S3C2 Summit 2025-07: Government Secure Supply Chain Summit

Software supply chains, while providing immense economic and software development value, are only as strong as their weakest link. Over the past several years, there has been an exponential increase in cyberattacks specifically targeting vulnerable links in critical software supply chains. The...

Inside Shadow-Earth-053: A China-Aligned Cyberespionage Campaign Against Government and Defense Sectors in Asia

A China-aligned threat group is exploiting unpatched Microsoft Exchange vulnerabilities to conduct cyberespionage against government and critical infrastructure targets across Asia and beyond...

French Police Arrest HexDex Hacker Over Mass Data Theft and Leaks

French police arrest HexDex hacker, a 20-year-old suspect accused of mass data theft and leaks targeting government, sports groups, and firms...

Pawn Storm Campaign Deploys PRISMEX, Targets Government and Critical Infrastructure Entities

This blog discusses the steganography, cloud abuse, and email-based backdoors used against the Ukrainian defense supply chain in the latest Pawn Storm campaign that TrendAI™ Research observed and analyzed...

Cloud Based WAF Upload Scan and Control: The New Standard for File Upload Security

We're excited to announce the launch of Upload Scan and Control, an essential new feature for Imperva Cloud WAF. This add-on tackles one of the most critical vulnerabilities facing web applications today—insecure file uploads—offering protection with scalability, simplicity, and enterprise-grade...

CERTFR-2025-ACT-056

creationtimestamp| type| source ---|---|--- 2025-12-22 13:56:42+00:00| seen| https://bsky.app/profile/cert-fr.bsky.social/post/3malf7z6yfx2c 2025-12-22 13:56:43+00:00| seen| https://social.numerique.gouv.fr/users/certfr/statuses/115763563781757176 2025-12-28 01:17:54+00:00| seen|...

PassiveNeuron: a sophisticated campaign targeting servers of high-profile organizations

Introduction Back in 2024, we gave a brief description of a complex cyberespionage campaign that we dubbed "PassiveNeuron". This campaign involved compromising the servers of government organizations with previously unknown APT implants, named "Neursite" and "NeuralExecutor". However, since its...

Rewiring Democracy is Coming Soon

My latest book, Rewiring Democracy: How AI Will Transform Our Politics, Government, and Citizenship , will be published in just over a week. No reviews yet, but you can read chapters 12 and 34 of 43 chapters total. You can order the book pretty much everywhere, and a copy signed by me here. Pleas...

OPENSUSE-SU-2025:15564-1 govulncheck-vulndb-0.0.20250917T170349-1.1 on GA media

These are all security issues fixed in the govulncheck-vulndb-0.0.20250917T170349-1.1 package on the GA media of openSUSE Tumbleweed...

The WIRED Guide to Protecting Yourself From Government Surveillance

Donald Trump has vowed to deport millions and jail his enemies. To carry out that agenda, his administration will exploit America’s digital surveillance machine. Here are some steps you can take to evade it...

Earth Kurma APT Campaign Targets Southeast Asian Government, Telecom Sectors

An APT group dubbed Earth Kurma is actively targeting government and telecommunications organizations in Southeast Asia using advanced malware, rootkits, and trusted cloud services to conduct cyberespionage...

U.S. Offered $10M for Hacker Just Arrested by Russia

In January 2022, KrebsOnSecurity identified a Russian man named Mikhail Matveev as "Wazawaka ," a cybercriminal who was deeply involved in the formation and operation of multiple ransomware groups. The U.S. government indicted Matveev as a top ransomware purveyor a year later, offering $10 millio...

China’s Surveillance State Is Selling Citizen Data as a Side Hustle

Chinese black market operators are openly recruiting government agency insiders, paying them for access to surveillance data and then reselling it online—no questions asked...

FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions

The U.S. Federal Bureau of Investigation FBI has sought assistance from the public in connection with an investigation involving the breach of edge devices and computer networks belonging to companies and government entities. "An Advanced Persistent Threat group allegedly created and deployed...

U.S. Government Issues New TLP Guidance for Cross-Sector Threat Intelligence Sharing

The U.S. government USG has issued new guidance governing the use of the Traffic Light Protocol TLP to handle threat intelligence information shared between the private sector, individual researchers, and Federal Departments and Agencies. "The USG follows TLP markings on cybersecurity information...

Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations

Summary The Federal Bureau of Investigation FBI, the Cybersecurity and Infrastructure Security Agency CISA, the National Security Agency NSA, the Communications Security Establishment Canada CSE, the Australian Federal Police AFP, and Australian Signals Directorate's Australian Cyber Security...

More on My AI and Democracy Book

In July, I wrote about my new book project on AI and democracy, to be published by MIT Press in fall 2025. My co-author and collaborator Nathan Sanders and I are hard at work writing. At this point, we would like feedback on titles. Here are four possibilities: 1. Rewiring the Republic: How AI Wi...

Ukraine Bans Telegram Use for Government and Military Personnel

Ukraine has restricted the use of the Telegram messaging app by government officials, military personnel, and other defense and critical infrastructure workers, citing national security concerns. The ban was announced by the National Coordination Centre for Cybersecurity NCCC in a post shared on...

The Iranian Cyber Capability

The Iranian Cyber Capability By Ernesto Fernández Provecho, Pham Duy Phuc, and John Fokker · September 19, 2024 Introduction In recent years, The Islamic Republic of Iran has extensively promoted the execution of cyber campaigns to protect its national interests, deter adversaries, and conduct...

Iranian Cyber Group OilRig Targets Iraqi Government in Sophisticated Malware Attack

Iraqi government networks have emerged as the target of an "elaborate" cyber attack campaign orchestrated by an Iran state-sponsored threat actor called OilRig. The attacks singled out Iraqi organizations such as the Prime Minister's Office and the Ministry of Foreign Affairs, cybersecurity compa...