Microsoft has confirmed user reports that the Teams team collaboration app is displaying non-dismissible location prompts on some macOS systems. [...]
ESET researchers identified renewed activity from FrostyNeighbor, a long-running cyberespionage actor apparently aligned with Belarusian interests, targeting Ukrainian... The post Belarus-aligned...
Artificial intelligence is rapidly becoming both a defensive necessity and a strategic risk factor for critical infrastructure operators... The post AI-powered cyber threats overwhelm human...
Not by name, but Laurie Anderson quotes me in one of the tracks of her new album: My favorite quote is from a cryptologist who said “If you think technology will solve your problems, you don’t...
In yet another software supply chain attack, threat actors have compromised the popular GitHub Actions workflow, actions-cool/issues-helper, to run malicious code that harvests sensitive...
CERT Polska has received a report about 5 vulnerabilities (from CVE-2026-42096 to CVE-2026-42100) found in Sparx Systems products: Pro Cloud Server and Enterprise Architect.
Threat actors earlier today published more than 600 malicious packages to the Node Package Manager (npm) index as part of a new Shai-Hulud supply-chain campaign. [...]
Cybersecurity researchers have discovered a fresh software supply chain attack campaign that has compromised various npm packages associated with the @antv ecosystem as part of the ongoing Mini...
Convenience store chain giant 7-Eleven confirmed that its systems were breached in a cyberattack claimed by the ShinyHunters extortion group last month. [...]
Cisco Talos has uncovered a BadIIS variant — identifiable by its embedded "demo.pdb" strings — that functions as commodity malware, likely sold or shared among multiple Chinese-speaking cyber...
Microsoft's total vulnerability count stayed steady in 2025, but critical flaws surged year over year. BeyondTrust breaks down why attackers are increasingly focused on privilege escalation and...
We completed an investigation of unauthorized activity on our computer network. Upon learning of the activity on January 14, 2026, we took action to contain it, began an investigation, and...
On March 4, 2026, Perrigo detected a cyber security incident targeting two employee email accounts. Upon learning of the incident, we immediately contained and remediated the unauthorized access...
On February 12, 2026, Boston Capital began reviewing a claim involving potential unauthorized access to certain files on its computer network. After receiving this information, Boston Capital had...
Starting May 19, tech platforms in the US will have to start complying with the Take It Down Act. Here's how more than a dozen of the largest platforms are handling takedown demands for your nudes.
On January 11, 2026, we were alerted to suspicious activity potentially impacting our network. In response, we launched an investigation and engaged third-party experts to assist. We also took...
On March 21, 2026, we learned that a threat actor group had accessed and encrypted the network at one of our office locations. We immediately informed our IT Security Consultants and shut down our...
The 2026 Verizon Data Breach Investigations Report (DBIR) reveals a troubling trend: vulnerability exploitation has surged to become the number one initial access vector while remediation rates...
How Symantec’s new DSPM solution makes understanding data—and protecting it—easier than ever
How Symantec’s new DSPM solution makes understanding data—and protecting it—easier than ever
A complete decoupling from US technology is neither realistic nor necessary, but the changing environment does require nations and companies to reassess their relationships and dependencies
Multi-ecosystem supply chain compromise by TeamPCP targets GitHub, NPM, and VSCode to steal credentials and establish persistence.
IT teams are increasingly overwhelmed by alerts from disconnected systems, forcing responders to manually coordinate investigations during network incidents. This webinar explores how automation...
Microsoft says customers in restricted network environments may encounter Windows Update failures after installing the January 2026 optional non-security preview updates. [...]
HDFC Asset Management Company Ltd (HDFC AMC) on Monday disclosed a cyber-security incident at its IT infrastructure after receiving a communication from an anonymous source claiming access to...
The venue detected an attack on its network on Saturday and responded by taking its systems offline. The theater indicated that some performances would be rescheduled, though specific details had...
This is to inform you of a potential cyber security incident caused by suspected ransomware attack on the Company’s IT infrastructure & network, identified on May 16, 2026. Independent firm...
European law enforcement authorities have dismantled a large-scale online propaganda network linked to Iran’s Islamic Revolutionary Guard Corps... The post Europol dismantles IRGC-linked online...
While also spoofing all the trusted domains - Apple, Microsoft, and Google - in the same attack
In April 2026, data allegedly obtained from CTT, Portugal's national postal service, was posted to a public hacking forum. The data included 468k unique email addresses along with names, phone...