ESET details new Ghostwriter activity targeting Ukrainian government
The latest FrostyNeighbor campaign begins with a spear-phishing email containing a PDF attachment disguised as an official communication from Ukrtelecom, a m...
Government
20 articles
Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access
The Russian state-sponsored hacking group known as Turla has transformed its custom backdoor Kazuar into a modular peer-to-peer (P2P) botnet that's engineere...
CISA orders all federal agencies to patch exploited bug in Cisco SD-WAN systems by Sunday
Cisco released a patch for the vulnerability on Thursday, writing in an advisory that it could “allow an unauthenticated, remote attacker to bypass authentic...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-42897 Microsoft...
Ghostwriter group resumes attacks on Ukrainian Government targets
ESET uncovered new Ghostwriter (aka FrostyNeighbor) activity targeting Ukrainian government organizations in a campaign active since March 2026. ESET researc...
CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
The U.S.
Trump administration's voter data collection efforts face legal challenges
The Department of Justice's Office of Legal Counsel issued a memo arguing that a provision in the 1960 Civil Rights Act, requiring election officials to reta...
ODNI taps officials to coordinate response to foreign election threats
Director of National Intelligence Tulsi Gabbard has tapped two individuals to coordinate work across U.S.
Achieve Federal-Grade M365 Security: Governing with Qualys SSPM and SCuBA
Qualys SaaS Security Posture Management (SSPM) introduces native support for the Secure Cloud Business Applications (SCuBA) compliance framework, bringing CI...
Sandworm Hackers Shift From IT Breaches to Critical OT Targets
A new wave of cyber activity linked to the notorious Sandworm group is raising fresh alarms across global critical infrastructure. Security researchers warn ...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-20182 Cisco Cat...
AI cyber capability is speeding past earlier projections
AI cyber capability is improving faster than expected, with newer models surpassing earlier projections, according to the UK government’s AI Security Institu...
Fired employee sought AI help to hide deletion of hosting firm’s customer data
The apparent revenge deletion of US federal databases after the dismissal of twin brothers from an online hosting company is another reminder to IT and HR le...
UK moves to shield security researchers in cybercrime law overhaul
The proposed reforms, outlined in briefing documents published alongside the King’s Speech opening a new parliamentary session, would update the Computer Mis...
Government to Scrutinize Instructure Over Canvas Disruption, Data Breach
The Committee on Homeland Security has requested to be briefed on the incident and Instructure’s remediation steps. The post Government to Scrutinize Instruc...
How Rapid7 is bringing Cyber GRC closer to security operations
Sabeen Malik is VP, Global Government Affairs and Public Policy at Rapid7. ⠀ Security teams need a better way to connect what they detect, what they fix, and...
What is Cyber GRC? How Rapid7 is bringing compliance closer to security operations
Sabeen Malik is VP, Global Government Affairs and Public Policy at Rapid7. ⠀ Security teams need a better way to connect what they detect, what they fix, and...
Virginia man found guilty of destroying government databases after being fired
The incident occurred on February 18, 2025, shortly after Sohaib Akhter and his twin brother, Muneeb Akhter, were fired by their employer, a company that ser...
Federal agencies ordered to patch Ivanti EPMM zero-day in 3 days
The actively exploited flaw enables remote admin users to execute arbitrary code.
Virginia man found guilty of deleting 96 government databases
A Virginia man was convicted on federal charges Thursday after a jury found him guilty of deleting 96 government databases and stealing an individual’s passw...