David Imbordino, an NSA senior executive who most recently led its cybersecurity directorate in an acting capacity, has been named as its new chief. Bruce Jones, a career NSA technical and operational leader, as the new head of its Cybersecurity Collaboration Center. | Continue reading
Microsoft said it is taking the feedback seriously, adding: “To be clear about our approach to legal matters, we have no intention to pursue action against individuals conducting or publishing their security research.” | Continue reading
A suspected Pakistan-linked hacking group has targeted Afghanistan's Ministry of Finance and provincial government officials in a new cyberespionage campaign, researchers have found. | Continue reading
More than half of the attacks observed over the past year targeted educational institutions, particularly maritime universities and schools that train personnel for Russia's shipping, inland waterway and fishing industries. | Continue reading
Each vulnerability was published with working proof-of-concept code to the Microsoft-owned code repository GitHub, making them immediately available to both attackers and security professionals. | Continue reading
The company said the threat actor gained access to a limited portion of its IT environment last month after compromising an employee account. By the end of April, Carnival determined that the attacker had copied personal information from its systems. | Continue reading
Prosecutors said the man spent years using fake online identities to contact children and manipulate them into sending sexually explicit images and videos. | Continue reading
Cybercriminals have registered more than 4,300 fraudulent domains impersonating FIFA's official web presence since August 2025. | Continue reading
Anne Keast-Butler, director of GCHQ, said Russia's actions have prompted the agency to defend subsea cables and energy pipelines in British waters, disrupt Russian networks smuggling sanctioned technology and countering “reckless sabotage and assassination attempts.” | Continue reading
Dragomir was arrested in Romania in November 2024 and brought to the U.S. last year to face charges for hacking into the network belonging to Oregon’s Office of Emergency Management. | Continue reading
Army Gen. Joshua Rudd, who took the twin-leadership reins of Cyber Command and the NSA in March, recently tapped MITRE to conduct a potentially wide-ranging review into the organization, according to three people familiar with the matter. | Continue reading
In a public advisory issued Tuesday the FBI said a hacking group has targeted law firms using social engineering schemes to gain remote access to corporate systems and exfiltrate data. | Continue reading
The suspect was detained in the central Dutch town of Buren, where law enforcement officers also searched his home and seized multiple digital storage devices, according to a statement released Tuesday by the Dutch National Police. | Continue reading
The hacking group claimed to be a standalone hacktivist crew but actually has ties to the Ministry of Intelligence of the Islamic Republic of Iran (MOIS), researchers at Gambit Security said in a report published Tuesday. | Continue reading
The Lithuanian Prosecutor General’s Office said Friday that attackers gained unauthorized access to more than 600,000 records managed by the Centre of Registers, the state agency responsible for handling property and legal entity records. | Continue reading
Investigators seized more than 800 servers as they arrested two men suspected of violating European sanctions and assisting pro-Russian cyberattacks and disinformation campaigns. | Continue reading
Andrei Kozlov, the former head of a cybersecurity center within Russia’s state-owned defense conglomerate Rostec, was named an aide to Security Council Secretary Sergei Shoigu on Friday. | Continue reading
The law enforcement agency published an advisory on Thursday about Kali365 — a Telegram-based service for cybercriminals that allows them to capture legitimate "OAuth" tokens enabling widespread access to Microsoft 365 environments. | Continue reading
The bellwether lawsuit was the first of at least 1,200 to be brought by a school district against Meta, Snap, YouTube and TikTok for similar alleged harms. The other cases have not yet been tried. | Continue reading
Lawyer Adam Unikowsky spoke with Recorded Future News about why he believes geofence searches are problematic and why the way the court rules could have a dramatic impact on Americans’ right to privacy. | Continue reading
In court documents unsealed on Thursday, the Justice Department said Jacob Butler ran KimWolf as a DDoS-for-hire service that infected over a million devices worldwide. | Continue reading
The Cybersecurity and Infrastructure Security Agency (CISA) announced the creation of a nomination form on Thursday that they said enables “researchers, vendors, and industry partners” to report bugs that need to be added to the Known Exploited Vulnerabilities catalog. | Continue reading
The large-scale data breach reportedly hit Unimed, a company that handles billing services for privately insured and self-paying patients on behalf of numerous German hospitals. | Continue reading
A Belarus-linked hacking group known as GhostWriter has launched a new espionage campaign against Ukrainian government officials using fake emails disguised as messages from a popular online learning platform to deliver malware. | Continue reading
The regulator, Ofcom, had required Roblox, Snapchat, Instagram, Facebook, YouTube and TikTok to answer questions about their efforts to remove harmful algorithms, check kids’ ages and protect them from sexual predators by the end of April. | Continue reading
Adam Young, 42, and Harrison Gevirtz, 33, pleaded guilty to misprision of a felony after they were accused of offering phone numbers, call routing services, call tracking tools and call forwarding services to India-based telemarketing fraudsters. | Continue reading
The proposals would require researchers to cease activity the moment a vulnerability is identified, meaning they could not confirm it was real, assess its severity or determine its exploitability. | Continue reading
In a lengthy joint statement, Moscow and Beijing pledged closer cooperation on satellite internet technologies and joint work on software development and open-source initiatives — part of a broader effort to reduce reliance on Western technology and build a more independent techn … | Continue reading
The international operation targeted a service known as First VPN, which had been marketed for years on Russian-speaking cybercrime forums as a secure way for criminals to evade law enforcement. | Continue reading
The law mandates that platforms make it easy for people to ask that nonconsensual intimate images be removed and to delete them within 48 hours of a request. | Continue reading
The investigation began after U.S. authorities informed their Ukrainian counterparts that hackers operating from Ukraine could be involved in attacks targeting users of American e-commerce platforms, Ukraine's Prosecutor General said. | Continue reading
The move comes as other major social media platforms are killing end-to-end encryption for messaging. In recent months, Instagram and TikTok both announced they will no longer offer the feature. | Continue reading
The breach notification letters say 7-Eleven discovered the breach on April 8 and, after an investigation, determined that the cybercriminals gained access to “certain 7-Eleven systems used to store franchisee documents.” | Continue reading
In most complaints, victims said they were given detailed information by fraudsters on how to take money from their bank account, where to find a cryptocurrency kiosk and how to send the funds. | Continue reading
Github, which hosts code for more than 100 million developers worldwide, confirmed the breach on social media after TeamPCP advertised stolen source code on a cybercrime forum. | Continue reading
U.S. Senator Maggie Hassan (D-NH) sent a letter to the acting director of the Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday demanding answers about an alleged breach uncovered by cybersecurity reporter Brian Krebs involving government contractor Nightwing. | Continue reading
A new report from Ukraine’s National Security and Defense Council says Russia’s use of AI across cyber operations expanded dramatically over the past year, reshaping everything from social engineering campaigns to malware development and creating what Ukrainian officials describe … | Continue reading
There is no evidence that the incident has recurred, but the flaw remains unexplained and has not been publicly acknowledged by the company. | Continue reading
The regulator’s announcement said the change is being made due to the “urgent need to better protect women and girls online.” | Continue reading
The company unsealed a legal case in U.S. District Court on Tuesday detailing the disruption of Fox Tempest — a popular service that has operated since May 2025 and provides cybercriminals with code signing tools. | Continue reading
Investigators found hundreds of compromised devices that were used as part of the cybercriminal operation and notified device owners as part of the raids. | Continue reading
On Saturday night, the company released a statement confirming the incident and outlining their decision not to pay a ransom issued by the hackers behind the attack. | Continue reading
OpenAI announced Friday that it is rolling out a new ChatGPT feature allowing users to connect all of their financial accounts to the chatbot for personal finance advice. | Continue reading
OpenAI announced Friday that it is rolling out a new ChatGPT feature allowing users to connect all of their financial accounts to the chatbot for personal finance advice. | Continue reading
THORChain officials said the investigation into the incident is ongoing but explained that one of their six vaults was compromised, leading to a loss of about $10.7 million. | Continue reading
Cisco released a patch for the vulnerability on Thursday, writing in an advisory that it could “allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system.” | Continue reading
The actions are being taken in light of an expanding supply chain campaign impacting the popular open-source library TanStack and additional npm and PyPI packages tied to several AI companies. | Continue reading
Director of National Intelligence Tulsi Gabbard has tapped two individuals to coordinate work across U.S. spy agencies to monitor threats to the 2026 elections, according to multiple sources familiar with the matter. | Continue reading