THE DIGITAL SHADOW: How America’s Roadside Surveillance Is Evolving Beyond License Plates Artificial Intelligence
FBI AND CISA WARN OF CONTINUING RUSSIAN CYBER CAMPAIGN TARGETING COMMERCIAL MESSAGING APP USERS Blogging
OPERATION ENDGAME DISRUPTS GLOBAL CYBERCRIME INFRASTRUCTURE SUPPORTING STEALC, AMADEY, AND SOCGHOLISH MALWARE Blogging
CISA ADDS FOUR ACTIVELY EXPLOITED VULNERABILITIES TO KNOWN EXPLOITED VULNERABILITIES CATALOG Blogging
TATA ELECTRONICS CONFIRMS CYBERSECURITY INCIDENT AS CYBERCRIMINALS CLAIM THEFT OF CLIENT DOCUMENTS Blogging
CISA WARNS OF FORTIBLEED CREDENTIAL EXPOSURE IMPACTING TENS OF THOUSANDS OF FORTINET DEVICES Blogging
HACKERS COMPILE DATABASE OF MORE THAN 30,000 WORKING FORTINET LOGINS IN GLOBAL CYBERESPIONAGE CAMPAIGN Blogging
INTERNATIONAL CYBER OPERATION DISRUPTS MALWARE NETWORK LINKED TO RUSSIA’S EVIL CORP HACKING GROUP Blogging
GITHUB REJECTED REPORTS ON DESIGN ISSUES NOW ALLEGEDLY BEING USED BY SHAI-HULUD SUPPLY-CHAIN CAMPAIGNS, RESEARCHERS SAY Blogging
Russian National Linked to Void Blizzard Cyberespionage Campaign Appears in U.S. Federal Court Blogging
CISA ADDS ACTIVELY EXPLOITED JOOMLA VULNERABILITY TO KNOWN EXPLOITED VULNERABILITIES CATALOG Blogging
DOJ AND FBI SEIZE 13 WEBSITES USED IN ALLEGED CHINESE INTELLIGENCE RECRUITMENT OPERATION TARGETING U.S. SECURITY CLEARANCE HOLDERS Blogging
CISA ADDS ACTIVELY EXPLOITED IVANTI SENTRY VULNERABILITY TO KNOWN EXPLOITED VULNERABILITIES CATALOG Blogging
Inside the FBI’s Kinetic Cyber Range: How the Bureau Is Training Investigators for the Digital Age Blogging
FBI Supports International Takedown of VPN Service Allegedly Used by Ransomware Groups in Global Cybercrime Operations Blogging
Cyber Espionage Group Uses Fake Romance Schemes to Target Russian Military Personnel Through Telegram Malware Campaign Blogging
CISA Adds Three Actively Exploited Vulnerabilities to KEV Catalog Affecting Arista EOS, Google Chromium V8, and Cisco SD-WAN Infrastructure Blogging
WhatsApp Accuses NSO Group of Violating Federal Injunction Through Alleged Spearphishing Operations Targeting Users Blogging
CISA Adds SolarWinds Serv-U Vulnerability to KEV Catalog Following Confirmed Active Exploitation Activity Blogging
Former Connecticut IT Consultant Pleads Guilty in Computer Intrusion and Fraud Scheme Targeting Funeral Services Business Blogging
Red Hat Removes Compromised Packages After Supply Chain Attack Targets Developer Credentials Blogging
CISA Issues Active Exploitation Warning for Mirasvit Deserialization Vulnerability Added to KEV Catalog Blogging
Federal Watchdog Warns NIST Vulnerability Database Failures Are Undermining U.S. Cybersecurity Blogging
CISA Adds Actively Exploited Palo Alto Networks PAN-OS Authentication Bypass Vulnerability to KEV Catalog Blogging
FBI Warns of Spoofed FIFA Websites and Expanding Cyber Fraud Campaign Ahead of 2026 World Cup Blogging
TRJ Cybersecurity: The 2026 Cyber Threat Landscape β AI Malware, Multi-Extortion, and the Escalating Targeting of Defense and Law Enforcement Infrastructure Artificial Intelligence
U.S. Cyber Command Launches Internal and External Reviews as Pentagon Accelerates CYBERCOM 2.0 Modernization Efforts Blogging
CISA Adds Three Known Exploited Vulnerabilities to KEV Catalog Following Active Exploitation Activity Blogging
Former IT Contractor Sentenced to Federal Prison After Retaliatory Cyberattack Locked Thousands of Employees Out of Corporate Network Blogging
CISA Adds Actively Exploited Drupal Core SQL Injection Vulnerability to KEV Catalog Active Exploitation
UK Computer Misuse Act Reform Draws Industry Pressure Over Scope of Cybersecurity Research Protections Artificial Intelligence
CISA Adds Seven Known Exploited Vulnerabilities to KEV Catalog Following Active Exploitation Activity Blogging
FBI Warns of ShinyHunters Cyber Threat Following Attack on National Learning Management System Blogging
ScadaBR ICS Platform Exposed to Critical Remote Code Execution Vulnerabilities Affecting Industrial Infrastructure Environments Blogging
ZKTeco CCTV Cameras Exposed to High-Severity Authentication Bypass Vulnerability Affecting Surveillance Infrastructure Blogging
CISA Orders Federal Agencies to Patch Actively Exploited Cisco SD-WAN Vulnerability by Sunday AI Threat Intelligence
CISA Adds Microsoft Exchange Server Vulnerability to KEV Catalog Following Active Exploitation Activity Blogging
OPENAI ROTATES macOS CERTIFICATES AFTER MINI SHAI-HULUD SUPPLY CHAIN BREACH IMPACTS INTERNAL DEVELOPMENT ENVIRONMENT Artificial Intelligence
Copper Theft Surge Targeting EV Charging Infrastructure Prompts Federal Cross-Sector Security Alert Blogging
West Pharmaceutical Hit by Ransomware Attack Disrupting Global Manufacturing and Distribution Operations Blogging
Critical ABB AC500 PLC Vulnerability Exposes Industrial Systems to Potential Remote Code Execution Attacks Blogging
ABB Automation Builder Gateway Vulnerability Exposes Industrial Control Environments to Remote PLC Discovery Risks Blogging
Multiple Critical ABB AC500 V3 Vulnerabilities Expose Industrial Control Systems to Access Bypass, Certificate Manipulation, and Denial-of-Service Risks Blogging
MAXHUB Pivot Client Application Exposed by Cryptographic Weakness in Newly Released ICS Advisory Blogging
CI FORTIFY: CISA WARNS CRITICAL INFRASTRUCTURE OPERATORS TO PREPARE FOR COMMUNICATIONS FAILURE, OT SABOTAGE, AND LONG-DURATION GEOPOLITICAL CYBER CONFLICT Blogging
POLISH INTELLIGENCE CONFIRMS CYBERATTACKS AGAINST WATER TREATMENT SYSTEMS AS INFRASTRUCTURE SABOTAGE THREATS ESCALATE ACROSS NATO TERRITORY Blogging
ICS Advisory: Johnson Controls CEM AC2000 Privilege Escalation Vulnerability Exposes Access Control Systems Across Critical Sectors Blogging
ICS Advisory: Hitachi Energy PCM600 Vulnerability Enables Path Traversal Risk Across Energy Sector Infrastructure Blogging
CISA KEV Update β Active Exploitation Confirmed in Linux Kernel Vulnerability (CVE-2026-31431) Blogging
Freight Hijacking Networks Scale to $725M in Losses Through Broker Impersonation and Load Board Compromise Blogging
FRANCE NATIONAL IDENTITY BREACH: IDOR FLAW IN ANTS API ENABLES MASS RECORD EXPOSURE; MINOR SUSPECT CHARGED Blogging
ICS ADVISORY: ABB PCM600 PATH TRAVERSAL FLAW ENABLES ARBITRARY CODE EXECUTION IN CONTROL ENVIRONMENTS Blogging
ICS ADVISORY: ABB OPTIMAX AUTHENTICATION FLAW ENABLES SSO BYPASS IN CRITICAL INFRASTRUCTURE SYSTEMS Blogging
ICS ADVISORY: ABB IEC 61850 STACK VULNERABILITY ENABLES DEVICE FAULT AND DENIAL-OF-SERVICE CONDITIONS Blogging
MOLDOVA HEALTH SYSTEM BREACH: NATIONAL INSURANCE DATABASE TARGETED IN SUSPECTED DATA EXFILTRATION EVENT Blogging
PENTAGON ADVANCES AI IN WARFARE SYSTEMS AS LEADERS IDENTIFY SECURITY, CONTROL, AND SUPPLY CHAIN RISKS IN AUTONOMOUS OPERATIONS Advanced Military Technology
ROBLOX ACCOUNT THEFT RING DISRUPTED: UKRAINIAN AUTHORITIES DETAIN GROUP LINKED TO 610,000 COMPROMISED ACCOUNTS AND CRYPTOCURRENCY RESALE NETWORKS Blogging
MICROSOFT TEAMS IMPERSONATION CAMPAIGN: UNC6692 DEPLOYS βSNOWBELTβ BACKDOOR TO BREACH ENTERPRISE NETWORKS THROUGH SOCIAL ENGINEERING AND MALICIOUS EXTENSIONS Blogging
PRC NATIONAL EXTRADITED TO UNITED STATES ON CYBER INTRUSION CHARGES LINKED TO HAFNIUM CAMPAIGN AND TARGETING OF COVID-19 RESEARCH Blogging
CHINA-LINKED PHISHING OPERATIONS TARGET JOURNALISTS AND DIASPORA ACTIVISTS: βGLITTER CARPβ AND βSEQUIN CARPβ CAMPAIGNS DEPLOY 100+ MALICIOUS DOMAINS IN TRANSNATIONAL REPRESSION MODEL Blogging
CISA KEV UPDATE: ACTIVE EXPLOITATION CONFIRMED FOR CONNECTWISE SCREENCONNECT PATH TRAVERSAL AND MICROSOFT WINDOWS PROTECTION FAILURE Blogging
TENNESSEE BANS CRYPTOCURRENCY ATMS: FRAUD PIPELINE DISRUPTION TARGETS QR-BASED SCAM TRANSFERS AND ELDER EXPLOITATION NETWORKS Blogging
NSA GRASSMARLIN ICS ADVISORY: CVE-2026-6807 XML EXTERNAL ENTITY (XXE) EXPOSURE RISKS SENSITIVE DATA DISCLOSURE ACROSS CONTROL ENVIRONMENTS Blogging
ICS ALERT: Cybersecurity and Infrastructure Security Agency EXPANDS KNOWN EXPLOITED VULNERABILITIES CATALOG WITH FOUR ACTIVELY TARGETED FLAWS ACROSS ENTERPRISE AND NETWORK DEVICES Blogging
MOBILE BASE STATION SPOOFING OPERATION DISRUPTS MILLIONS OF CONNECTIONS IN CANADAβS FIRST SMS BLASTER CASE Blogging
ADT DATA EXPOSURE INCIDENT IMPACTS CUSTOMER RECORDS AS CRIMINAL CLAIMS SURFACE AROUND LARGE-SCALE DATA THEFT Blogging
ICS ADVISORY: Cybersecurity and Infrastructure Security Agency IDENTIFIES PRIVILEGE ESCALATION VULNERABILITY IN SIEMENS RUGGEDCOM CROSSBOW SECURE ACCESS MANAGER PRIMARY (SAM-P) Blogging
ICS ADVISORY: Cybersecurity and Infrastructure Security Agency IDENTIFIES INFORMATION DISCLOSURE AND DENIAL-OF-SERVICE RISK IN SIEMENS TPM 2.0 ACROSS INDUSTRIAL COMPUTING SYSTEMS Blogging
ICS ADVISORY: Cybersecurity and Infrastructure Security Agency FLAGS AUTHENTICATION BYPASS IN SIEMENS SINEC NMS ENABLING UNAUTHORIZED NETWORK CONTROL ACCESS Blogging
ICS ADVISORY: Cybersecurity and Infrastructure Security Agency FLAGS REMOTE CODE EXECUTION RISK IN HARDY BARTH SALIA EV CHARGE CONTROLLER THROUGH FILE UPLOAD AND BUFFER OVERFLOW FLAWS Blogging
ICS ADVISORY: Cybersecurity and Infrastructure Security Agency IDENTIFIES CERTIFICATE VALIDATION FAILURE IN SIEMENS ANALYTICS TOOLKIT ENABLING MAN-IN-THE-MIDDLE INTERCEPTION ACROSS INDUSTRIAL SYSTEMS Blogging
SCATTERED SPIDER-ASSOCIATED ACTOR PLEADS GUILTY IN $8 MILLION CRYPTO THEFT CAMPAIGN: SOCIAL ENGINEERING, SMISHING, AND ENTERPRISE ACCOUNT TAKEOVERS DRIVE MULTI-SECTOR BREACHES Blogging
DISTRIBUTED DENIAL-OF-SERVICE (DDOS) CAMPAIGN TARGETS BLUESKY INFRASTRUCTURE: PLATFORM REPORTS SUSTAINED TRAFFIC FLOODING ACROSS CORE APPLICATION SYSTEMS Blogging
THIRD-PARTY AI TOOL BREACH CASCADES INTO VERCEL ENVIRONMENT COMPROMISE: TOKEN EXPOSURE AND WORKSPACE TAKEOVER TRIGGER SUPPLY CHAIN RISK Blogging
OPERATION POWEROFF ESCALATES: GLOBAL TAKEDOWN TARGETS DDoS-FOR-HIRE NETWORKS POWERING MASS DISRUPTION INFRASTRUCTURE Blogging
SENATE INQUIRY TARGETS TECH PLATFORM CSAM REPORTING FAILURES: CYBERTIPLINE DATA QUALITY, AI PIPELINES, AND ENFORCEMENT GAPS UNDER REVIEW Blogging
CRITICAL ICS ALERT: ANVIZ DEVICE ECOSYSTEM EXPOSED TO HIGH-SEVERITY VULNERABILITIES WITH FULL SYSTEM COMPROMISE POTENTIAL Blogging
CYBER-ENABLED CARGO THEFT OPERATIONS DEPLOY MULTI-LAYER REMOTE ACCESS AND CERTIFICATE SIGNING TO BYPASS DEFENSES Blogging
CISA FLAGS SEVEN ACTIVELY EXPLOITED VULNERABILITIES ACROSS MICROSOFT, ADOBE, AND FORTINET SYSTEMS Blogging
W3LL PHISHING PLATFORM DISRUPTED IN JOINT FBIβINDONESIA OPERATION TARGETING MFA BYPASS ECOSYSTEM Blogging
