News • Insights • Analysis
Thousands more Oregonians will soon receive data breach letters in the continued fallout from the TriZetto data breach, in which someone hacked the insurance verification provider and gained access to its healthcare provider customers across multiple US states. The breach Read More …
A confidential informant told the FBI in 2017 that Jeffrey Epstein had a “personal hacker,” according to a document released by the Department of Justice on Friday. The document, which was released as part of the Justice Department’s legally required Read More …
One of the largest and most successful North Korean state-sponsored threat actors has split into three separate entities, each with their own tactics, malware tools, targets, and goals, experts have warned. In a recent in-depth analysis, researchers from CrowdStrike expalined Read More …
The ShinyHunters ransomware group has claimed the theft of data containing 10 million records belonging to the Match Group and 14 million records from bakery-café chain Panera Bread. The Match Group, that runs multiple popular online dating services like Tinder, Read More …
Marquis, a US fintech company building software for banks and credit unions, has confirmed suffering a ransomware attack and losing sensitive customer data, but shifted the blame onto its firewall provider, SonicWall. In mid-September 2025, SonicWall warned its firewall customers Read More …
Ivanti has patched two critical zero-day vulnerabilities in its Endpoint Manager Mobile (EPMM) product that are already being exploited, continuing a grim run of January security incidents for enterprise IT vendors. In January 2025, tens of thousands were urged to Read More …
On January 20, a supply chain attack has occurred, with the infected software being the eScan antivirus developed by an Indian company MicroWorld Technologies. The previously unknown malware was distributed through the eScan update server. The same day, our security Read More …
Microsoft issued an emergency patch for a high-severity zero-day vulnerability in Office that allows attackers to bypass document security checks and is being exploited in the wild via malicious files. Microsoft pushed the emergency patch for the zero‑day, tracked as Read More …
Newly disclosed vulnerability Common Vulnerabilities and Exposures (CVE)-2026-24858 [Common Weakness Enumeration (CWE)-288: Authentication Bypass Using an Alternate Path or Channel] allows malicious actors with a FortiCloud account and a registered device to log in to separate devices registered to other Read More …
TechRadar now have confirmation exactly how many people were affected by the December 2025 breach at SoundCloud, as well as how users can check if they are affected. In mid-December 2025, SoundCloud confirmed suffering a cyberattack and losing sensitive data Read More …
