Discord Data Breach: Hackers Access IDs, Billing Details and Support Chats

Discord confirms a data breach via a third-party vendor, exposing government-issued photo IDs, names, emails, and limited billing data of users who contacted customer support. Learn the full risk...

Hackers Exploit Milesight Routers to Send Phishing SMS to European Users

Unknown threat actors are abusing Milesight industrial cellular routers to send SMS messages as part of a smishing campaign targeting users in European countries since at least February 2022. French cybersecurity company SEKOIA said the attackers are exploiting the cellular router's API to send...

Phantom Taurus: New China-Linked Hacker Group Hits Governments With Stealth Malware

Government and telecommunications organizations across Africa, the Middle East, and Asia have emerged as the target of a previously undocumented China-aligned nation-state actor dubbed Phantom Taurus over the past two-and-a-half years. "Phantom Taurus' main focus areas include ministries of forei...

Microsoft SharePoint Zero-Day Exploitation: What Public Sector Leaders Should Know

The Rapid7 September 2025 Threat Report highlights active exploitation of a critical Microsoft SharePoint vulnerability, CVE-2025-53770. This zero-day attack is being used by threat actors to gain initial access to victim networks, with exploitation observed in government as well as multiple othe...

EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations

Threat actors have been observed using seemingly legitimate artificial intelligence AI tools and software to sneakily slip malware for future attacks on organizations worldwide. According to Trend Micro, the campaign is using productivity or AI-enhanced tools to deliver malware targeting various...

Wiz achieves FedRAMP High authorization

Unified cloud security without compromise, delivering commercial features to sensitive government systems...

Digital Threat Modeling Under Authoritarianism

Today's world requires us to make complex and nuanced decisions about our digital security. Evaluating when to use a secure messaging app like Signal or WhatsApp, which passwords to store on your smartphone, or what to share on social media requires us to assess risks and make judgments...

Cisco ASA Firewall Zero-Day Exploits Deploy RayInitiator and LINE VIPER Malware

The U.K. National Cyber Security Centre NCSC has revealed that threat actors have exploited the recently disclosed security flaws impacting Cisco firewalls as part of zero-day attacks to deliver previously undocumented malware families like RayInitiator and LINE VIPER. "The RayInitiator and LINE...

CVE-2025-20240

creationtimestamp| type| source ---|---|--- 2025-09-25 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1645 2025-09-25 11:38:17+00:00| exploited| https://t.me/truesecator/7459 2025-09-26 08:27:34+00:00| seen|...

Chinese Hackers RedNovember Target Global Governments Using Pantegana and Cobalt Strike

A suspected cyber espionage activity cluster that was previously found targeting global government and private sector organizations spanning Africa, Asia, North America, South America, and Oceania has been assessed to be a Chinese state-sponsored threat actor. Recorded Future, which was tracking...

Inc Ransomware Group Claims 5.7 TB Theft from Pennsylvania Attorney General’s Office

The Inc ransomware gang claims to have stolen 5.7 TB of data from the Pennsylvania Attorney General's office in an August 2025 attack. Find out how the breach unfolded, why government agencies are a top target, and what this means for citizens...

Details About Chinese Surveillance and Propaganda Companies

Details from leaked documents: While people often look at China’s Great Firewall as a single, all-powerful government system unique to China, the actual process of developing and maintaining it works the same way as surveillance technology in the West. Geedge collaborates with academic institutio...

Russian Hackers Gamaredon and Turla Collaborate to Deploy Kazuar Backdoor in Ukraine

Cybersecurity researchers have discerned evidence of two Russian hacking groups Gamaredon and Turla collaborating together to target and co-comprise Ukrainian entities. Slovak cybersecurity company ESET said it observed the Gamaredon tools PteroGraphin and PteroOdd being used to execute Turla...

OPENSUSE-SU-2025:15564-1 govulncheck-vulndb-0.0.20250917T170349-1.1 on GA media

These are all security issues fixed in the govulncheck-vulndb-0.0.20250917T170349-1.1 package on the GA media of openSUSE Tumbleweed...

Chinese TA415 Uses VS Code Remote Tunnels to Spy on U.S. Economic Policy Experts

A China-aligned threat actor known as TA415 has been attributed to spear-phishing campaigns targeting the U.S. government, think tanks, and academic organizations utilizing U.S.-China economic-themed lures. "In this activity, the group masqueraded as the current Chair of the Select Committee on...

Airline data broker selling 5 billion passenger records to US government

We already knew that the US airline industry gave the government access to passenger records. However, this week it emerged that at least five billion passenger records are being sold to government agencies via a searchable database—far more than was initially believed. A few weeks ago,...

Qrator Labs Mitigated Record L7 DDoS Attack from 5.76M-Device Botnet

Qrator Labs blocked a record L7 DDoS attack from a 5.76M-device botnet targeting government systems, showing rapid global growth since March...

CVE-2025-40798

creationtimestamp| type| source ---|---|--- 2025-09-11 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-254-07...

New Buterat Backdoor Malware Found in Enterprise and Government Networks

Meet Buterat, a new backdoor malware spreading through phishing and trojanized downloads, giving attackers persistent access to enterprise and government networks...

China-Linked APT41 Hackers Target U.S. Trade Officials Amid 2025 Negotiations

The House Select Committee on China has formally issued an advisory warning of an "ongoing" series of highly targeted cyber espionage campaigns linked to the People's Republic of China PRC amid contentious U.S.–China trade talks. "These campaigns seek to compromise organizations and individuals...