The 28-year-old, who’d been employed by the Defense Intelligence Agency since 2019, specialized in insider threats and had top secret security clearance, officials said. The post US intelligence...
Three hospitals run by Catholic healthcare organization Covenant Health are dealing with a cyberattack that forced the facilities to shut off all access to data systems.
Plus: An Iranian man pleads guilty to a Baltimore ransomware attack, Russia’s nuclear blueprints get leaked, a Texas sheriff uses license plate readers to track a woman who got an abortion, and more.
The lawmakers say the January purge has left the United States blind on the nature of the historic Salt Typhoon telecommunications breach. The post Four Senate Democrats call on DHS to reinstate...
Several Senate Democrats called on Homeland Security Secretary Kristi Noem to reestablish the Cyber Safety Review Board (CSRB) so it could continue looking into China-linked hacks.
The China-linked threat actor behind the recent in-the-wild exploitation of a critical security flaw in SAP NetWeaver has been attributed to a broader set of attacks targeting organizations in...
The landmark trial between WhatsApp and NSO Group unearthed several new revelations.
Breaking Out of the Security Mosh Pit When Jason Elrod, CISO of MultiCare Health System, describes legacy healthcare IT environments, he doesn't mince words: "Healthcare loves to walk backwards...
CERT Polska has received a report about 3 vulnerabilities (from CVE-2024-13915 to CVE-2024-13917) found in applications preloaded on Ulefone and Krüger&Matz smartphones.
Hackers reportedly accessed Wiles' phone contacts, which were used to impersonate her.
Two critical vulnerabilities affecting the open-source forum software vBulletin have been discovered, with one confirmed to be actively exploited in the wild. [...]
New research from Claroty’s Team82 uncovered critical security vulnerabilities in the Allen-Bradley (Rockwell Automation) PowerMonitor 1000, revealing an... The post Critical Rockwell PowerMonitor...
As geopolitical tensions sharpen and cyber operations move into the shadows of critical infrastructure, non-profit organization MITRE published... The post MITRE sounds alarm on cyber war threats...
Exposure management company Tenable announced its intent to acquire Apex Security Inc., a vendor for securing the rapidly... The post Tenable to acquire Apex Security to tackle expanding AI threat...
A new feature has customers worried, but T-Mobile says it's meant to be helpful. Either way, you can disable it. Here's how.
Australian firms with an annual turnover of AUS $3m are now required to report any payments to ransomware groups to authorities
Microsoft announced today that the Windows 11 Notepad application is getting a text formatting feature supporting Markdown-style input. [...]
Part 2 of 2: This step-by-step guide will make SSO easy–and more secure
The elusive boss of the Trickbot and Conti cybercriminal groups has been known only as “Stern.” Now, German law enforcement has published his alleged identity—and it’s a familiar face.
The U.S. Department of Treasury's Office of Foreign Assets Control (OFAC) has levied sanctions against a Philippines-based company named Funnull Technology Inc. and its administrator Liu Lizhi for...
Alleged TikTok Breach: Threat actor “Often9” claims to sell 428M user records, including emails, phones, and account details on dark web forum.
Five major banking associations in the US claim the new SEC cyber incident disclosure rule puts a strain on their resources
Threat actors often exploit cloud services for C2 to disguise their actions as normal, legitimate traffic. The nefarious Chinese state-backed APT41 hacking collective has been observed employing...
An international law enforcement operation has taken down AVCheck, a service used by cybercriminals to test whether their malware is detected by commercial antivirus software before deploying it...
Imagine a single rogue line of code slipping past your tired eyes - and suddenly your entire app is compromised. AI coding agents could be the silent saboteurs of the next big cybersecurity crisis.
Robbinhood operator pleads guilty, PumaBot hits IoT via SSH brute-force attacks, and DragonForce expands RMM exploits via an affiliate model.
This report contains statistics on vulnerabilities and published exploits, along with an analysis of the most noteworthy vulnerabilities we observed in the first quarter of 2025.
Australia is now the first country to require ransomware victims to report if they make any extortion payments to their attackers.
The Federal Criminal Police Office of Germany (Bundeskriminalamt or BKA) claims that Stern, the leader of the Trickbot and Conti cybercrime gangs, is a 36-year-old Russian named Vitaly Nikolaevich...
ConnectWise, the developer of remote access and support software ScreenConnect, has disclosed that it was the victim of a cyber attack that it said was likely perpetrated by a nation-state threat...