A solicitor whose use of “emotive and antisemitic language” on social media appeared designed to cause “maximum offence” has been given a six-month suspended suspension. The post Suspended suspension for…
Large law firms that overbill their clients or make false environmental and diversity claims could be prosecuted under legislation coming into force next Monday. The post Large law firms could…
The Council for Licensed Conveyancers has issued its first approval for a law firm to use a third-party managed account for its client funds. The post Third-party managed account first…
City law firm Kennedys has apologised unreservedly after accidentally disclosing the email addresses of people registered to receive updates on the Church of England redress scheme. The post Major City…
The company said the threat actor abused its Claude Code service to “an unprecedented degree,” automating reconnaissance, intrusions, and credential harvesting. – Read More
“ZipLine” appears to be a sophisticated and carefully planned campaign that has already affected dozens of small, medium, and large organizations across multiple industry sectors. – Read More
In response to a cyberattack that was first detected on Sunday, the governor shut down in-person services for state offices while restoration efforts are underway. – Read More
The Mustang Panda APT is hijacking Google Chrome browsers when they attempt to connect to new networks and redirecting them to phishing sites. – Read More
A group tracked as UNC6395 engaged in “widespread data theft” via compromised OAuth tokens from a third-party app called Salesloft Drift. – Read More
The financially motivated threat actor known as Storm-0501 has been observed refining its tactics to conduct data exfiltration and extortion attacks targeting cloud environments. “Unlike traditional on-premises ransomware, where the…
The Elon Musk–founded Department of Government Efficiency (DOGE) uploaded to an insecure Amazon Web Services server a copy of Americans’ Social Security data, risking the security of critical personal information…
Cybersecurity company ESET has disclosed that it discovered an artificial intelligence (AI)-powered ransomware variant codenamed PromptLock. Written in Golang, the newly identified strain uses the gpt-oss:20b model from OpenAI locally…
Microsoft Threat Intelligence today released a report on the financially motivated group Storm-0501, warning that the threat actor has sharpened its ransomware tactics by exploiting hijacked privileged accounts to move…
The financially motivated threat group used cloud resources to conduct a complex, ransomware-style attack against an enterprise victim. – Read More
Anthropic on Wednesday revealed that it disrupted a sophisticated operation that weaponized its artificial intelligence (AI)-powered chatbot Claude to conduct large-scale theft and extortion of personal data in July 2025.…