Police seize “First VPN” service used in ransomware, data theft attacks
A virtual private network service called ‘First VPN,’ used in ransomware and data theft attacks, has been taken offline in a joint international law enforcement…
A virtual private network service called ‘First VPN,’ used in ransomware and data theft attacks, has been taken offline in a joint international law enforcement…
On Wednesday, Microsoft started rolling out security patches for two Defender vulnerabilities that have been exploited in zero-day attacks. The first one, tracked as CVE-2026-41091,…
Threat actors brute-forced VPN credentials and bypassed multi-factor authentication (MFA) on SonicWall Gen6 SSL-VPN appliances to deploy tools used in ransomware attacks. During the intrusions,…
The Ukrainian cyberpolice, working in conjunction with U.S. law enforcement, has identified an 18-year-old man from Odesa suspected of running an infostealer malware operation targeting…
The Grafana data breach was caused by a single GitHub workflow token that slipped through the rotation process following the TanStack npm supply-chain attack last…
Drupal has announced a “core security release” scheduled for later today, warning that threat actors might develop exploits within hours of the update disclosure. Administrators…
GitHub has confirmed that roughly 3,800 internal repositories were breached after one of its employees installed a malicious VS Code extension. The company has since…
Microsoft says it has disrupted a malware-signing-as-a-service (MSaaS) operation that abused the company’s Artifact Signing service to generate fraudulent code-signing certificates used by ransomware gangs…
A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to run arbitrary code on exposed servers. The flaw…
Microsoft plans to raise the quality bar of Windows 11 drivers, as drivers “sit at the heart of every Windows experience” and connect the OS…
IT teams now get deluged by alerts from monitoring platforms, infrastructure systems, identity services, ticketing platforms, and security tools. But during network incidents, responders are…
When an employee installs an AI writing assistant, connects a coding copilot to their IDE, or starts summarizing meetings with a new browser tool, they…