Minnesota Tribe Struggles After Ransomware Attack – Dark Reading
Hotel and casino operations for the Lower Sioux Indians have been canceled or postponed, and the local health center is redirecting those needing medical or dental care. – Read More
Cyber
Ivanti warns customers of new critical flaw exploited in the wild – CSO Online
Ivanti is warning customers that a critical vulnerability that impacts its VPN appliances and other products has already been exploited in the wild by a Chinese APT group. The flaw…
Medusa Rides Momentum From Ransomware-as-a-Service Pivot – Dark Reading
Shifting to a RaaS business model has accelerated the group’s growth, and targeting critical industries like healthcare, legal, and manufacturing hasn’t hurt either. – Read More
Royal Mail investigates data leak – CSO Online
There are indications that Royal Mail has suffered a new cyber incident, around two years after it suffered a massive ransomware attack: A hacker called “GHNA” claimed in a darknet…
Big hole in big data: Critical deserialization bug in Apache Parquet allows RCE – CSO Online
A flaw in code for handling Parquet, Apache’s open-source columnar data file format, allows attackers to run arbitrary code on vulnerable instances. The vulnerability, tracked as CVE-2025-30065, is a deserialization…
CISA Layoffs Are a Momentary Disruption, Not a Threat – Dark Reading
Layoffs may cause short-term disruptions, but they don’t represent a catastrophic loss of cybersecurity capability — because the true cyber operations never resided solely within CISA to begin with. –…
Trump fires NSA and Cybercom chief, jeopardizing cyber intel – CSO Online
US President Donald Trump has summarily fired Gen. Timothy D. Haugh, head of the US National Security Agency (NSA) and US Cyber Command (Cybercom), along with Haugh’s civilian deputy, Wendy…
Royal Mail untersucht Datenleck – CSO Online
width=”1878″ height=”1056″ sizes=”(max-width: 1878px) 100vw, 1878px”>Der britische Postdienst Royal Mail untersucht Hinweise auf ein Datenleck. Hintergrund könnte der gleiche wie bei dem Fall von Samsung Deutschland sein. mikecphoto – shutterstock.com…
Secure Communications Evolve Beyond End-to-End Encryption – Dark Reading
Signal, Wickr, WhatsApp, and Cape all have different approaches to security and privacy, yet most are finding ways to make secure communications more private. – Read More
SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack – The Hacker News
The cascading supply chain attack that initially targeted Coinbase before becoming more widespread to single out users of the “tj-actions/changed-files” GitHub Action has been traced further back to the theft…
Have We Reached a Distroless Tipping Point? – The Hacker News
There’s a virtuous cycle in technology that pushes the boundaries of what’s being built and how it’s being used. A new technology development emerges and captures the world’s attention. People…
Cyberkriminalität richtet immer größere Schaden an – CSO Online
supimol kumying – shutterstock.com Ungeachtet vereinzelter Fahndungserfolge internationaler Sicherheitsbehörden erwirtschaften Cyberkriminelle von Jahr zu Jahr steigende Gewinne. Nach einer Analyse des Rückversicherers Munich Re haben die von Hackern und sonstigen…
Privilegierte Zugänge werden zum Sicherheitsrisiko – CSO Online
Kriminelle bevorzugen Phishing als Erstzugriffsmethode und nutzen legale Tools für unauffällige Angriffe auf sensible Systeme, wie eine aktuelle Studie herausfand. shutterstock – Olivier Le Moal Der Missbrauch legitimer privilegierter Zugänge…
Rafts of Security Bugs Could Rain Out Solar Grids – Dark Reading
At least three major energy solution and renewable energy companies have nearly 50 vulnerabilities — many of them “basic” mistakes — indicating a lack of developed cybersecurity safeguards. – Read…
AI programming copilots are worsening code security and leaking more secrets – CSO Online
AI coding assistants are among the early success stories of the generative AI revolution in business. Increasingly adopted, programming copilots are making inroads into development processes, enhancing developers’ productivity and…