UK government tries again to access encrypted Apple customer data

The U.K. government is still trying to gain access to encrypted iCloud data, according to the Financial Times, after British officials allegedly filed a new secret order demanding Apple build a backdoor. On Wednesday, the British newspaper reported that the Read More …

Phantom Taurus: A New Chinese Nexus APT and the Discovery of the NET-STAR Malware Suite

Phantom Taurus is a previously undocumented nation-state actor whose espionage operations align with People’s Republic of China (PRC) state interests. Over the past two and a half years, Unit 42 researchers have observed Phantom Taurus targeting government and telecommunications organizations Read More …

Microsoft SharePoint Zero-Day Exploitation: What Public Sector Leaders Should Know

The Rapid7 September 2025 Threat Report highlights active exploitation of a critical Microsoft SharePoint vulnerability, CVE-2025-53770. This zero-day is being used by threat actors to gain initial access to victim networks, with exploitation observed in government as well as multiple Read More …

‘Widespread’ breach let hackers steal employee data from FEMA and CBP

A “widespread cybersecurity incident” at the Federal Emergency Management Agency allowed hackers to make off with employee data from both the disaster management office and U.S. Customs and Border Protection, according to a screenshot of an incident overview presentation obtained Read More …

UK: Jaguar Land Rover rescued with £1.5bn Government loan after cyber attack

The Government has agreed to support Jaguar Land Rover (JLR) with a loan guarantee expected to unlock £1.5billion to support its supply chain. JLR suspended production at its UK factories following the cyber attack on 31 August, including the one Read More …

SVG Phishing hits Ukraine with Amatera Stealer, PureMiner

FortiGuard Labs recently observed a phishing campaign designed to impersonate Ukrainian government agencies and deliver additional malware to targeted systems. The phishing emails contain malicious Scalable Vector Graphics (SVG) files designed to trick recipients into opening harmful attachments. When opened, Read More …

CISA Directs Federal Agencies to Identify and Mitigate Potential Compromise of Cisco Devices

Today, CISA issued Emergency Directive ED 25-03: Identify and Mitigate Potential Compromise of Cisco Devices to address vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Cisco Firepower devices. CISA has added vulnerabilities CVE-2025-20333 and CVE-2025-20362 to the Known Exploited Vulnerabilities Read More …

US federal agency breached by hackers using GeoServer exploit

In mid-July 2024, a threat actor managed to break into a US Federal Civilian Executive Branch (FCEB) agency by exploiting a critical remote code execution (RCE) vulnerability in GeoServer, the government has confirmed. In an in-depth report detailing the incident, Read More …

ICE reactivates contract with spyware maker Paragon

U.S. Immigration and Customs Enforcement (ICE) signed a contract last year with Israeli spyware maker Paragon worth $2 million . Shortly after, the Biden administration put the contract under review, issuing a “stop work order,” to determine whether the contract Read More …

Jamaica: Cyber attack on Office of Registrar General contained, but services impacted

The Office of the Registrar-General (ORG), formerly the Registrar General’s Department (RGD), says it was affected by a cyber incident detected on Sunday and is working to determine its full scope. “Our initial assessment indicates that this incident was primarily Read More …