China Linked Houken Hackers Breach French Systems with Ivanti Zero Days

ANSSI report details the Chinese UNC5174 linked Houken cyberattack using Ivanti zero-days CVE-2024-8190, 8963, 9380 against the French government, defence and finance sector...

GIFTEDCROOK Malware Evolves: From Browser Stealer to Intelligence-Gathering Tool

The threat actor behind the GIFTEDCROOK malware has made significant updates to turn the malicious program from a basic browser data stealer to a potent intelligence-gathering tool. "Recent campaigns in June 2025 demonstrate GIFTEDCROOK's enhanced ability to exfiltrate a broad range of sensitive...

New Guidance Released for Reducing Memory-Related Vulnerabilities

Today, CISA, in partnership with the National Security Agency NSA, released a joint guide on reducing memory-related vulnerabilities in modern software development. Memory safety vulnerabilities pose serious risks to national security and critical infrastructure. Adopting memory safe languages MS...

U.S. House Bans WhatsApp on Official Devices Over Security and Data Protection Issues

The U.S. House of Representatives has formally banned congressional staff members from using WhatsApp on government-issued devices, citing security concerns. The development was first reported by Axios. The decision, according to the House Chief Administrative Officer CAO, was motivated by worrie...

APT28 Uses Signal Chat to Deploy BEARDSHELL Malware and COVENANT in Ukraine

The Computer Emergency Response Team of Ukraine CERT-UA has warned of a new cyber attack campaign by the Russia-linked APT28 aka UAC-0001 threat actors using Signal chat messages to deliver two previously undocumented malware families dubbedd BEARDSHELL and COVENANT. BEARDSHELL, per CERT-UA, is...

DHS Warns Pro-Iranian Hackers Likely to Target U.S. Networks After Iranian Nuclear Strikes

The United States government has warned of cyber attacks mounted by pro-Iranian groups after it launched airstrikes on Iranian nuclear sites as part of the Iran–Israel war that commenced on June 13, 2025. Stating that the ongoing conflict has created a "heightened threat environment" in the...

Safety Features for a Centralised AGI Project

Recent AI progress has outpaced expectations, with some experts now predicting AI that matches or exceeds human capabilities in all cognitive areas AGI could emerge this decade, potentially posing grave national and global security threats. AI development is currently occurring primarily in the...

The WIRED Guide to Protecting Yourself From Government Surveillance

Donald Trump has vowed to deport millions and jail his enemies. To carry out that agenda, his administration will exploit America’s digital surveillance machine. Here are some steps you can take to evade it...

Airlines Secretly Selling Passenger Data to the Government

This is news: A data broker owned by the country's major airlines, including Delta, American Airlines, and United, collected U.S. travellers' domestic flight records, sold access to them to Customs and Border Protection CBP, and then as part of the contract told CBP to not reveal where the data...

Hearing on the Federal Government and AI

On Thursday I testified before the House Committee on Oversight and Government Reform at a hearing titled "The Federal Government in the Age of Artificial Intelligence." The other speakers mostly talked about how cool AI was--and sometimes about how cool their own company was--but I was asked by...

Researchers Detail Bitter APT's Evolving Tactics as Its Geographic Scope Expands

The threat actor known as Bitter has been assessed to be a state-backed hacking group that's tasked with gathering intelligence that aligns with the interests of the Indian government. That's according to new findings jointly published by Proofpoint and Threatray in an exhaustive two-part analysi...

Interlock Ransomware Deploys New NodeSnake RAT in UK Attacks

Quorum Cyber identifies two new NodeSnake RAT variants, strongly attributed to Interlock ransomware, impacting UK higher education and local government...

Chinese APT41 Exploits Google Calendar for Malware Command-and-Control Operations

Google on Wednesday disclosed that the Chinese state-sponsored threat actor known as APT41 leveraged a malware called TOUGHPROGRESS that uses Google Calendar for command-and-control C2. The tech giant, which discovered the activity in late October 2024, said the malware was hosted on a compromise...

Russia-Linked Hackers Target Tajikistan Government with Weaponized Word Documents

The Russia-aligned threat actor known as TAG-110 has been observed conducting a spear-phishing campaign targeting Tajikistan using macro-enabled Word templates as an initial payload. The attack chain is a departure from the threat actor's previously documented use of an HTML Application .HTA load...

CVE-2023-36465

Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. The templates module doesn't enforce the correct permissions, allowing any logged-in user to access to this functionality in t...

Oops: DanaBot Malware Devs Infected Their Own PCs

The U.S. government today unsealed criminal charges against 16 individuals accused of operating and selling DanaBot , a prolific strain of information-stealing malware that has been sold on Russian cybercrime forums since 2018. The FBI says a newer version of DanaBot was used for espionage, and...

CVE-2020-20426

S-CMS Government Station Building System v5.0 contains a cross-site scripting XSS vulnerability in /function/booksave.php...

CVE-2020-20425

S-CMS Government Station Building System v5.0 contains a cross-site scripting XSS vulnerability in the search function...

Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks

A recently patched pair of security flaws affecting Ivanti Endpoint Manager Mobile EPMM software has been exploited by a China-nexus threat actor to target a wide range of sectors across Europe, North America, and the Asia-Pacific region. The vulnerabilities, tracked as CVE-2025-4427 CVSS score:...

Mysterious Database of 184 Million Records Exposes Vast Array of Login Credentials

The trove has now been taken down but included users’ logins for platforms including Apple, Google, and Meta, plus services from multiple governments...