Trending
A new analysis of internet-facing infrastructure has identified nearly 4,000 Industrial Control Systems (ICS) in the United States that remain exposed to cyberattacks, specifically from threat actors targeting critical infrastructure. ANN ARBOR, MI — Security researchers have issued a stark warning after identifying approximately 4,000 industrial control devices — including
Policy & Government
A sweeping Office of Inspector General (OIG) report has revealed significant "governance and technical weaknesses" within the systems managing U.S. airspace, labeling the FAA’s current security posture as non-compliant with federal standards. WASHINGTON, D.C. — The Federal Aviation Administration (FAA) is facing intense scrutiny following a
Decentralized Finance (DeFi)
In a significant policy shift, the Department of the Treasury is expanding its "Project Fortress" initiative to include digital asset firms, providing them with the same high-level threat telemetry previously reserved for traditional tier-one banks. WASHINGTON, D.C. — The U.S. Department of the Treasury has officially opened
A new analysis of internet-facing infrastructure has identified nearly 4,000 Industrial Control Systems (ICS) in the United States that remain exposed to cyberattacks, specifically from threat actors targeting critical infrastructure. ANN ARBOR, MI — Security researchers have issued a stark warning after identifying approximately 4,000 industrial control devices — including
A sweeping Office of Inspector General (OIG) report has revealed significant "governance and technical weaknesses" within the systems managing U.S. airspace, labeling the FAA’s current security posture as non-compliant with federal standards. WASHINGTON, D.C. — The Federal Aviation Administration (FAA) is facing intense scrutiny following a
In a significant policy shift, the Department of the Treasury is expanding its "Project Fortress" initiative to include digital asset firms, providing them with the same high-level threat telemetry previously reserved for traditional tier-one banks. WASHINGTON, D.C. — The U.S. Department of the Treasury has officially opened
As the industry shifts toward "AI-First" defense, the two titans of Silicon Valley are taking different paths to the same goal: automating the discovery and patching of global software vulnerabilities. SAN FRANCISCO, CA — The battle for the future of cybersecurity has entered a restricted phase. Following the bombshell
CVS Health subsidiary Aetna has disclosed two separate security incidents involving unauthorized access to member data. While distinct in their execution, both breaches highlight the persistent vulnerabilities within the healthcare sector's data management pipelines. HARTFORD, CT — Aetna, the Hartford-based health insurance giant owned by CVS Health, has filed
A newly identified threat actor, UNC6783, is bypassing the "front door" of major corporations by targeting Business Process Outsourcing (BPO) firms. By leveraging fake Okta portals and hijacked Zendesk tickets, the group has successfully extorted dozens of high-value targets, exposing a critical failure in the Managed Perimeter. MOUNTAIN
As the industry shifts toward "AI-First" defense, the two titans of Silicon Valley are taking different paths to the same goal: automating the discovery and patching of global software vulnerabilities. SAN FRANCISCO, CA — The battle for the future of cybersecurity has entered a restricted phase. Following the bombshell
A critical pre-authentication Remote Code Execution (RCE) vulnerability in the Marimo open-source Python notebook has seen active exploitation less than half a day after its public disclosure, highlighting the extreme speed of modern threat actors. SAN FRANCISCO, CA — Security teams are racing to patch installations of Marimo, a reactive Python
CVS Health subsidiary Aetna has disclosed two separate security incidents involving unauthorized access to member data. While distinct in their execution, both breaches highlight the persistent vulnerabilities within the healthcare sector's data management pipelines. HARTFORD, CT — Aetna, the Hartford-based health insurance giant owned by CVS Health, has filed
A newly identified threat actor, UNC6783, is bypassing the "front door" of major corporations by targeting Business Process Outsourcing (BPO) firms. By leveraging fake Okta portals and hijacked Zendesk tickets, the group has successfully extorted dozens of high-value targets, exposing a critical failure in the Managed Perimeter. MOUNTAIN
Yesterday, Nextend confirmed that its update servers were compromised, leading to the distribution of backdoored versions of Smart Slider 3 Pro. With nearly a million sites affected across WordPress and Joomla, this is one of the most significant supply chain attacks of the year. BUDAPEST, HUNGARY — Security researchers at Patchstack
A sophisticated social engineering campaign dubbed "ClickFix" has pivoted to target macOS users, leveraging fake browser errors to trick victims into executing malicious scripts that bypass standard Apple security prompts. CUPERTINO, CA — For years, the prevailing wisdom suggested that macOS was a "walled garden" largely immune
Yesterday, we reported on the unprecedented scale of the National Supercomputing Center (NSCC) breach. Today, the focus shifts from how much was taken to exactly what — and the implications for global stability. CHENGDU, CHINA — New intelligence regarding the 10-petabyte data theft from China’s National Supercomputing Center suggests the breach
What began as a security "anomaly" in late 2025 has escalated into a major privacy crisis, as hackers begin offloading sensitive passport and contact information belonging to Interrail and Eurail customers. UTRECHT, NETHERLANDS — Eurail B.V., the organization behind the popular Interrail and Eurail passes, has confirmed that
The oil and gas recovery specialist has launched an investigation into a sophisticated cyberattack that successfully redirected a major project payment to an unauthorized third-party account. LONDON — Zephyr Energy, a technology-led energy company focused on responsible resource development, has disclosed a significant cyberattack that resulted in the diversion of approximately
Researchers have uncovered a sophisticated spearphishing operation aimed at journalists and human rights defenders, leveraging custom spyware to exfiltrate private iCloud backups and Android device data. CAIRO — A new wave of targeted cyberattacks has been identified across the Middle East and North Africa (MENA), specifically focusing on members of the
The world’s largest cryptocurrency ATM operator has confirmed a security incident involving its corporate hot wallets, leading to the unauthorized transfer of 50.9 Bitcoin. ATLANTA — Bitcoin Depot, the leading provider of cryptocurrency ATMs globally, has disclosed a significant security breach that occurred earlier this week. According to corporate
A sweeping new federal mandate blocks the authorization and import of networking equipment from high-risk foreign adversaries, targeting vulnerabilities used in state-sponsored botnets. WASHINGTON — The Federal Communications Commission (FCC) has issued an unprecedented order banning the import and sale of new consumer and enterprise routers manufactured in several foreign nations,
