The Record

Researchers at Google said the current campaign involving versions of the Salesforce Data Loader tool has targeted about 20 organizations and is ongoing.

Ukraine said it hacked into the internal systems of Russia’s state-owned aircraft manufacturer Tupolev, days after a drone offensive destroyed planes made by company.

Germany's data privacy regulator said the company has strengthened its protections since the case began, ensuring similar problems will not occur in the future.

Researchers are warning about the rise of Crocodilus malware, which can trick victims into thinking that a fraudster is contacting them from a trusted number, such as a bank's support line.

A man pleaded guilty to his involvement in a string of swatting and bomb threat incidents that allegedly impacted at least 25 members of Congress or their family members, as well as law enforcement officials and members of the federal judiciary.

In regulatory filings with the Securities and Exchange Commission, MainStreet Bank's holding company said a cyber incident connected to a third-party vendor had exposed information.

Spyware maker NSO Group asked a federal judge to reduce the damages it owes to WhatsApp in a case involving 1,400 infected phones, or set up a new trial.

The sites were used for more than a decade by cybercriminals who wanted to test malware against security tools.

BO Team, also known as Black Owl, has been active since early 2024 and appears to operate independently, with its own arsenal of tools and tactics, researchers at Russian cybersecurity firm Kaspersky said.

The hack into the account of the country’s top security official has drawn criticism online.

Three hospitals run by Catholic healthcare organization Covenant Health are dealing with a cyberattack that forced the facilities to shut off all access to data systems.

Several Senate Democrats called on Homeland Security Secretary Kristi Noem to reestablish the Cyber Safety Review Board (CSRB) so it could continue looking into China-linked hacks.

A 28-year-old civilian IT worker at the Defense Intelligence Agency has been arrested in Northern Virginia on suspicion that he leaked secrets to a foreign government.

The latest report from Meta on social media influence operations tracked some low-impact campaigns to China, Iran and Romania.

Russian internet service provider ASVT blamed widespread outages on a DDoS incident and attributed it to a pro-Ukraine collective.

The company said it “recently learned of suspicious activity” within its environment that it believes “was tied to a sophisticated nation state actor, which affected a very small number of ScreenConnect customers.”

Funnull Technology supports “hundreds of thousands of websites” dedicated to the scams, otherwise known as pig butchering, according to the sanctions announcement by the Treasury Department’s Office of Foreign Assets Control.

The retailer's domain now features a brief message to customers explaining that it has “identified and are taking steps to address a security incident.”

Google Threat Intelligence spotted the China-based operation known as APT41 leveraging the company's own Calendar app as part of a cyber-espionage campaign.

Researchers at cybersecurity firm DomainTools spotted a fake Bitdefender site spreading VenomRAT malware. The antivirus company said it is working to have the site taken down.