WhatsApp Accuses NSO Group of Violating Federal Injunction Through Alleged Spearphishing Operations Targeting Users Blogging
CISA Adds SolarWinds Serv-U Vulnerability to KEV Catalog Following Confirmed Active Exploitation Activity Blogging
Red Hat Removes Compromised Packages After Supply Chain Attack Targets Developer Credentials Blogging
CISA Issues Active Exploitation Warning for Mirasvit Deserialization Vulnerability Added to KEV Catalog Blogging
Federal Watchdog Warns NIST Vulnerability Database Failures Are Undermining U.S. Cybersecurity Blogging
TRJ Cybersecurity: The 2026 Cyber Threat Landscape β AI Malware, Multi-Extortion, and the Escalating Targeting of Defense and Law Enforcement Infrastructure Artificial Intelligence
U.S. Cyber Command Launches Internal and External Reviews as Pentagon Accelerates CYBERCOM 2.0 Modernization Efforts Blogging
CISA Adds Three Known Exploited Vulnerabilities to KEV Catalog Following Active Exploitation Activity Blogging
CISA Adds CVE-2026-48172 LiteSpeed cPanel Plugin Vulnerability to KEV Catalog Following Active Exploitation Activity Blogging
CISA Adds Actively Exploited Drupal Core SQL Injection Vulnerability to KEV Catalog Active Exploitation
UK Computer Misuse Act Reform Draws Industry Pressure Over Scope of Cybersecurity Research Protections Artificial Intelligence
CISA Adds Seven Known Exploited Vulnerabilities to KEV Catalog Following Active Exploitation Activity Blogging
FBI Warns of ShinyHunters Cyber Threat Following Attack on National Learning Management System Blogging
ScadaBR ICS Platform Exposed to Critical Remote Code Execution Vulnerabilities Affecting Industrial Infrastructure Environments Blogging
ZKTeco CCTV Cameras Exposed to High-Severity Authentication Bypass Vulnerability Affecting Surveillance Infrastructure Blogging
CISA Orders Federal Agencies to Patch Actively Exploited Cisco SD-WAN Vulnerability by Sunday AI Threat Intelligence
OPENAI ROTATES macOS CERTIFICATES AFTER MINI SHAI-HULUD SUPPLY CHAIN BREACH IMPACTS INTERNAL DEVELOPMENT ENVIRONMENT Artificial Intelligence
Copper Theft Surge Targeting EV Charging Infrastructure Prompts Federal Cross-Sector Security Alert Blogging
West Pharmaceutical Hit by Ransomware Attack Disrupting Global Manufacturing and Distribution Operations Blogging
Critical ABB AC500 PLC Vulnerability Exposes Industrial Systems to Potential Remote Code Execution Attacks Blogging
ABB Automation Builder Gateway Vulnerability Exposes Industrial Control Environments to Remote PLC Discovery Risks Blogging
Multiple Critical ABB AC500 V3 Vulnerabilities Expose Industrial Control Systems to Access Bypass, Certificate Manipulation, and Denial-of-Service Risks Blogging
MAXHUB Pivot Client Application Exposed by Cryptographic Weakness in Newly Released ICS Advisory Blogging
CI FORTIFY: CISA WARNS CRITICAL INFRASTRUCTURE OPERATORS TO PREPARE FOR COMMUNICATIONS FAILURE, OT SABOTAGE, AND LONG-DURATION GEOPOLITICAL CYBER CONFLICT Blogging
POLISH INTELLIGENCE CONFIRMS CYBERATTACKS AGAINST WATER TREATMENT SYSTEMS AS INFRASTRUCTURE SABOTAGE THREATS ESCALATE ACROSS NATO TERRITORY Blogging
ICS Advisory: Johnson Controls CEM AC2000 Privilege Escalation Vulnerability Exposes Access Control Systems Across Critical Sectors Blogging
ICS Advisory: Hitachi Energy PCM600 Vulnerability Enables Path Traversal Risk Across Energy Sector Infrastructure Blogging
CISA KEV Update β Active Exploitation Confirmed in Linux Kernel Vulnerability (CVE-2026-31431) Blogging
Freight Hijacking Networks Scale to $725M in Losses Through Broker Impersonation and Load Board Compromise Blogging
FRANCE NATIONAL IDENTITY BREACH: IDOR FLAW IN ANTS API ENABLES MASS RECORD EXPOSURE; MINOR SUSPECT CHARGED Blogging
ICS ADVISORY: ABB OPTIMAX AUTHENTICATION FLAW ENABLES SSO BYPASS IN CRITICAL INFRASTRUCTURE SYSTEMS Blogging
ICS ADVISORY: ABB IEC 61850 STACK VULNERABILITY ENABLES DEVICE FAULT AND DENIAL-OF-SERVICE CONDITIONS Blogging
MOLDOVA HEALTH SYSTEM BREACH: NATIONAL INSURANCE DATABASE TARGETED IN SUSPECTED DATA EXFILTRATION EVENT Blogging
ROBLOX ACCOUNT THEFT RING DISRUPTED: UKRAINIAN AUTHORITIES DETAIN GROUP LINKED TO 610,000 COMPROMISED ACCOUNTS AND CRYPTOCURRENCY RESALE NETWORKS Blogging
MICROSOFT TEAMS IMPERSONATION CAMPAIGN: UNC6692 DEPLOYS βSNOWBELTβ BACKDOOR TO BREACH ENTERPRISE NETWORKS THROUGH SOCIAL ENGINEERING AND MALICIOUS EXTENSIONS Blogging
PRC NATIONAL EXTRADITED TO UNITED STATES ON CYBER INTRUSION CHARGES LINKED TO HAFNIUM CAMPAIGN AND TARGETING OF COVID-19 RESEARCH Blogging
CHINA-LINKED PHISHING OPERATIONS TARGET JOURNALISTS AND DIASPORA ACTIVISTS: βGLITTER CARPβ AND βSEQUIN CARPβ CAMPAIGNS DEPLOY 100+ MALICIOUS DOMAINS IN TRANSNATIONAL REPRESSION MODEL Blogging
CISA KEV UPDATE: ACTIVE EXPLOITATION CONFIRMED FOR CONNECTWISE SCREENCONNECT PATH TRAVERSAL AND MICROSOFT WINDOWS PROTECTION FAILURE Blogging
TENNESSEE BANS CRYPTOCURRENCY ATMS: FRAUD PIPELINE DISRUPTION TARGETS QR-BASED SCAM TRANSFERS AND ELDER EXPLOITATION NETWORKS Blogging
NSA GRASSMARLIN ICS ADVISORY: CVE-2026-6807 XML EXTERNAL ENTITY (XXE) EXPOSURE RISKS SENSITIVE DATA DISCLOSURE ACROSS CONTROL ENVIRONMENTS Blogging
ICS ALERT: Cybersecurity and Infrastructure Security Agency EXPANDS KNOWN EXPLOITED VULNERABILITIES CATALOG WITH FOUR ACTIVELY TARGETED FLAWS ACROSS ENTERPRISE AND NETWORK DEVICES Blogging
MOBILE BASE STATION SPOOFING OPERATION DISRUPTS MILLIONS OF CONNECTIONS IN CANADAβS FIRST SMS BLASTER CASE Blogging
ADT DATA EXPOSURE INCIDENT IMPACTS CUSTOMER RECORDS AS CRIMINAL CLAIMS SURFACE AROUND LARGE-SCALE DATA THEFT Blogging
ICS ADVISORY: Cybersecurity and Infrastructure Security Agency IDENTIFIES PRIVILEGE ESCALATION VULNERABILITY IN SIEMENS RUGGEDCOM CROSSBOW SECURE ACCESS MANAGER PRIMARY (SAM-P) Blogging
ICS ADVISORY: Cybersecurity and Infrastructure Security Agency IDENTIFIES INFORMATION DISCLOSURE AND DENIAL-OF-SERVICE RISK IN SIEMENS TPM 2.0 ACROSS INDUSTRIAL COMPUTING SYSTEMS Blogging
ICS ADVISORY: Cybersecurity and Infrastructure Security Agency FLAGS AUTHENTICATION BYPASS IN SIEMENS SINEC NMS ENABLING UNAUTHORIZED NETWORK CONTROL ACCESS Blogging
ICS ADVISORY: Cybersecurity and Infrastructure Security Agency FLAGS REMOTE CODE EXECUTION RISK IN HARDY BARTH SALIA EV CHARGE CONTROLLER THROUGH FILE UPLOAD AND BUFFER OVERFLOW FLAWS Blogging
ICS ADVISORY: Cybersecurity and Infrastructure Security Agency IDENTIFIES CERTIFICATE VALIDATION FAILURE IN SIEMENS ANALYTICS TOOLKIT ENABLING MAN-IN-THE-MIDDLE INTERCEPTION ACROSS INDUSTRIAL SYSTEMS Blogging
SCATTERED SPIDER-ASSOCIATED ACTOR PLEADS GUILTY IN $8 MILLION CRYPTO THEFT CAMPAIGN: SOCIAL ENGINEERING, SMISHING, AND ENTERPRISE ACCOUNT TAKEOVERS DRIVE MULTI-SECTOR BREACHES Blogging
DISTRIBUTED DENIAL-OF-SERVICE (DDOS) CAMPAIGN TARGETS BLUESKY INFRASTRUCTURE: PLATFORM REPORTS SUSTAINED TRAFFIC FLOODING ACROSS CORE APPLICATION SYSTEMS Blogging
THIRD-PARTY AI TOOL BREACH CASCADES INTO VERCEL ENVIRONMENT COMPROMISE: TOKEN EXPOSURE AND WORKSPACE TAKEOVER TRIGGER SUPPLY CHAIN RISK Blogging
OPERATION POWEROFF ESCALATES: GLOBAL TAKEDOWN TARGETS DDoS-FOR-HIRE NETWORKS POWERING MASS DISRUPTION INFRASTRUCTURE Blogging
SENATE INQUIRY TARGETS TECH PLATFORM CSAM REPORTING FAILURES: CYBERTIPLINE DATA QUALITY, AI PIPELINES, AND ENFORCEMENT GAPS UNDER REVIEW Blogging
CRITICAL ICS ALERT: ANVIZ DEVICE ECOSYSTEM EXPOSED TO HIGH-SEVERITY VULNERABILITIES WITH FULL SYSTEM COMPROMISE POTENTIAL Blogging
CISA FLAGS SEVEN ACTIVELY EXPLOITED VULNERABILITIES ACROSS MICROSOFT, ADOBE, AND FORTINET SYSTEMS Blogging
W3LL PHISHING PLATFORM DISRUPTED IN JOINT FBIβINDONESIA OPERATION TARGETING MFA BYPASS ECOSYSTEM Blogging
ROUTER INFILTRATION: FEDERAL OPERATION DISMANTLES GRU-CONTROLLED DNS HIJACKING NETWORK INSIDE U.S. SYSTEMS Blogging
EU CSAM SCANNING CONFLICT β BIG TECH CONTINUES CONTENT DETECTION DESPITE LEGAL VOID AND REGULATORY WARNING Blogging
PLC BREACH OPERATIONS β IRAN-AFFILIATED APT CAMPAIGN TARGETS U.S. CRITICAL INFRASTRUCTURE THROUGH DIRECT OT SYSTEM MANIPULATION Blogging
CRYPTOCURRENCY AND AI FRAUD SURGE β FBI IC3 REPORT DOCUMENTS RECORD $20.8 BILLION IN LOSS AS DIGITAL SCAMS SCALE THROUGH AUTOMATION AND SOCIAL ENGINEERING Artificial Intelligence
FORTINET EMS EXPOSURE β CISA ADDS ACTIVELY EXPLOITED ACCESS CONTROL VULNERABILITY TO KEV CATALOG AS ENTERPRISE ENDPOINT INFRASTRUCTURE TARGETED Blogging
MITSUBISHI ICS EXPOSURE β CREDENTIAL DISCLOSURE VULNERABILITIES IN GENESIS64 AND ICONICS SUITE ENABLE DATA COMPROMISE AND SYSTEM DISRUPTION Blogging
SIEMENS SICAM 8 EXPOSURE β MULTIPLE ICS VULNERABILITIES ENABLE DENIAL-OF-SERVICE CONDITIONS ACROSS POWER SYSTEM INFRASTRUCTURE Blogging
HITACHI ENERGY ELLIPSE RCE EXPOSURE β CRITICAL ICS VULNERABILITY ENABLES REMOTE EXECUTION VIA DESERIALIZATION FLAW Blogging
LEAK BAZAAR EMERGENCE β DATA PROCESSING SERVICES TARGET RANSOMWARE STOCKPILES FOR SECONDARY MONETIZATION Blogging
SUPPLY CHAIN BREACH CASCADE: MERCOR IMPACTED BY LITELLM COMPROMISE AND MALICIOUS PYPI DISTRIBUTION Blogging
FAKE CLIENT INFILTRATION: WHATSAPP USERS TARGETED WITH IOS SPYWARE VIA SOCIAL ENGINEERING CHANNELS Blogging
ACTIVE EXPLOITATION ALERT: GOOGLE DAWN USE-AFTER-FREE VULNERABILITY ENTERS FEDERAL PRIORITY INDEX Blogging
LEAK BAZAAR EMERGENCE β RANSOMWARE DATA MONETIZATION SHIFTS FROM EXTORTION TO STRUCTURED EXPLOITATION PIPELINES Blogging
AXIOS SUPPLY CHAIN BREACH β MALICIOUS NPM RELEASE DELIVERS REMOTE ACCESS TROJAN ACROSS GLOBAL DEV PIPELINES Blogging
CISA KEV ALERT β ACTIVE EXPLOITATION OF CITRIX NETSCALER VULNERABILITY EXPANDS ATTACK SURFACE ACROSS ENTERPRISE EDGE SYSTEMS Blogging
AI IMAGE ABUSE ENFORCEMENT β DUTCH COURT THREATENS XAI WITH DAILY FINES OVER NONCONSENSUAL NUDIFICATION BY GROK AI Governance
KEV CATALOG EXPANSION β F5 BIG-IP REMOTE CODE EXECUTION VULNERABILITY ADDED AFTER ACTIVE EXPLOITATION CONFIRMED Blogging
CSAM DETECTION FRAMEWORK COLLAPSE β EUROPEAN PARLIAMENT REJECTS EXTENSION OF SCANNING RULES, DISRUPTING PLATFORM-LEVEL DETECTION PIPELINES Blogging
CISA CAPABILITY COLLAPSE β FEDERAL SHUTDOWN FORCES CYBER DEFENSE INTO REACTIVE MODE AS WORKFORCE DROPS AND SYSTEMIC RISK EXPANDS Blogging
APPLE AGE VERIFICATION ENFORCEMENT β UK IOS UPDATE INTRODUCES MANDATORY ID AND PAYMENT-BASED AGE CHECKS AS REGULATORY PRESSURE INTENSIFIES Blogging
AI SUPPLY CHAIN COMPROMISE: MALICIOUS LITELLM PACKAGES ENABLE CREDENTIAL THEFT AND PERSISTENT ACCESS ACROSS CLOUD ENVIRONMENTS Blogging
ACTIVE EXPLOITATION CONFIRMED β CISA ADDS LANGFLOW CODE INJECTION FLAW TO KEV CATALOG, SIGNALING IMMEDIATE RISK TO FEDERAL AND PRIVATE SYSTEMS Blogging
ENDPOINT CONTROL HIJACK WINDOW β ENTERPRISE MANAGEMENT SYSTEMS TARGETED IN LIVE CAMPAIGN FOLLOWING STRYKER ENVIRONMENT BREACH Blogging
PERSEUS MALWARE CAMPAIGN β ANDROID STREAMING APPS USED AS TROJANIZED DELIVERY VECTOR FOR CREDENTIAL THEFT AND NOTE EXTRACTION OPERATIONS Blogging
MEDUSA RANSOMWARE STRIKES HEALTHCARE AND GOVERNMENT SYSTEMS β MULTI-STATE DISRUPTION WITH DATA EXTORTION DEADLINES Blogging
SUPPLY CHAIN BREACH EXPANDS β MARQUIS SOFTWARE INCIDENT EXPOSES 670K+ RECORDS ACROSS BANKING NETWORKS Blogging
Active Exploitation Confirmed: Wing FTP Server Information Disclosure Vulnerability Added to KEV Catalog Active Exploitation
Active Exploitation Confirmed: Google Skia and Chromium V8 Vulnerabilities Added to Federal KEV Catalog Active Exploitation
