The Latest
-
Hackers find a new trick to collect Microsoft Entra user data without raising red flags
Organizations should check their logs for signs of an increasingly popular obfuscation technique, Proofpoint said.
-
US authorities warn that state-linked hackers are targeting vulnerable networking devices
Hackers linked to Russian intelligence have exploited vulnerabilities in Cisco Smart Install devices.
-
CISA details security lapses that led to GitHub leak of passwords, cloud access keys
The agency’s blog post came as lawmakers pressed the agency for answers.
-
Citrix via Flickr
Initial access broker linked to weaponization of CitrixBleed2 flaw
A similar pattern of exploitation was seen in prior attacks involving an open-source machine emulator.
-
Ransomware ecosystem grows, but ‘four-headed monster’ dominates
AI is helping hackers, a new report finds, but mostly by automating very human behaviors.
-
Data breach hits car insurance provider
Hackers gained access to more than 6.9 million records at AssuranceAmerica by targeting a company employee.
-
Accenture faces massive data breach that could put clients at risk
The threat actor claiming responsibility says they stole source code, encryption keys and more.
-
US enterprises incorporate cyber risk into larger strategic focus
The rapid adoption of AI and cloud is forcing significant shifts toward business resilience and financial impact.
Updated July 8, 2026 -
Deep Dive
Sophisticated threat campaign pushes Cisco to the very edge
A monthslong exploitation wave against Cisco SD-WAN systems raises larger questions about trust and the insecurity of network infrastructure.
-
Businesses modernizing networks for AI fear expanding attack surface, limited visibility
IT leaders are worried that security controls aren’t keeping pace with threats to AI systems.
-
Alleged member of Scattered Spider extradited to US
A man with dual U.S.-Estonian citizenship was charged in connection to the hack of a luxury jewelry retailer.
-
Why schools are easy prey for hackers — and why they struggle to fight back
Power plants and gas pipelines might receive more attention, but schools are arguably more vulnerable.
-
Most cybersecurity workers have been told to conceal a breach, report finds
Security firm Bitdefender also found that U.S. companies were simultaneously more confident and more strained on cyber defense than foreign peers.
-
FortiBleed campaign traced to INC and Lynx ransomware operations
Researchers are also investigating the role of a suspected zero-day vulnerability.
-
Anthropic reactivates Fable, Mythos after securing government approval
The company’s powerful frontier models are back, but vetting issues remain unresolved.
-
Critical flaw in Oracle E-Business Suite is under immediate threat
Researchers warn that successful exploitation of the vulnerability could allow an attacker to compromise Oracle Payments.
-
DHS proposes new system for public-private infrastructure security collaboration
The Trump administration eliminated the previous framework in 2025, sparking backlash from experts and infrastructure operators.
-
Critical flaw in SimpleHelp exploited in attacks targeting sensitive credentials
Researchers found two previously undisclosed malware samples used to steal AI assistant tokens and other valuable secrets.
-
OpenAI voluntarily limits new AI models at government’s request
The company said Friday it was working with the government on a more formal process for reviewing model releases.
-
Retrieved from iStock.
Insurance body confirms hackers posted Oracle PeopleSoft breach data
NAIC warned that some ratings agencies have suspended data feeds as a precaution.
Updated June 29, 2026 -
Software, AI companies form alliance to tackle open-source security flaws
The emergence of frontier AI models has increased the speed and capabilities of malicious hackers.
-
FCC requires emergency-alert distributors to secure their systems
More than a decade after a high-profile hacking campaign, the commission is moving from recommending basic security protocols to requiring them.
-
AWS unveils agent security, data access tools
The updates reflect Anthropic’s Mythos model and the speed at which vulnerabilities can be surfaced.
-
As cyber risk evolves, the insurance industry tightens guardrails
C-suite executives are concerned about resilience, but claims are increasingly tied to strict underwriting standards.
-
NIST offers security guidance for water utilities using remote-access tools
The technology is one of the water sector’s biggest cybersecurity weaknesses.