Data Breaches
Insurance giant Humana has begun notifying customers across Texas and five other states of a significant data breach, marking the second time in 60 days that the company has confirmed the exposure of sensitive patient information. LOUISVILLE, KY — Humana Inc., one of the largest health insurance providers in the United
Threat Intelligence
A sophisticated ad-fraud and scareware campaign dubbed "Pushpaganda" is successfully exploiting Google Discover’s recommendation algorithm, using AI-generated fake news to trick millions into enabling malicious push notifications. MOUNTAIN VIEW, UNITED STATES — Security researchers have uncovered a novel exploitation of the Google Discover ecosystem, where threat actors are
Cyber Crime
Tyler Robert Buchanan, a Scottish national and pivotal figure in the ‘Scattered Spider’ cybercrime syndicate, has entered a guilty plea in U.S. federal court, marking a significant victory against the world's most notorious social engineering group. WASHINGTON, UNITED STATES — The U.S. Department of Justice has secured
The European Commission’s flagship age-verification tool, touted as a secure solution for protecting minors online, has faced a disastrous rollout after independent researchers bypassed its core security features in under 120 seconds. Brussels, Belgium — The European Union’s ambition to set a global standard for online safety has been
A sophisticated ad-fraud and scareware campaign dubbed "Pushpaganda" is successfully exploiting Google Discover’s recommendation algorithm, using AI-generated fake news to trick millions into enabling malicious push notifications. MOUNTAIN VIEW, UNITED STATES — Security researchers have uncovered a novel exploitation of the Google Discover ecosystem, where threat actors are
Tyler Robert Buchanan, a Scottish national and pivotal figure in the ‘Scattered Spider’ cybercrime syndicate, has entered a guilty plea in U.S. federal court, marking a significant victory against the world's most notorious social engineering group. WASHINGTON, UNITED STATES — The U.S. Department of Justice has secured
A joint forensic investigation has unmasked "The Gentlemen," a rapidly expanding ransomware operation that has successfully leveraged the SystemBC malware to automate enterprise-scale intrusions across 1,500 victims. TEL AVIV, ISR — Security researchers have exposed the inner workings of a high-volume ransomware-as-a-Service (RaaS) affiliate known as The Gentlemen.
Blockchain security researchers and protocol developers have identified the North Korean state-sponsored Lazarus Group as the primary suspect in the staggering $290 million theft from Kelp DAO. SEOUL, KOR — The decentralized finance (DeFi) ecosystem is reeling after a sophisticated exploit targeted Kelp DAO, a leading liquid restaking protocol. Early on
As the fallout from systemic attacks on healthcare providers continues to mount, federal lawmakers and former intelligence officials are pushing for a radical reclassification of ransomware: treating digital extortion as a capital crime. WASHINGTON, D.C. — The legal immunity traditionally enjoyed by cybercriminals — often shielded by international borders and the
Mastodon.social, the primary gateway to the decentralized Fediverse, has successfully restored services following a sustained Distributed Denial of Service (DDoS) attack that disrupted access for millions of users. JENA, GERMANY — The resilience of decentralized social media was put to the test this week as Mastodon.social, the platform'
A widespread misconfiguration in Perforce Helix Core servers has left the proprietary source code and sensitive internal data of major global organizations accessible to the public internet. MINNEAPOLIS, MN — Security researchers have issued a stark warning regarding Perforce Helix Core, the industry-standard version control system used by gaming giants, automotive
New forensic details reveal that the massive data exfiltration at Vercel began with a single employee downloading a compromised Roblox game cheat, highlighting the catastrophic intersection of personal device use and enterprise SaaS permissions. SAN FRANCISCO, CA — The security community is processing the full scope of the breach involving Vercel
A joint forensic investigation has unmasked "The Gentlemen," a rapidly expanding ransomware operation that has successfully leveraged the SystemBC malware to automate enterprise-scale intrusions across 1,500 victims. TEL AVIV, ISR — Security researchers have exposed the inner workings of a high-volume ransomware-as-a-Service (RaaS) affiliate known as The Gentlemen.
Blockchain security researchers and protocol developers have identified the North Korean state-sponsored Lazarus Group as the primary suspect in the staggering $290 million theft from Kelp DAO. SEOUL, KOR — The decentralized finance (DeFi) ecosystem is reeling after a sophisticated exploit targeted Kelp DAO, a leading liquid restaking protocol. Early on
As the fallout from systemic attacks on healthcare providers continues to mount, federal lawmakers and former intelligence officials are pushing for a radical reclassification of ransomware: treating digital extortion as a capital crime. WASHINGTON, D.C. — The legal immunity traditionally enjoyed by cybercriminals — often shielded by international borders and the
The French National Agency for Secure Documents (ANTS) has confirmed a significant security incident targeting its central portal, as threat actors move to monetize a database allegedly containing millions of sensitive user records. PARIS, FRA — The French government is grappling with a severe compromise of its digital identity infrastructure. The
In a stark assessment of the global threat landscape, the UK’s lead cyber official warns that a coalition of nation-state adversaries — supercharged by artificial intelligence — now poses an unprecedented risk to critical national infrastructure. LONDON, UK — The United Kingdom is facing a "perfect storm" of cybersecurity challenges
Researchers have uncovered a sophisticated evolution of the NGate malware family, which now weaponizes legitimate payment applications to intercept card data and relay physical transactions across the internet in real-time. SÃO PAULO, BRZ — A high-impact cyber-espionage and financial theft campaign is currently sweeping through Brazil, utilizing a new variant of
In a rare turn of events, security researchers have observed a surge in failed exploitation attempts targeting a high-severity vulnerability in discontinued TP-Link routers, highlighting the technical hurdles of weaponizing code for aging hardware. SHENZHEN, CHINA — A wave of automated attacks targeting the TP-Link Archer AX21 (v1.2) has largely
Attackers are exploiting a loophole in Apple’s automated account recovery and security notification systems to bombard users with legitimate system alerts, driving them toward fraudulent support centers. CUPERTINO, CA — Security researchers from Malwarebytes and reports from the Apple user community have identified a sophisticated campaign that uses Apple’s
A sophisticated "FakeWallet" campaign has bypassed Apple’s stringent review process, leading to the theft of millions in digital assets through fraudulent Ledger and Trezor clones. CUPERTINO, CA — Apple’s reputation for hosting a "curated and secure" ecosystem is facing renewed scrutiny following the discovery of