
Local governments struggle to defend critical infrastructure as threats grow
A small-town water system, a county hospital, and a local school district may not seem like front-line targets in global conflict, but they are. These organizations face daily …

Russian threat actors using old Cisco bug to target critical infrastructure orgs
A threat group linked to the Russian Federal Security Service’s (FSB) Center 16 unit has been compromising unpatched and end-of-life Cisco networking devices via an old …

Alleged Rapper Bot DDoS botnet master arrested, charged
US federal prosecutors have charged a man with running Rapper Bot, a powerful botnet that was rented out to launch large-scale distributed denial-of-service (DDoS) attacks …

Noodlophile infostealer is hiding behind fake copyright and PI infringement notices
Attackers pushing the Noodlophile infostealer are targeting businesses with spear-phishing emails threatening legal action due to copyright or intellectual property …

The final frontier of cybersecurity is now in space
As the space sector becomes more commercial and military-focused, these assets are becoming attractive targets. The global space economy is booming and is expected to increase …

Phishing campaign targets U.S. Department of Education’s G5 portal
A new phishing campaign is targeting users of the U.S. Department of Education’s G5 portal, a site used by educational institutions and vendors to manage grants and federal …

Microsoft SharePoint servers under attack via zero-day vulnerability (CVE-2025-53770)
This is a developing story, new update here: Microsoft pins on-prem SharePoint attacks on Chinese threat actors Attackers are exploiting a zero-day variant (CVE-2025-53770) of …

LockBit panel data leak shows Chinese orgs among the most targeted
The LockBit ransomware-as-a-service (RaaS) operation has netted around $2.3 million USD within 5 months, the data leak stemming from the May 2025 hack of a LockBit affiliate …

145 criminal domains linked to BidenCash Marketplace seized
Approximately 145 darknet and conventional internet domains, along with cryptocurrency funds linked to the BidenCash marketplace, have been seized by the U.S. Attorney’s …

Google survey shows Americans are changing how they fight scams
If it seems like scams are popping up everywhere lately, you’re not wrong. A new survey from Google shows most Americans feel the same, and they’re starting to change how they …

Chinese cyber spies are using Ivanti EPMM flaws to breach EU, US organizations
CVE-2025-4427 and CVE-2025-4428 – the two Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities that have been exploited in the wild as zero-days and patched by Ivanti …

CISA warns about actively exploited Broadcom, Commvault vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) has added three new flaws to its Known Exploited Vulnerabilities catalog on Monday, affecting Commvault …
Featured news
Resources
Don't miss
- Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms
- New framework aims to outsmart malware evasion tricks
- Finding connection and resilience as a CISO
- AI isn’t taking over the world, but here’s what you should worry about
- Agentic AI coding assistant helped attacker breach, extort 17 distinct organizations