Latest News

The FBI said the target was tricked into downloading a malicious Python script under the guise of a pre-employment test hosted on GitHub.

American Addiction Centers says the personal information of more than 422,000 people was stolen in a data breach.

The 2025 National Defense Authorization Act (NDAA) has been signed into law and it authorizes several cyber-related initiatives. 

Adobe has released patches for a high-severity ColdFusion vulnerability for which proof-of-concept (PoC) code exists.

While AI tools can enable employees to be innovative and productive, significant data privacy risks can stem from their usage.

Ascension Health says the personal, medical, and payment information of 5.6 million people was stolen in a May 2024 ransomware attack.

Sophos has released patches for a critical-severity firewall vulnerability that could lead to remote code execution.

Dual Russian and Israeli national has been arrested in Israel and will be extradited to the US to face charges related to LockBit ransomware development.

Italy’s data protection watchdog fined OpenAI 15 million euros ($15.6 million) after wrapping up a probe into collection of personal data.

Apple complained that requests from Meta Platforms for access to its operating software threaten user privacy, in a spat fueled by the European Union’s intensifying efforts to get the iPhone maker to open up to products from tech rivals.

Noteworthy stories that might have slipped under the radar: McDonald’s API hacking, Netflix fined nearly $5 million in Netherlands, experimental malware killing ICS process. 

Bitsight has discovered a BadBox botnet consisting of over 190,000 Android devices, mainly Yandex smart TVs and Hisense smartphones.

The Play ransomware group claims to have stolen sensitive data from donut and coffee retail chain Krispy Kreme.

A second individual accused of being involved in NetWalker ransomware attacks, a Romanian national, has received a 20-year prison sentence.

CISA is urging federal agencies to patch a recent critical vulnerability in BeyondTrust remote access products in one week.