Lorenzo Franceschi-Bicchierai reports: Cybercriminals have allegedly stolen a large amount of sensitive internal documents from the Los Angeles Police Department and leaked the data online. The...

CUPS security advisory (AV26-326)

HPE security advisory (AV26-325)

Sami Khoury, a longtime Canadian cyber leader and the Government of Canada’s senior official for cybersecurity, says the threat environment now extends far beyond the systems and institutions that...

A new campaign delivering the Atomic Stealer malware to macOS users abuses the Script Editor in a variation of the ClickFix attack that tricked users into executing commands in Terminal. [...]

Artificial Intelligence (AI) company Anthropic announced a new cybersecurity initiative called Project Glasswing that will use a preview version of its new frontier model, Claude Mythos, to find...

The Citizen Lab submitted recommendations to the UN Working Group on the Use of Mercenaries. The post Submission to the UN Working Group on the Use of Mercenaries appeared first on The Citizen Lab.

Senior researcher Ksenia Ermoshina spoke to the New York Times about how Russians may start acquiescing to the limits imposed by state censorship. The post A Cat-and-Mouse Game of Russian Internet...

Naomi Diaz reports: Iowa Attorney General Brenna Bird has filed a lawsuit against Change Healthcare, alleging the company violated state consumer protection and data security laws in connection...

Security researchers discovered a remote code execution (RCE) vulnerability in Apache ActiveMQ Classic that has gone undetected for 13 years and could be exploited to execute arbitrary commands. [...]

The North Korea-linked persistent campaign known as Contagious Interview has spread its tentacles by publishing malicious packages targeting the Go, Rust, and PHP ecosystems. "The threat actor's...

Angus Loten reports: From Europe to the Middle East, geopolitical conflicts have companies rereading the fine print on insurance policies that deny coverage for wartime cyberattacks. Act-of-war...

Over on Codamail (fka Cotse.net), Steve Gielda has updated his research on VPN infrastructure and its implications for your privacy. From that article: The Question VPN providers market themselves...

George Allison reports: In a new advisory, the NCSC warned that APT28, a cyber group linked to Russia’s GRU Military Unit 26165, has been exploiting vulnerabilities in edge network devices to...

RTHK reports: Police said they have arrested a man working for a contractor commissioned by the Hospital Authority for allegedly stealing the personal data of tens of thousands of patients. The...

ChipSoft's website remains down but emails are functioning A Dutch healthcare software vendor has been knocked offline following a ransomware attack, officials say.…

U.S. cybersecurity agencies on Tuesday warned of ongoing cyber exploitation of internet-connected OT (operational technology) devices, including programmable... The post Ongoing cyberattacks...

Data from the FBI’s 2025 Internet Crime Report showed that cyber-enabled crime drained nearly US$21 billion from Americans,... The post FBI reports cyber threats to critical infrastructure...

This is news: A malicious supply chain compromise has been identified in the Python Package Index package litellm version 1.82.8. The published wheel contains a malicious .pth file...

OT cybersecurity firm Tosi disclosed that the average U.S. enterprise scores 35.9 out of 50, placing the field... The post Tosi reports US enterprises improve OT security maturity, but vendor...

Cyber risk intelligence company Bitsight announced that it has appointed John Clancy as its chief executive officer, effective... The post Bitsight names John Clancy as CEO to steer growth in...

Cisco Talos uncovered a cluster of activity we track as UAT-10362 conducting spear-phishing campaigns against Taiwanese non-governmental organizations (NGOs) and suspected universities to deliver...

Two practice web addresses appear to have been compromised Multiple domains belonging to Scottish healthcare providers have been hijacked and are now pushing links to adult content and illegal...

A $30,000 AI GPU doesn't outperform consumer GPUs at password cracking. Specops explains why attackers don't need exotic hardware to break weak passwords. [...]

Part 2 of 6: How resilience changes the channel model

Iran-affiliated cyber actors are targeting internet-facing operational technology (OT) devices across critical infrastructures in the U.S., including programmable logic controllers (PLCs),...

In this report, Kaspersky experts share their insights into the 2025 financial threat landscape, including regional statistics and trends in phishing, PC malware, and infostealers.

Another year of CERT Polska’s activities is behind us. It was a special one, as it marked the end of the third decade of our operations – we are celebrating our 30th anniversary! The year 2025 was...

In Telegram groups, men are sharing thousands of nonconsensual images of women and girls, buying spyware, and engaging in doxing and sexual abuse.

President Brad Smith tells an interviewer that Microsoft is reconsidering datacenter design in light of Iran war Microsoft is reevaluating how it designs and builds datacenters in conflict-prone...