News Stories
Phishing Scam Costs Nebraska School District $1.8 Million in Construction Funds
A sophisticated phishing scam tricked a Nebraska school district into wiring $1.8 million to cybercriminals posing as a construction vendor. The attack targeted Lincoln Public Schools during an active building project and relied on convincingly forged email communications. Authorities are investigating the breach, and no arrests have been made yet.
Read more
Chinese Cyber-Espionage Group Infiltrates Army National Guard Network Across the U.S.
A Chinese state-sponsored group dubbed “Salt Typhoon” gained unauthorized access to the IT networks of multiple U.S. Army National Guard units. The group used advanced tactics and likely exfiltrated sensitive military data. The breach remained undetected for a significant period, raising alarm over U.S. military cyber readiness.
Read more
Chinese State-Backed Hackers Breach U.S. Army National Guard Network in Espionage Campaign
A Department of Homeland Security memo confirms that “Salt Typhoon” executed an espionage campaign against the U.S. Army National Guard. The attackers conducted extensive surveillance and lateral movement to gather intelligence, marking one of the most intrusive known operations against a state military agency in recent years.
Read more
Scattered Spider Attack Hits Co-op, Exposes Data of 6.5 Million Members
The Scattered Spider group targeted UK-based Co-op, compromising data of 6.5 million members. The attackers bypassed MFA and infiltrated support systems using social engineering tactics. Stolen data includes addresses, dates of birth, and partial financial records.
Read more
Active-Duty U.S. Soldier Pleads Guilty to Hacking and Extortion of Telecom Giants
A U.S. soldier pleaded guilty to infiltrating telecom companies to steal data and extort millions. The scheme involved SIM swapping, unauthorized wire transfers, and threats to release stolen data unless paid in cryptocurrency.
Read more
Episource Data Breach Hits Over 5 Million Patients; Sensitive Medical and Insurance Data Potentially Exposed
A breach at Episource, a medical data analytics firm, affected over 5 million patients. Stolen information includes insurance ID numbers, diagnoses, treatments, and provider data. The breach stemmed from unauthorized access to internal systems.
Read more
DragonForce Claims Cyberattack on U.S. Retail Giant Belk; Leaks 156GB of Sensitive Data
Hacktivist group DragonForce leaked 156GB of data stolen from Belk, a U.S. retailer. Data includes customer records, employee info, and backend access logs. The breach is politically motivated, tied to pro-Palestinian operations.
Read more
DiskStation Ransomware Gang Dismantled After Years of Targeting NAS Devices Across Europe
European authorities have dismantled the DiskStation ransomware gang, known for exploiting NAS devices. The group used weak credential brute-forcing to deploy ransomware across hundreds of targets, mainly in Germany and France.
Read more
Consentik Breach Exposes Hundreds of Shopify Stores to Admin Takeovers and Data Theft
Cybercriminals exploited a vulnerability in Consentik’s Shopify plugin to take over hundreds of merchant stores. The attackers exfiltrated customer data, order histories, and payment metadata, raising concerns over third-party e-commerce extensions.
Read more
Saudi Industrial Giant Rezayat Group Listed on Dark Web After Alleged Everest Ransomware Breach
Everest ransomware operators claim to have breached Saudi conglomerate Rezayat Group, leaking internal documents on the dark web. The breach includes HR files, contracts, and technical specifications.
Read more
Gigabyte Firmware Vulnerabilities Expose Over 240 Motherboards to Stealth UEFI Malware Attacks
Researchers discovered multiple firmware flaws in Gigabyte motherboards that could enable stealth UEFI rootkits. Over 240 models are affected. Firmware updates are required to mitigate risk.
Read more
Louis Vuitton UK Confirms Customer Data Breach Amid Growing Wave of Retail Cyberattacks
Luxury brand Louis Vuitton confirmed a breach exposing UK customer data, including contact details and partial payment info. The attack reflects a growing wave of threats against high-end retail targets.
Read more
ELMOS X Account Hacked; Hacker Incites Violence, Mentions Epstein Files
The official X (formerly Twitter) account of semiconductor firm ELMOS was hijacked to post inflammatory messages and political content, including references to Epstein and calls for violence.
Read more
Google Gemini Email Summary Flaw Enables Hidden Phishing Attacks
A flaw in Google’s Gemini AI email summarization tool can be abused to conceal phishing links. Attackers craft messages that appear benign in summaries but contain malicious redirects in full view.
Read more
Alabama City of Gardendale Allegedly Hit by INC Ransom Gang in Data Breach
INC Ransom claimed responsibility for a cyberattack on Gardendale, Alabama. The leak includes police documents, city payroll records, and incident reports, though the city hasn’t officially confirmed the breach.
Read more
Critical Vulnerabilities Discovered in Adobe Acrobat Reader and ASUS Armoury Crate
Security researchers uncovered critical RCE vulnerabilities in Adobe Acrobat and ASUS Armoury Crate that could enable system compromise. Patches have been issued for both products.
Read more
Nippon Steel Hit by Zero-Day Attack; Sensitive Data Believed Stolen
Nippon Steel suffered a breach through a zero-day vulnerability, compromising proprietary and operational data. Threat actors behind the attack remain unidentified.
Read more
Wing FTP Server Under Active Exploitation Following Critical RCE Vulnerability Disclosure
A critical RCE flaw in Wing FTP Server is being actively exploited. Attackers are deploying web shells and gaining full control of unpatched servers. Immediate updates are urged.
Read more
Podcasts
The UNFI Cyberattack: How Hackers Disrupted the U.S. Food Supply Chain
Hackers paralyzed United Natural Foods Inc. (UNFI), halting logistics and disrupting food delivery nationwide. This episode examines the attack lifecycle—how threat actors breached systems, executed ransomware, and triggered supply chain chaos.
Listen to Podcast
Zuckerberg on Trial: The $8 Billion Data Privacy Reckoning
Meta CEO Mark Zuckerberg faces major legal fire for alleged privacy violations involving Facebook’s data practices. This podcast unpacks the class-action lawsuit, regulatory pressure, and growing calls for tighter data governance.
Listen to Podcast
Operation Eastwood: Inside the Takedown of Noname057(16)
Pro-Russian DDoS group Noname057(16) was dismantled in a global law enforcement operation. Learn how digital forensics, geopolitical pressure, and inter-agency collaboration led to the collapse of one of the web’s most aggressive actors.
Listen to Podcast
Phished and Exposed: What the Co-op Hack Reveals About Retail Cybersecurity
The Co-op Group breach exposed severe flaws in retail cyber defenses. This episode examines the phishing vector, how social engineering bypassed MFA, and the importance of insider threat mitigation.
Listen to Podcast
FileFix Attacks Are Here: How Interlock’s Ransomware Is Skipping Your Defenses
Interlock ransomware now uses FileFix-based evasion tactics to defeat antivirus and EDR systems. Discover how payloads are being delivered, where traditional defenses are failing, and how victims are being selected.
Listen to Podcast
Ontinue Uncovers SVG-Based Phishing: Why Your Browser Could Be the Weak Link
A new SVG-based phishing vector uncovered by Ontinue bypasses email filters and exploits browser rendering vulnerabilities. This podcast dissects the attack method and recommends mitigation strategies.
Listen to Podcast
Exein Raises €70M: Defending the IoT-AI Frontier with Embedded Security
Exein secures major funding to harden cybersecurity in the Internet of Things and AI-enabled systems. This episode discusses their vision for embedded protection in smart devices and critical systems.
Listen to Podcast
Salt Typhoon Strikes Again: National Guard, Telecoms, and a Crisis in U.S. Cyber Defense
Salt Typhoon, a Chinese state-backed APT, hits U.S. military and telecom targets in a major espionage campaign. Learn about their evolving toolset and the national implications of these breaches.
Listen to Podcast
DragonForce Ransomware Hits Belk: 150GB Data Leak and Operational Chaos
Retail giant Belk was hit by a 150GB data breach attributed to DragonForce ransomware. This podcast explores the group’s attack blueprint, leaked data types, and ongoing business disruption.
Listen to Podcast
NVIDIA Issues Urgent Rowhammer Warning: Enable ECC or Risk AI Integrity
NVIDIA warns that memory-based Rowhammer attacks could compromise AI model integrity. This episode breaks down the vulnerability, ECC memory defenses, and the consequences for AI reliability and training.
Listen to Podcast
ZIP Security Secures $13.5M to Simplify and Scale Cyber Defense
ZIP Security raises $13.5M in funding to streamline cyber defense for growing businesses. The podcast highlights the platform’s key offerings and its goal to democratize security infrastructure.
Listen to Podcast
Century Support Services Breach: 160,000 Identities Compromised in Silent Cyberattack
A stealthy breach at Century Support Services exposed the identities of over 160,000 individuals. This podcast reviews how the breach unfolded, the data exposed, and the silent failure of detection systems.
Listen to Podcast
Threat Actor Profile
SafePay Ransomware
SafePay is a new ransomware operation linked to LockBit affiliates, known for double extortion and data leaks. Its infrastructure, negotiation style, and encrypted payloads mirror LockBit’s tactics, suggesting an inside job or reuse of tooling.
Read more
Blog
Why Is Activity Logging Crucial for Detecting Cyberattacks?
This blog explores the pivotal role of system activity logs in breach detection and response. It outlines how logging anomalies, unauthorized access attempts, and admin actions can provide early signals of cyber intrusions. The post also covers best practices for implementing robust audit logging, including log retention, real-time monitoring, and compliance standards like HIPAA and NIST.
Read more
