Data Breaches
Ransomware group Incransom has targeted TruGreen, a major lawn-care and consumer-services provider, in a double-extortion attack that threatens the leaking of sensitive customer and operational data. MEMPHIS, TN — On April 22, 2026, the ransomware collective known as Incransom publicly claimed responsibility for a compromise of TruGreen Limited Partnership (trugreen.com)
Phishing
Germany’s Bundestag President Julia Klöckner has reportedly become the latest victim of a Signal-based phishing campaign, in which attackers used social-engineering tactics to compromise her encrypted-messaging account and access sensitive group chats. BERLIN, GERMANY — The Federal Office for Information Security (BSI) and the Federal Office for the Protection of
Data Breaches
The delayed 2026 notification of a massive 1.7-million-record exposure at Kettering Health highlights the "long tail" of healthcare ransomware, where the clinical recovery of a hospital often precedes the true regulatory and legal fallout by nearly a year. DAYTON, OH — A 2025 ransomware attack on Ohio-based Kettering
Data Leak
Notion pages published to the web may be silently leaking collaborators’ email addresses and profile photos, exposing thousands of users and organizations to potential phishing and social-engineering attacks. SAN FRANCISCO, CA — A design-driven privacy vulnerability in Notion’s "Publish to web" feature is currently exposing the personally identifiable
Data Breaches
Same group behind ADT 10M breach claims 1.4M Udemy users via SaaS vishing. Education sector PII and corporate data at risk. April 27 leak deadline looms. SAN FRANCISCO, CA — Less than a week after the ADT data breach exposed 10 million records, the notorious threat collective ShinyHunters has claimed
Data Breaches
America's largest home security provider confirms breach after vishing attackers claim 10M customer records. Okta SSO → Salesforce attack chain exposes PII and partial SSNs. BOCA RATON, FL — In a stinging blow to the world’s most recognized name in physical security, ADT Inc. (NASDAQ: ADT) has confirmed a
Decentralized Finance (DeFi)
Original $293M LayerZero bridge attack caused 43x larger $13B TVL crash across Aave (-43%) + 26 protocols. North Korea's Lazarus hits $578M in 18 days as bridges become primary attack vector. GLOBAL — The fallout from the Kelp DAO exploit has officially mutated from a singular protocol theft into a
AI Security
Federal adoption hits 82% vs 41% private sector as FedRAMP 20x accelerates unvetted agents into classified networks. WASHINGTON, D.C. — While the commercial world cautiously debates the ROI of agentic AI, the federal government has quietly surged ahead, creating a massive, unmanaged attack surface. According to recent IDC and Salesforce
Settlements
HHS cracks down on four healthcare entities after risk analysis failures allowed PYSA and other ransomware to encrypt servers and exfiltrate patient data. WASHINGTON, D.C. — In a decisive move against systemic negligence in the medical sector, the HHS Office for Civil Rights (OCR) has announced a collective $1.165
AVIC engineer Song Wu impersonated U.S. researchers to harvest NASA aerospace modeling software. Faces 300+ years if convicted. NASA OIG exposes China’s IP theft pipeline. WASHINGTON, D.C. — In a staggering breach of national security, NASA’s Office of Inspector General (OIG) has detailed how a Chinese national
DEF CON researchers demonstrate physical attack that overwrites CCS Parameter Information Block, permanently disabling public charging infrastructure with no software fix available. LAS VEGAS, NEVADA — At DEF CON 33, security researchers have unveiled a devastating new physical cyber weapon targeting the backbone of municipal electric vehicle (EV) infrastructure. The attack,
33.7M user leak → US investor lawsuits → Congressional intervention → Delayed security consultations. How a consumer data breach became a national security crisis. SEOUL — What began as a corporate data leak has spiraled into an unprecedented diplomatic standoff between Washington and Seoul. The Coupang data breach, which exposed the personal information
SentinelOne uncovers ShadowBrokers-referenced cyberweapon that silently corrupted engineering math; likely US/Israel operation against Iranian nuclear program. SINGAPORE — Everything we knew about the origins of state-sponsored cyber-sabotage was just rewritten. Today, at Black Hat Asia 2026, SentinelOne researchers Vitaly Kamluk and Juan Andrés Guerrero-Saade unveiled FAST16, a precision-engineered malware sample
Internal DoD email outlines retaliation against allies refusing Iran war basing rights; UK reaffirms "unchanged" Falklands sovereignty amid diplomatic firestorm. WASHINGTON, D.C. — A high-level operational security breach has exposed a widening rift within the NATO alliance. A leaked internal Pentagon email, circulating since Thursday evening, outlines a
Malicious Docker images and VS Code extensions steal IaC secrets; Bitwarden npm trusted publishing abused in a sophisticated DevSecOps attack chain. TEL AVIV, IL — In a cascading security failure that strikes at the heart of modern DevSecOps, the prominent security vendor Checkmarx has confirmed a multi-stage supply chain compromise affecting
White House OSTP accuses DeepSeek and Moonshot AI of industrial-scale extraction attacks; bipartisan sanctions bill advances to protect American frontier models. WASHINGTON, D.C. — The Trump administration has officially signaled a major escalation in the AI arms race, shifting focus from hardware export controls to the protection of the software
Federal agency confirmed breached via unpatched Cisco ASA flaws; only a hard power cycle removes the persistent implant redeploying months after initial patches. WASHINGTON, D.C. — The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent directive following the discovery of a Firestarter malware infection within a U.S.
NATO CCDCOE launches the world's largest live-fire cyber defense exercise, bringing together 4,000 experts to protect fictional Berylia against 8,000 real-time threats. TALLINN, EE — More than 4,000 cyber defenders from 41 nations have concluded Locked Shields 2026, the world’s largest and most complex international
China-aligned espionage group G0081 evolves beyond traditional spear-phishing with SOHO router firmware attacks and domain-trust pivoting. TOKYO, JP — The persistent China-aligned threat actor known as Tropic Trooper (G0081) has significantly shifted its operational focus, moving beyond traditional spear-phishing to target Japanese government and critical infrastructure via router exploitation. Recent telemetry
Minidoka Memorial Hospital transferred emergency patients after an imaging outage; a new ransomware group demands payment for an alleged 2.3 million files. RUPERT, ID — A quiet Easter morning in rural Idaho was shattered on April 5, 2026, when Minidoka Memorial Hospital (MMH) fell victim to a cyberattack that paralyzed
Journalist demonstrates naval mail screening flaw by mailing a Bluetooth device to NATO frigate HNLMS Evertsen; envelopes were not X-rayed like standard packages. THE HAGUE, NL — In a staggering demonstration of security asymmetry, a Dutch journalist has exposed a critical physical vulnerability within NATO naval operations. By mailing a $5
