Threat Intelligence

Flat white line-art of a large magnifier over a document beside a simple alert card, on a Midnight Navy background — North Korean-linked NarwhalRAT research disclosure.

Nation-State Cyber Threats

Researchers Detail a North Korean-Linked Campaign Using the NarwhalRAT Family

Another published-research disclosure for defenders to review for indicator relevance: researchers at Genians named NarwhalRAT, a remote access trojan they attribute to a North Korean-linked cluster, and published indicators worth checking against your own telemetry.

Flat white line-art of a medical research flask, a server database, and a shield, on a Antique Gold background — GTIG China-nexus research-sector advisory.

Nation-State Cyber Threats

Google Threat Intel Details a China-Nexus Cluster Targeting Medical, Military, and AI Research

GTIG's published research resets sector advisory work for research organizations across North America, putting REDCap servers and Google Workspace administrative rules at the top of the review list.

Flat white line-art of a classical institutional building beside a magnifying glass and a document folder, on a Cobalt background — Council of Europe breach investigation.

Vulnerabilities

Council of Europe Confirms It Is Investigating Reported Breach Claims

The Oracle PeopleSoft campaign coverage extends into a major European intergovernmental institution.

Flat white line-art of a clipboard checklist beside a sorting funnel and a clock, on a Royal Violet background — CISA BOD 26-04 risk-based patching implementation.

Policy & Government

A Defender's Implementation Guide to CISA BOD 26-04: Patching by Risk, Not Severity

BOD 26-04 reaches beyond direct CISA jurisdiction — federally regulated industries, contractors, and state and local defenders now have a new benchmark for what good looks like.

Flat white line-art of a wall calendar grid beside a shield, a gavel and a package box, on a Peacock background — CyberSignal Week in Review, June 8-14 2026.

Threat Intelligence

Week in Review — June 8-14, 2026: The Anthropic Action, the Disclosure Cascade, the npm Inflection

Five themes from one of the year's most consequential weeks — what they show about where the published-disclosure landscape, regulatory environment, and defender posture are moving.

Flat white line-art of an AI model core with a power switch in the off position behind a closed border gate, on an aubergine background — Fable 5 and Mythos 5 shutdown.

Artificial Intelligence (AI)

Anthropic Disables Fable 5 and Mythos 5 Worldwide to Comply with US Export Controls

The US Commerce Department's national-security designation forced Anthropic to shut off worldwide access to its two newest models four days after launch — a first-of-its-kind export-control precedent for frontier AI.

Flat white line-art of a key in a server with a hidden duplicate key behind it, on a moss background — decade-long Linux PAM authentication backdoor.

Nation-State Cyber Threats

Chinese APT Backdoors Linux PAM Login Software for Nearly a Decade

One backdoored authentication module, one isolated network, ten years of undetected access — a reminder that critical authentication primitives are a forever-target.

Flat white line-art of a clinical document beside a database cylinder with an open padlock, on a peacock background — Novo Nordisk clinical-trial data breach.

Data Breaches

Novo Nordisk Cyberattack: Clinical Trial Data Stolen from Pharma Giant

Pharma giant Novo Nordisk discloses a clinical-trial data theft on the same day UK regulators greenlight its Wegovy pill — a reminder of the sector's persistent threat profile.

Flat white line-art of a fishing hook lifting a network of linked nodes off a globe, on an Antique Gold background — FBI Outsider takedown.

Nation-State Cyber Threats

FBI and Google Take Down $1.9B China-Based "Outsider" Cybercrime Network

A coordinated public-private takedown disrupts one of 2026's largest China-based cybercrime networks — and Google sues a related operation for abusing Gemini.

Flat white line-art of a large pipe valve being shut off mid-flow, on an Antique Gold background — Europol AudiA6 takedown.

Ransomware

Europol Announces Takedown of AudiA6 Crypto Laundering Service

Breaking the financial pipes of the ransomware economy — Europol's latest structural disruption.

Ransomware

Ukrainian National Pleads Guilty in Conti Ransomware Case

Another individual conviction in the long-running US law-enforcement effort against the Conti operation.

Flat white line-art of a compass needle turning to point back at a single building, on a Terracotta background — OceanLotus domestic targeting.

Nation-State Cyber Threats

ESET Publishes OceanLotus (APT32) Research Update — Domestic Targeting in Vietnam

ESET's research update reframes OceanLotus — the targeting is now inward.

See all