The government of Union County in central Pennsylvania said a recent ransomware attack exposed information related to law enforcement and other government business.

The hackers compromised home routers made by Zyxel to gain entry into a “major” telecommunications company's environment.

The FBI is warning that fake online document converters are being used to steal people's information and, in worst-case scenarios, lead to ransomware attacks.

Cybercriminals are abusing Microsoft's Trusted Signing platform to code-sign malware executables with short-lived three-day certificates.

Cloudflare announced that it closed all HTTP connections and it is now accepting only secure, HTTPS connections for api.cloudflare.com.

Active exploitation of Cisco CVE-2024-20439 & 20440 in Smart Licensing forces urgent patching of vulnerable versions.

China-linked APT Aquatic Panda targeted 7 organizations in a 10-month espionage campaign using five malware families.

Katie Arrington said her role is to help alleviate policies that are hindering DOD personnel from countering adversaries.

CISA has warned U.S. federal agencies to secure their networks against attacks exploiting a high-severity vulnerability in NAKIVO's Backup & Replication software.

Veeam has patched a critical remote code execution vulnerability tracked as CVE-2025-23120 in its Backup & Replication software that impacts domain-joined installations. [...]

Veeam has patched a critical remote code execution vulnerability tracked as CVE-2025-23120 in its Backup & Replication software that impacts domain-joined installations.

North Korea is reportedly launching a new cybersecurity unit called Research Center 227 within its intelligence agency Reconnaissance General Bureau (RGB).

The Littleton Electric Light & Water Department was one of a range of critical infrastructure organizations targeted by the Chinese nation-state hackers.

Researchers at Cisco Talos identified a hacking operation against Taiwan that appears to overlap with Chinese state-backed campaigns known as Volt Typhoon and Flax Typhoon.

Attackers have started targeting Cisco Smart Licensing Utility (CSLU) instances unpatched against a vulnerability exposing a built-in backdoor admin account.

CISA has warned U.S. federal agencies to secure their networks against attacks exploiting a high-severity vulnerability in NAKIVO's Backup & Replication software.

GSA will be given authority to "defer or decline" being the executive agent of IT governmentwide contracts "when necessary to ensure continuity of service or as otherwise appropriate."

BeyondTrust breach impacted 17 SaaS customers via compromised API key linked to Silk Typhoon; U.S. Treasury affected.

Multiple state-sponsored groups are experimenting with the AI-powered Gemini assistant from Google to increase productivity and to conduct research on potential infrastructure for attacks or for reconnaissance on targets.

Meta-owned WhatsApp disrupted a zero-click spyware campaign by Paragon Solutions, targeting 90 journalists and activists.

Chinese AI platform DeepSeek has disabled registrations on its DeepSeek-V3 chat platform due to an ongoing "large-scale" cyberattack targeting its services.

2025-01-31 : On January 31, 2025, the Dark Web monitoring team at ThreatMon revealed a troubling new development in the world of ransomware attacks. The notorious hacker group, Dragonforce, has claimed a new victim: SCP Building Products. This breach is yet another indication of the escalating sophistication and frequency of cybercriminal activity targeting businesses. As ransomware attacks become increasingly prevalent, it is essential for organizations to stay vigilant and prepare for the possibility of a data breach.

The Contec CMS8000, a patient monitor made by a company based in China, has vulnerabilities in its firmware that directly expose it to unauthorized access.

Broadcom patches five VMware Aria Operations flaws, including CVE-2025-22218 (CVSS 8.5), preventing credential leaks and admin privilege abuse in vers

The Silver Dania is the third ship detained in recent weeks over concerns of intentional damage to subsea infrastructure in the Baltic Sea.