The European Space Agency (ESA) confirmed that attackers recently breached servers outside its corporate network. www.bleepingcomputer.com/news/securit...

Two former employees of cybersecurity incident response companies Sygnia and DigitalMint have pleaded guilty to targeting U.S. companies in BlackCat (ALPHV) ransomware attacks in 2023.

Romanian Waters (Administrația Națională Apele Române), the country's water management authority, was hit by a ransomware attack over the weekend.

Danish intelligence officials blamed Russia for orchestrating cyberattacks against Denmark's critical infrastructure, as part of Moscow's hybrid attacks against Western nations.

The Clop ransomware gang is targeting Internet-exposed Gladinet CentreStack file servers in a new data theft extortion campaign.

​Cisco warned of an unpatched, maximum-severity Cisco AsyncOS zero-day actively exploited in attacks targeting Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) appliances.

The Texas Attorney General sued five major television manufacturers, accusing them of illegally collecting their users' data by secretly recording what they watch using Automated Content Recognition (ACR) technology.

The French Interior Minister confirmed on Friday that the country's Ministry of the Interior was breached in a cyberattack that compromised e-mail servers.

The UK Information Commissioner's Office (ICO) fined the LastPass password management firm £1.2 million for failing to implement security measures that allowed an attacker to steal personal information and encrypted password vaults belonging to up to 1.6 million UK users in a 2022 breach.

An unpatched zero-day vulnerability (CVE-2025-8110) in Gogs, a popular self-hosted Git service, has enabled attackers to gain remote code execution on Internet-facing instances and compromise hundreds of servers.

"New record-breaking Arc Raiders DDoS attack reaches 100,000 free backpack requests / second."

An article that perhaps got lost in the shuffle - on record interviews with senior Dutch intelligence officials where they lament the firing of fmr NSA director Tim Haugh and reveal they are being more careful sharing intel with US partners volkskrant.nl/binnenland/n...

Russian telecom watchdog Roskomnadzor has blocked access to Apple's FaceTime video conferencing platform and the Snapchat instant messaging service, claiming they're being used to coordinate terrorist attacks.

Financial software provider Marquis Software Solutions is warning that it suffered a data breach that impacted dozens of banks and credit unions across the US.

Microsoft has silently "mitigated" a high-severity Windows LNK vulnerability (CVE-2025-9491) that multiple state-backed and cybercrime hacking groups have exploited in zero-day attacks. www.bleepingcomputer.com/news/microso...

Law enforcement officers from Switzerland and Germany have taken down the Cryptomixer cryptocurrency-mixing service, believed to have helped cybercriminals launder stolen funds. www.bleepingcomputer.com/news/securit...

Risk management company Crisis24 has confirmed its OnSolve CodeRED platform suffered a cyberattack that disrupted emergency notification systems used by state and local governments, police departments, and fire agencies across the United States.

​Dartmouth College confirms data breach after the Clop extortion gang leaks stolen documents on its dark web leak site. www.bleepingcomputer.com/news/securit...

CrowdStrike says it caught an insider sharing screenshots taken on internal systems with unnamed threat actors.

Cloudflare is investigating an outage affecting its global network services, with users encountering "internal server error" messages when attempting to access affected websites and online platforms.

Just as expected, Anthropic confirmed that the TAs essentially hand-held Claude throughout the AI-automated cyberattack, while doing most of the work 🤡

Fortinet has silently patched a critical zero-day vulnerability in its FortiWeb web application firewall, which is now being widely exploited.

There's some really big caveats to this. A thread.

The Qilin ransomware operation was spotted executing Linux encryptors in Windows using Windows Subsystem for Linux (WSL) to evade detection by traditional security tools.

An ongoing phishing campaign is targeting LastPass and Bitwarden users with fake emails claiming that the companies were hacked, urging them to download a supposedly more secure desktop version of the password manager.

On CISA media call just now to discuss the F5 hack and source code breach, CISA staffer interrupted the discussion to blame the Democrats for the government shutdown and forcing workers to work without pay

U.S. cybersecurity company F5 disclosed that it suffered a cyberattack in early August, where suspected nation-state hackers breached its systems and stole undisclosed BIG-IP security vulnerabilities and source code.

Discord says they will not be negotiating with threat actors who claim to have stolen the data of 5.5 million unique users from the company's Zendesk support system instance, including government IDs and partial payment information for some people.

The ShinyHunters extortion group has leaked samples of data belonging to dozens of companies, which were stolen in a wave of Salesforce breaches that have affected numerous companies worldwide.

A source shares some screenshots of the Lapsus ransomware gang celebrating the government shutdown as a disruption to the FBI investigations tracking them. They also refer to Trump as "my king."

CISA has issued a new emergency directive ordering U.S. federal agencies to secure their Cisco firewall devices against two flaws that have been exploited in zero-day attacks.

SonicWall warned customers today to reset credentials after their firewall configuration backup files were exposed in a security breach that impacted MySonicWall accounts.

Google has switched to a risk-based Android update process, with “high-risk” vulnerabilities patched on a monthly basis and the rest fixed on a quarterly schedule. www.androidauthority.com/android-risk...

Finnish hacker Aleksanteri Kivimäki has been released from prison following an appeal. Kivimäki hacked Finnish psychotherapy centre Vastaamo in 2020 and released highly sensitive patient files. yle.fi/a/74-20182408

The largest supply-chain compromise in the history of the NPM ecosystem has impacted roughly 10% of all cloud environments, but attackers made little profit off it.

Phishing email sent to NPM package maintainers:

Orange Belgium, a subsidiary of telecommunications giant Orange Group, disclosed on Wednesday that attackers who breached its systems in July have stolen the data of approximately 850,000 customers.

HR giant Workday breached in Salesforce data-theft attacks www.bleepingcomputer.com/news/securit...

UK-based telecommunications company Colt Technology Services is dealing with a cyberattack that has caused a multi-day outage of some of the company's operations, including hosting and porting services, Colt Online and Voice API platforms.

Security researchers have created a new FIDO downgrade attack against Microsoft Entra ID that tricks users into authenticating with weaker login methods, making them susceptible to phishing and session hijacking.

some Hyundai IONIQ 5 models can be hacked to open the doors and start the car with a Game Boy-like device. Now, Hyundai is asking customers in the UK to pay £49 to fix this huge security flaw. Details here 👇 www.theverge.com/news/757205/...

Eighty cheat websites generate between $12.8 million and $73.2 million annually, according to academics at the University of Birmingham. Up to 174,000 people may be buying cheats every month across North America and Europe. www.wired.com/story/inside... Research: github.com/SamCollins13...

Microsoft warns customers to mitigate a high-severity vulnerability in Exchange Server hybrid deployments that can let attackers escalate privileges in Exchange Online cloud environments undetected. www.bleepingcomputer.com/news/microso...

Air France and KLM announced on Wednesday that attackers had breached a customer service platform and stolen the data of an undisclosed number of customers.

Google is the latest company to suffer a data breach in an ongoing wave of Salesforce CRM data theft attacks conducted by the ShinyHunters extortion group.

Although not yet confirmed by Cisco, this is likely part of a wave of Salesforce data theft attacks linked to the ShinyHunters extortion group. Other companies affected by Salesforce data breaches: Adidas, Qantas, Allianz Life, Chanel, and LVMH brands Louis Vuitton, Dior, and Tiffany & Co.

Ransomware gangs have recently joined ongoing attacks targeting a Microsoft SharePoint vulnerability chain, part of a broader exploitation campaign that has already led to the breach of at least 148 organizations worldwide.

Minnesota Governor Tim Walz has activated the National Guard in response to a crippling cyberattack that struck the City of Saint Paul, the state's capital, on Friday.

Attackers could use a recently patched macOS vulnerability to bypass Transparency, Consent, and Control (TCC) security checks and steal sensitive user information, including Apple Intelligence cached data.

NEW: A custom firmware for the Flipper Zero, being sold by a Russian hacker for up to $1,000, can bypass modern security protections on key fobs.

 The hack defeats rolling codes & lets you clone every key fob button—lock, unlock, trunk—by capturing just a single command. san.com/cc/millions-...