Security Insights
Stay Ahead of
the Threat Landscape
Practical guidance on AI security, compliance frameworks, and cloud protection — written by practitioners who've worked inside Microsoft, AWS, Cisco, and JPMorgan Chase.
Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign
Attackers are actively exploiting a critical SQL injection vulnerability in Ghost CMS (CVE-2026-26980) to inject malicious JavaScript that delivers ClickFix social engineering attacks at scale. If you run Ghost CMS, you should immediately patch to the lat
Read articleLaravel Lang packages hijacked to deploy credential-stealing malware
Attackers compromised popular Laravel Lang localization packages and injected credential-stealing malware into them through manipulated GitHub version tags, distributing the malware to developers who installed these packages via Composer. If your organiza
Read articlenpm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks
npm has introduced two-factor authentication requirements for publishing packages and new controls that allow maintainers to restrict package installations, directly addressing the growing threat of supply chain attacks where attackers compromise develope
Read articlePackagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
Attackers compromised eight PHP packages on Packagist by injecting malware hosted on GitHub, exploiting the supply chain to potentially infect applications that depend on these libraries. You should immediately audit your dependencies on Packagist for any
Read articleItaly disrupts CINEMAGOAL piracy app that stole streaming auth codes
Italian authorities have shut down the CINEMAGOAL piracy app, which was stealing authentication credentials from major streaming services like Netflix, Disney+, and Spotify to provide unauthorized access. Your organization should monitor employee and cust
Read articleClaude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software
An AI system has identified approximately 10,000 high-severity vulnerabilities across widely used software applications, representing a significant security risk to organizations relying on these tools. You should immediately audit your software inventory
Read articleLaravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer
Attackers compromised popular Laravel-Lang PHP packages on package repositories and injected malicious code designed to steal credentials across Windows, macOS, and Linux systems. You should immediately audit your dependencies for these compromised packag
Read articleLiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root
A critical vulnerability in the LiteSpeed cPanel plugin allows attackers to execute arbitrary scripts with root-level privileges on affected servers, potentially giving them complete control over hosting infrastructure. Organizations using LiteSpeed with
Read articleNetherlands seizes 800 servers of hosting firm enabling cyberattacks
Dutch authorities arrested two men and seized 800 servers from a hosting company that was actively facilitating cyberattacks, disinformation campaigns, and interference operations, demonstrating that infrastructure providers can become critical enablers o
Read articleLawmakers Demand Answers as CISA Tries to Contain Data Leak
The Cybersecurity and Infrastructure Security Agency (CISA) experienced a significant data breach that has prompted congressional scrutiny, raising serious questions about the security of the government agency responsible for protecting critical infrastru
Read articleAkamai Joins Growing Chorus of Vendors Betting Big on Secure Enterprise Browsers
Akamai's acquisition of LayerX reflects a broader industry shift toward secure enterprise browsers as a critical security control, indicating that traditional network and endpoint defenses alone are no longer considered sufficient. You should evaluate whe
Read articleFormer US execs plead guilty to aiding tech support scammers
Two former executives of a call-tracking company pleaded guilty to helping orchestrate a years-long tech support scam that defrauded individuals worldwide, demonstrating how insider threats from trusted business leaders can enable large-scale fraud operat
Read articleVerizon DBIR: Healthcare Fends Off Increased Social Engineering Attacks
Healthcare organizations face a sharp rise in social engineering attacks designed to breach their systems, often as a precursor to ransomware infections and data theft. Your organization should strengthen employee security awareness training, enforce mult
Read articleChina's Webworm Uses Discord, Microsoft Graphs to Hack EU Governments
Chinese state-sponsored hackers known as Webworm have been infiltrating European government networks by abusing legitimate services like Discord and Microsoft Graph to hide their command-and-control communications and avoid detection. Organizations should
Read articleAlleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada
The alleged operator of the Kimwolf botnet, known online as "Dort," has been arrested and faces charges in both the United States and Canada for operating malicious infrastructure used to compromise and control multiple victim computers. Your organization
Read articleGoogle API Keys Remain Active After Deletion
Google API keys can continue to function for as long as 23 minutes after you delete them, creating a window where attackers could exploit a compromised key even after you believe it's been disabled. You should immediately rotate any exposed API keys rathe
Read articleAI Agents Are Shifting Identity Security Budget Dynamics
Organizations deploying AI agents are discovering that managing these AI identities requires different security approaches and budget allocations than traditional identity and access management systems, according to recent research. Business leaders and C
Read articleABB B&R Automation Studio
I cannot provide the requested summary because the article text provided does not contain substantive information about ABB B&R Automation Studio vulnerabilities or security threats—it only includes website configuration code and metadata. To write an acc
Read articleABB B&R PCs
I appreciate your request, but the article text provided appears to be corrupted or incomplete—it contains only website metadata and configuration code without the actual security advisory content about ABB B&R PCs vulnerabilities or threats. To write acc
Read articleABB Terra AC Wallbox
I appreciate your request, but I cannot complete this task as written. The article text provided appears to be corrupted or incomplete—it contains only website configuration code and metadata with no actual security vulnerability information about the ABB
Read articleCISA Admin Leaked AWS GovCloud Keys on Github
A CISA administrator accidentally exposed AWS GovCloud credentials on GitHub, providing potential attackers with access to sensitive government cloud infrastructure. Your organization should immediately audit any public repositories for exposed credential
Read articleThe Boring Stuff is Dangerous Now
AI agents are now able to find and exploit obscure vulnerabilities that humans would typically miss, while the explosion of AI-generated code is introducing more bugs and security flaws into systems at scale. You need to immediately strengthen your vulner
Read articleMiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems
A critical Windows vulnerability called MiniPlasma has been discovered that allows attackers to gain SYSTEM-level privileges even on fully patched systems, meaning standard security updates alone cannot currently protect against this threat. You should im
Read articleFour Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware
Four malicious npm packages recently discovered in the public repository were designed to steal sensitive information from developers and recruit compromised systems into a botnet capable of launching DDoS attacks. You should immediately audit your organi
Read articleMicrosoft confirms Windows 11 security update install issues
Microsoft's May 2026 security update (KB5089549) for Windows 11 is failing to install on some systems and generating 0x800f0922 error messages, leaving affected devices without critical security patches. You should immediately check whether your organizat
Read articleExploit available for new DirtyDecrypt Linux root escalation flaw
A critical Linux kernel vulnerability called DirtyDecrypt in the rxgk module allows unprivileged attackers to escalate their privileges to root level, and a working exploit is now publicly available. You should immediately check if your Linux systems are
Read articlePre-Stuxnet Fast16 Malware Tampered with Nuclear Weapons Simulations
Researchers have discovered that Fast16, a malware that predates Stuxnet, was used to compromise nuclear weapons simulation systems, demonstrating a sophisticated nation-state capability to infiltrate critical defense infrastructure. Organizations managin
Read articleHackers earn $1,298,250 for 47 zero-days at Pwn2Own Berlin 2026
Security researchers have discovered and publicly disclosed 47 previously unknown zero-day vulnerabilities affecting major software platforms including Microsoft Windows, Exchange, SharePoint, and Edge, as well as NVIDIA and Red Hat products. You should i
Read articleCan Laws Stop Deepfakes? South Korea Aims to Find Out
South Korea is testing whether new laws can effectively prevent deepfakes from spreading during its upcoming local elections, making it a real-world case study for how regulations might work globally. Your organization should monitor the outcomes of this
Read articleNew Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released
A critical Windows privilege escalation vulnerability called MiniPlasma has been publicly exploited, allowing attackers to gain full SYSTEM-level access even on fully patched Windows systems. You should immediately assess your Windows environment for sign
Read articleTycoon2FA hijacks Microsoft 365 accounts via device-code phishing
A new phishing attack called Tycoon2FA is targeting Microsoft 365 accounts by tricking users into approving device-code authentication requests, often delivered through compromised email tracking links from legitimate services like Trustifi. If attackers
Read articleNGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE
A critical vulnerability in NGINX CVE-2026-42945 is being actively exploited by attackers in the wild to crash worker processes and potentially execute remote code on affected systems. You should immediately audit your NGINX deployments to identify which
Read articleGrafana GitHub Token Breach Led to Codebase Download and Extortion Attempt
A compromised GitHub token allowed attackers to download Grafana's source code and subsequently attempt extortion, demonstrating how a single exposed credential can lead to broad access to sensitive intellectual property and create business continuity ris
Read articleMicrosoft rejects critical Azure vulnerability report, no CVE issued
A security researcher reported a critical Azure Backup for AKS vulnerability to Microsoft, but the company rejected the report and declined to issue a CVE number, despite evidence suggesting the vulnerability was quietly patched. Organizations using Azure
Read articleFunnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming
A critical vulnerability in the Funnel Builder plugin for WooCommerce is being actively exploited to inject malicious code into checkout pages, allowing attackers to steal customer payment information and sensitive data. Organizations using WooCommerce wi
Read articleRussian hackers turn Kazuar backdoor into modular P2P botnet
Russian threat actors have enhanced the Kazuar backdoor into a peer-to-peer botnet with modular capabilities designed for long-term persistence and stealth, making it significantly harder to detect and remove than traditional centralized malware. Organiza
Read articleCongress Puts Heat on Instructure After Canvas Outage
Instructure's Canvas learning platform experienced a significant cyberattack by the ShinyHunters group, which prompted Congressional scrutiny over the incident and its impact on educational institutions nationwide. Your organization should immediately ver
Read articleFunnel Builder WordPress plugin bug exploited to steal credit cards
A critical vulnerability in the Funnel Builder WordPress plugin is being actively exploited by attackers to inject malicious code into WooCommerce checkout pages, allowing them to steal customer credit card information. If you use this plugin on a WordPre
Read articleMicrosoft Exchange, Windows 11 hacked on second day of Pwn2Own
Security researchers demonstrated 15 previously unknown zero-day vulnerabilities in critical Microsoft and Linux products during a competitive hacking event, including exploits against Windows 11 and Microsoft Exchange systems that enterprise environments
Read articlePopular node-ipc npm package compromised to steal credentials
Attackers have compromised the popular node-ipc npm package by injecting malware into recent versions designed to steal user credentials in what is a significant supply chain attack. You should immediately audit your dependencies to identify if node-ipc i
Read articleTurla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access
The sophisticated Russian-linked Turla threat group has upgraded its Kazuar backdoor into a modular peer-to-peer botnet that enables persistent access to compromised networks while evading detection through distributed architecture. Organizations should i
Read articleFour OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence
Four security vulnerabilities in OpenClaw allow attackers to steal data, gain elevated system privileges, and maintain persistent access to compromised systems. If your organization uses OpenClaw, you should immediately apply available patches and audit s
Read articleCyber Pioneers Ponder Past as Prologue
The article reflects on two decades of cybersecurity insights from leading industry experts, highlighting how their past analysis and predictions have remained relevant to today's threat landscape. As a business leader or CISO, you should review these est
Read articleWhat 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface
I cannot complete this task because the article text provided appears to be corrupted or incomplete—it contains only font-face CSS declarations and no actual article content. To write accurate sentences summarizing the key finding and actionable advice, I
Read articleTanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates
Attackers compromised the TanStack open-source library and used it to deliver malware to at least two OpenAI employee machines, demonstrating how trusted software dependencies can be weaponized to breach even security-conscious organizations. You should i
Read articleTaiwan Bullet Train Hack Highlights Cybersecurity Gaps in Rail Systems
A cybersecurity student in Taiwan was able to disable three bullet trains for nearly an hour using consumer-grade software-defined radio equipment, demonstrating critical vulnerabilities in railway infrastructure that attackers could exploit at scale. Rai
Read articleSecurityScorecard Snags Driftnet to Level Up Threat Intelligence
SecurityScorecard has acquired Driftnet to enhance its ability to monitor third-party vendors and detect supply chain vulnerabilities before attackers can exploit them. Supply chain attacks are increasing in sophistication and frequency, making visibility
Read articleMaximum Severity Cisco SD-WAN Bug Exploited in the Wild
Cisco SD-WAN controllers are being actively attacked through a critical vulnerability that allows hackers to take complete control of your network infrastructure with no authentication required. If your organization uses Cisco SD-WAN, you should immediate
Read articleSiemens SIMATIC
I appreciate your request, but the article text provided appears to be corrupted or incomplete—it contains only HTML/JSON metadata and configuration code without any actual vulnerability details about Siemens SIMATIC systems. To provide you with meaningfu
Read articleSiemens Ruggedcom Rox
I appreciate you sharing this request, but the article text provided appears to be incomplete—it contains only website configuration code and metadata without the actual vulnerability details about Siemens Ruggedcom Rox. To write accurate and actionable g
Read articleSiemens gWAP
I appreciate your request, but the article text provided appears to be corrupted or incomplete—it contains only technical markup and configuration code without the actual security advisory content about Siemens gWAP. To write accurate and actionable sente
Read articleSiemens Siemens ROS#
I appreciate your request, but the article content provided appears to be corrupted or incomplete—it contains only technical metadata and JavaScript configuration code rather than actual article text about the Siemens ROS# vulnerability. Without the actua
Read articlePatch Tuesday, May 2026 Edition
I cannot provide the requested summary because the article text provided contains only website code and formatting markup with no actual article content about security patches or vulnerabilities. To write an accurate advisory for business leaders and CISO
Read articleTrickMo Android banker adopts TON blockchain for covert comms
TrickMo, an Android banking malware now active across Europe, has evolved to use the TON blockchain for command-and-control communications, making it significantly harder for security teams to detect and block malicious commands through traditional networ
Read articleFake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads
A malicious repository impersonating an OpenAI privacy filter tool ranked first on Hugging Face and was downloaded over 244,000 times, demonstrating how attackers can exploit trusted platforms and brand recognition to distribute compromised code at scale.
Read articleHackers abuse Google ads, Claude.ai chats to push Mac malware
Attackers are using malicious Google Ads and fake Claude.ai shared chat links to distribute Mac malware, targeting users who search for legitimate Claude downloads. Organizations and Mac users should verify they are visiting official websites directly rat
Read articlePolice shut down reboot of Crimenetwork marketplace, arrest admin
German authorities shut down a relaunched criminal marketplace called Crimenetwork that had generated over 3.6 million euros in illicit transactions and arrested its operator. Organizations should monitor for similar marketplace reboots and ensure their s
Read articleOllama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak
Ollama, a popular AI model tool, contains a vulnerability that allows attackers to remotely read sensitive data directly from the application's memory without proper authorization. Organizations using Ollama should immediately update to the latest patched
Read articleJDownloader site hacked to replace installers with Python RAT malware
Attackers compromised the official JDownloader website and replaced legitimate installers with malicious versions containing a Python-based remote access trojan that gives criminals full control over infected computers. If you or your organization has dow
Read articleFake OpenAI repository on Hugging Face pushes infostealer malware
Attackers created a fake OpenAI repository on Hugging Face that impersonated a legitimate "Privacy Filter" project and distributed information-stealing malware to Windows users, even reaching the platform's trending list. Your organization should verify t
Read articlecPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now
cPanel and WHM have released patches to address three new vulnerabilities that could expose your hosting infrastructure to attack if left unpatched. You should apply these security updates immediately to all cPanel and WHM installations across your organi
Read articleShinyHunters Claims Second Attack Against Instructure
The threat actor ShinyHunters has claimed a second successful attack against Instructure, an education technology company, indicating either persistent vulnerabilities in their systems or a pattern of repeated compromise that the company has not adequatel
Read articleTCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms
A banking trojan called TCLBANKER is spreading through WhatsApp and Outlook by exploiting these messaging platforms as worms to infect users and steal financial credentials from banking applications. You should train employees to be suspicious of unexpect
Read articleFake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads
Malicious apps disguised as call history tools were downloaded 7.3 million times from the Google Play Store and fraudulently charged users money without authorization. You should regularly audit app permissions and payment methods on employee and personal
Read articleCanvas Breach Disrupts Schools & Colleges Nationwide
Canvas, a widely used learning management system in schools and colleges, has experienced a breach that is disrupting institutions nationwide and potentially exposing sensitive student and staff data. Educational institutions using Canvas should immediate
Read articleAfter Replacing TeamPCP Malware, 'PCPJack' Steals Cloud Secrets
A new malware variant called PCPJack has emerged as a successor to TeamPCP and is specifically designed to steal cloud credentials and secrets from compromised systems. Organizations should immediately audit their cloud access logs and credential storage
Read articleHas CISA Finally Found Its New Leader in Tom Parker?
CISA is undergoing leadership changes as Tom Parker is considered for the director role, which is significant because stable, experienced leadership at the nation's cybersecurity agency directly affects how effectively threats are identified and communica
Read article'TrustFall' Convention Exposes Claude Code Execution Risk
Researchers have discovered that Anthropic's Claude AI model can be manipulated through a technique called "TrustFall" to execute arbitrary code, potentially allowing attackers to compromise systems that rely on Claude for processing untrusted inputs. Org
Read articleAI-Driven Cyberattack on Mexico Couldn't Breach OT Systems
An AI-driven cyberattack targeting Mexico demonstrated that attackers are now using artificial intelligence to conduct sophisticated operations, though in this case the attack failed to penetrate operational technology systems that control critical infras
Read articleMAXHUB Pivot Client Application
I cannot generate the requested summary because the article text provided is incomplete and contains only technical code/metadata rather than substantive security information about the MAXHUB Pivot Client Application vulnerability. To write accurate and r
Read articleABB B&R Automation Runtime
I appreciate you providing the source material, but the article text appears to be incomplete or corrupted—it contains only website configuration code and metadata rather than actual threat information about ABB B&R Automation Runtime. To provide you with
Read articleGlobal Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M
Law enforcement agencies worldwide have arrested 276 individuals and dismantled 9 major cryptocurrency scam operations that defrauded victims of over $701 million, demonstrating that crypto fraud rings are increasingly becoming targets of coordinated inte
Read articleInstructure confirms data breach, ShinyHunters claims attack
Instructure, a major educational technology provider whose Canvas platform serves millions of students and educators, has suffered a data breach with the ShinyHunters extortion gang claiming responsibility for stealing sensitive data. Educational institut
Read articleMicrosoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha
Microsoft Defender is incorrectly identifying legitimate DigiCert root certificates as the Trojan:Win32/Cerdigent.A!dha malware, causing false-positive alerts and in some cases automatically removing trusted certificates from Windows systems. You should m
Read articleTelegram Mini Apps abused for crypto scams, Android malware delivery
Cybercriminals are exploiting Telegram's Mini App feature to conduct cryptocurrency scams, impersonate legitimate brands, and distribute Android malware at scale. Business leaders and security teams should warn employees against clicking links or engaging
Read articleCISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV
A critical Linux vulnerability (CVE-2026-31431) that allows attackers to gain root-level access is now actively being exploited in the wild, and CISA has added it to its Known Exploited Vulnerabilities catalog as a priority threat. You should immediately
Read articleCritrical cPanel flaw mass-exploited in "Sorry" ransomware attacks
A critical vulnerability in cPanel identified as CVE-2026-41940 is currently being actively exploited by attackers to deliver the "Sorry" ransomware, allowing them to breach websites and encrypt sensitive data. Organizations using cPanel should immediatel
Read articleConsentFix v3 attacks target Azure with automated OAuth abuse
ConsentFix v3 is an automated attack targeting Azure environments that exploits OAuth authentication by tricking users into granting malicious applications access to their accounts through phishing and consent abuse. Organizations using Azure should stren
Read articleTrellix Confirms Source Code Breach With Unauthorized Repository Access
Trellix has confirmed that attackers gained unauthorized access to its source code repositories, exposing the internal code and potentially sensitive development information used in their security products. Organizations using Trellix software should imme
Read article76% of All Crypto Stolen in 2026 Is Now in North Korea
North Korean hackers stole the vast majority of all cryptocurrency stolen globally in 2026, demonstrating their growing sophistication and capability to execute large-scale attacks, possibly enhanced by AI tools. Your organization should assume that any e
Read article30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign
Attackers successfully compromised 30,000 Facebook accounts by conducting a phishing campaign that impersonated Google AppSheet, a legitimate Google platform, to steal user credentials. Your organization should immediately educate employees about phishing
Read articleIf AI's So Smart, Why Does It Keep Deleting Production Databases?
AI systems are being deployed into critical production environments—like databases—without adequate security testing, leading to accidental data deletion and other destructive actions. You should implement strict controls and thorough security validation
Read articleCybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks
Cybercriminals are combining voice phishing (vishing) with single sign-on account compromise to rapidly infiltrate SaaS environments and demand ransom payments before extracting or deleting data. Your organization should strengthen multi-factor authentica
Read articleName That Toon: Mark of (Security) Progress
I appreciate the request, but the article you've provided appears to be a caption contest announcement rather than substantive cybersecurity news or research with a key finding or threat. There is no security threat, vulnerability, or actionable guidance
Read article20 Years in Cyber: Dark Reading Marks Milestone With Month of Special Coverage
Dark Reading is marking its 20th anniversary of covering the cybersecurity industry, offering a month of special coverage to reflect on two decades of security news and trends. As a business leader or CISO, this is a good opportunity to review Dark Readin
Read articleCareful Adoption of Agentic AI Services
Agentic AI systems—AI that can autonomously take actions and make decisions with minimal human oversight—introduce significant security risks that organizations need to carefully evaluate before deployment. You should establish clear governance frameworks
Read articleTeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack
Attackers have compromised multiple npm packages used by SAP developers, expanding a known threat group's ability to inject malicious code into enterprise applications through the software supply chain. Your development teams should immediately audit thei
Read articleAnti-DDoS Firm Heaped Attacks on Brazilian ISPs
An anti-DDoS security firm was caught launching denial-of-service attacks against Brazilian internet service providers, revealing a serious breach of trust where a company meant to protect infrastructure was instead weaponizing its capabilities to harm cl
Read articleABB PCM600
I appreciate your request, but the article text provided appears to be corrupted or incomplete—it contains only HTML metadata and JavaScript configuration code rather than actual content about ABB PCM600 vulnerabilities or security findings. Without the s
Read articleABB Ability OPTIMAX
I appreciate you sharing this request, but I cannot complete it as written. The article text provided appears to be corrupted or incomplete—it contains only website code and configuration data rather than actual content about ABB Ability OPTIMAX security
Read articleABB AWIN Gateways
ABB AWIN Gateways contain security vulnerabilities that could allow attackers to compromise these industrial control devices and gain unauthorized access to critical infrastructure systems. Organizations using ABB AWIN Gateways should immediately check CI
Read articleFake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Drive Global SMS, Crypto Fraud
Criminals are using fake CAPTCHA prompts and a fraud-as-a-service platform called Keitaro to trick users into divulging sensitive information for SMS-based and cryptocurrency scams at global scale. Your organization should train employees to be suspicious
Read articleAmerican utility firm Itron discloses breach of internal IT network
Itron, a critical infrastructure company serving American utilities, has disclosed that unauthorized attackers gained access to its internal IT network systems. If your organization uses Itron's products or services, you should monitor for any suspicious
Read articleMicrosoft rolls out revamped Windows Insider Program
Microsoft has revamped its Windows Insider Program as part of efforts to address performance and reliability issues in Windows 11. Organizations should monitor this program closely if they have users participating in early Windows builds, as changes to th
Read articleThreat actor uses Microsoft Teams to deploy new “Snow” malware
A threat group called UNC6692 is using Microsoft Teams and social engineering tactics to deliver a new malware suite called "Snow," which includes a browser extension, tunneler, and backdoor capable of stealing data and maintaining persistent access to in
Read articleResearchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software
Researchers have discovered a sophisticated malware called "fast16" that predates the infamous Stuxnet attack and was specifically designed to target engineering and industrial control software, suggesting a long history of advanced cyberattacks against c
Read articleCISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline
CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities catalog and mandated that all federal agencies patch these flaws by May 2026, indicating these vulnerabilities are actively being exploited in the wild by attackers. You should
Read articleADT confirms data breach after ShinyHunters leak threat
ADT, a major home security provider, has confirmed that attackers from the ShinyHunters group stole customer data and are threatening to release it unless a ransom is paid. If you use ADT services, monitor your accounts for suspicious activity and conside
Read articleHelping Romance Scam Victims Require a Proactive, Empathic Approach
Romance scammers are targeting vulnerable people and leaving victims isolated with little support from institutions that could help them, according to law enforcement and support experts. Your organization should establish clear protocols for identifying
Read articleFirestarter malware survives Cisco firewall updates, security patches
U.S. and U.K. cybersecurity agencies are warning that Firestarter malware can persist on Cisco Firepower and Secure Firewall devices even after security patches and updates are applied, meaning standard remediation efforts may not fully eliminate the thre
Read articleReady to apply this to your business?
Reading about security is one thing. Having an expert assess your actual environment is another.
Get a Free Security Audit