government
Threat actors weaponize OAuth redirection logic to deliver malware
An ongoing phishing campaign is abusing the OAuth authentication redirection mechanism to avoid triggering conventional email and browser defenses, Microsoft researchers have …
Anthropic poaches users from rival chatbots with easier migration
The controversy over Anthropic’s negotiations with the Pentagon has driven increased interest in Claude. Negotiations between the Department of Defense and Anthropic collapsed …
UK reduces cyberattack fix times from two months to eight days
The UK government has launched a new vulnerability monitoring service (VMS) that promises to reduce the time needed to fix critical cyber weaknesses across the public sector. …
NATO greenlights iPhone and iPad for classified information handling
Apple confirmed that the iPhone and iPad have been approved for use with classified information in NATO restricted environments. The devices will no longer require special …
Threat actor leveraged Cisco SD-WAN zero-day since 2023 (CVE-2026-20127)
A “highly sophisticated” cyber threat actor has been exploiting a zero-day authentication bypass vulnerability (CVE-2026-20127) in Cisco Catalyst SD-WAN Controller …
Ex-L3Harris executive sentenced to 87 months for selling stolen cyber-exploit trade secrets
Peter Williams, a former executive of Trenchant, L3Harris’ cyber division, has been sentenced to 87 months in prison by a federal judge in Washington, D.C., after pleading …
Binding Operational Directive 26-02 sets deadlines for edge device replacement
In this Help Net Security video, Jen Sovada, General Manager, Public Sector at Claroty, explains CISA’s Binding Operational Directive 26-02 and what it means for federal …
Police seize 100,000 stolen Facebook credentials in cybercrime raid
Officers from Poland’s Central Bureau for Combating Cybercrime (CBZC) dismantled an organized group that used phishing to seize Facebook accounts and extract BLIK payment …
Ex-Google engineers charged with orchestrating high-tech secrets extraction
A federal grand jury has indicted three Silicon Valley engineers on charges in a scheme to steal trade secrets from Google and other leading technology companies. The …
Man gets five years for aiding North Korean IT employment scam
Ukrainian national Oleksandr Didenko, 29, was sentenced in U.S. District Court to 5 years in prison for an identity theft scheme that enabled North Korean workers to secure …
Applying green energy tax policies to improve cybersecurity
For years, governments have focused only on the stick of compliance when they could leverage the carrot of tax incentives. Theoretically, compliance fines and penalties should …
Data on 1.2 million French bank accounts accessed in registry breach
In late January 2026, a malicious intruder accessed France’s national bank account registry, FICOBA, enabling them to view information tied to 1.2 million accounts, the …
Featured news
Resources
Don't miss
- FreeScout vulnerability enables unauthenticated, zero-click RCE via email (CVE-2026-28289)
- As AI agents start making purchases, security teams must rethink risk
- Engineering trust: A security blueprint for autonomous AI agents
- Webinar: The True State of Security 2026
- Over 1,200 IceWarp servers still vulnerable to unauthenticated RCE flaw (CVE-2025-14500)