U.S. Justice Department Announces Actions to Combat Two Russian State-Sponsored Cyber Criminal Hacking Groups

The Justice Department announced two indictments in the Central District of California charging Ukrainian national Victoria Eduardovna Dubranova, 33, also known as Vika, Tory, and SovaSonya, for her role in conducting cyberattacks and computer intrusions against critical infrastructure and other Read More …

National cybercrime network operating for 14 years dismantled in Indonesia

Security researchers have uncovered enormous cybercrime infrastructure in Indonesia that’s been operating unabated for more than 14 years. The length of the operation, the domains included, the malware circulated, and the data being sold on the black market, were all Read More …

React2Shell RCE flaw exploited by Chinese hackers hours after disclosure

Just as the experts predicted, cybercriminals are now actively exploiting the critical severity vulnerability in React Server Components (RSC) that was discovered late last week. To make matters worse, the crooks observed abusing the bug seem to be working for Read More …

AI-Automated Threat Hunting Brings GhostPenguin Out of the Shadows

Hunting high-impact, advanced malware is a difficult task. It becomes even harder and more time-consuming when defenders focus on low-detection or zero-detection samples. Every day, a huge number of files are sent to platforms like VirusTotal, and the relevant ones Read More …

How phishers hide banking scams behind free Cloudflare Pages

During a recent investigation, we uncovered a phishing operation that combines free hosting on developer platforms with compromised legitimate websites to build convincing banking and insurance login portals. These fake pages don’t just grab a username and password–they also ask Read More …

Petco’s security lapse affected customers’ SSNs, drivers’ licenses and more

Last week, pet products and services giant Petco confirmed that it experienced a data breach involving customers’ personal information, without specifying what type of data was affected. On Friday, in a legally required filing with Texas’ attorney general’s office, Petco Read More …

Poland detains three Ukrainians over possession of hacking equipment

A Polish court has ordered three Ukrainian nationals held on charges of computer fraud and possessing hardware and software designed to commit crimes, including a suspected attempt to damage IT data deemed crucial to national defence. The three men, aged Read More …

New Prompt Injection Attack Vectors Through MCP Sampling

This article examines the security implications of the Model Context Protocol (MCP) sampling feature in the context of a widely used coding copilot application. MCP is a standard for connecting large language model (LLM) applications to external data sources and Read More …

Trump’s national security strategy wants spy agencies to watch world supply chains

President Donald Trump’s national security strategy tasks the U.S. intelligence community with monitoring global supply chains as part of a sweeping goal to decouple the nation’s economy from foreign adversaries and advance American economic interests. The demands listed in the Read More …