehicle inspection company AUTOSUR suffered a data breach exposing over 10M customer records, though only 487k unique email addresses were present. The compromised data...
PornHub sent emails out to many users and published a statement warning that it was affected by a recent breach of data analytics service provider Mixpanel.
In August 2012, the forum for making money with botting "The Botting Network" suffered a data breach that exposed 96k user records. The now defunct vBulletin forum leaked 96k email addresses,...
Amadey, an established malware loader active since at least 2018, was observed downloading second-stage payloads from a hijacked self-hosted GitLab instance hosted on gitlab[.]bzctoons[.]net. The...
SonicWall has rolled out fixes to address a security flaw in Secure Mobile Access (SMA) 100 series appliances that it said has been actively exploited in the wild. The vulnerability, tracked as...
A new distributed denial-of-service (DDoS) botnet known as Kimwolf has enlisted a massive army of no less than 1.8 million infected devices comprising Android-based TVs, set-top boxes, and...
Attacker interest in the vulnerability is magnified by an unparalleled number of publicly available exploits, earning the defect the highest verified public exploit count of any CVE ever. The post...
No timeline for a patch Suspected Chinese-government-linked threat actors have been battering a maximum-severity Cisco AsyncOS zero-day vulnerability in some Secure Email Gateway (SEG) and Secure...
In July 2016, the Web Hosting Talk forum suffered a data breach that was subsequently listed for sale. The breach of the vBulletin based forum exposed 515k user records including usernames, email...
Plus: automated SBOMs, $250,000 bounties ahead interview No good idea - like rewarding open source software developers and maintainers for their contributions - goes unabused by cybercriminals,...
A Russian national was also indicted for running the platform. The post DOJ announces takedown of alleged laundering platform used by cybercriminal groups appeared first on CyberScoop.
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed vulnerabilities in Biosig Project Libbiosig, Grassroot DiCoM, and Smallstep step-ca.The vulnerabilities mentioned in this...
The Russian state-sponsored threat actor known as APT28 has been attributed to what has been described as a "sustained" credential-harvesting campaign targeting users of UKR[.]net, a webmail and...
The threat actor linked to Operation ForumTroll has been attributed to a fresh set of phishing attacks targeting individuals within Russia, according to Kaspersky. The Russian cybersecurity vendor...
Precious resources needed to respond to the next campus shooting or other mass-casualty incident could be strained by escalating swatting and bomb threats that intentionally cry wolf to disrupt...
Under a settlement with the FTC, the Nomad platform will have to redistribute stolen funds that white-hat hackers returned to the company after thieves aggressively exploited a vulnerability in 2022.
Key Takeaways The DFIR Report Services Contact us today for pricing or a demo! The intrusion began in early March 2025 with a single successful Remote Desktop Protocol (RDP) logon to an...