The Record

The FBI released an urgent notice warning organizations about a campaign by several cybercriminal groups to compromise Salesforce platforms.

Spanish national Enrique Arias Gil, 37, is suspected of gathering information on Spain’s critical infrastructure and members of its security forces to facilitate cyberattacks. He is also accused of threatening journalists and business leaders who supported Ukraine.

New Zealand has imposed sanctions on Russian military intelligence hackers accused of cyberattacks on Ukraine, including members of a notorious hacking unit previously tied to destructive malware campaigns.

Finnish prosecutors allege that a U.S. national, Daniel Lee Newhard, played a role in extorting the psychotherapy center Vastaamo. Until now the case had centered on Aleksanteri Kivimäki.

Cybersecurity researchers examining an intrusion into the network of a Philippine military company found a "new and advanced malware toolset" that they linked to China.

Auditors examined CISA's Cybersecurity Retention Incentive program and found that the agency did not “properly design, implement, comply with or manage” requirements for it.

Vietnam's credit information bureau and Panama's finance ministry are each responding to apparent data breaches claimed by high-profile cybercrime groups.

The official's call for a renewal came less than three weeks before the 2015 Cybersecurity Information Sharing Act (CISA 2015), which provides incentives for private entities to voluntarily share digital threat intelligence with the federal government, is due to sunset.

A Finnish judge set free Aleksanteri "Julius" Kivimäki, convicted of extorting victims of the Vastaamo psychotherapy center's data breach, as his appeal in the case continues.

Gov. Gavin Newsom vetoed an earlier version of the bill which would also have applied to mobile operating systems last year.

Switzerland-based providers of secure email, VPNs and other digital services say a pending government proposal would be catastrophic to their ability to protect the privacy of users.

The inquiry is intended to determine whether the tech companies are taking adequate steps to limit children’s use of the chatbots — a goal that could be at odds with their desires to expand their reach.

The privacy regulator said it identified “a worrying pattern” in the 215 insider threat breach reports from the education sector between January 2022 and August 2024, with 57% of incidents caused by students who were likely motivated by “dares, notoriety, financial gain, revenge and rivalries.”

Hackers leveraged insecure Microsoft encryption technology known as RC4 to gain access to the network of the hospital chain Ascension, Sen. Ron Wyden said in a letter asking the Federal Trade Commission to investigate.

The policy roadmap’s digital security text is tame in comparison to the last two years, when the idea of studying a U.S. Cyber Force dominated the debate.

The role American investors are playing in propping up spyware vendors is notable given the aggressive actions the U.S. government has taken to rein in the sector, including through sanctions, entity listings and visa restrictions.

FlexiSPY, which is commercially available, can be more easily detected than far more expensive mercenary spyware available to nation states but has similar capabilities once installed, said John Scott-Railton, a forensic researcher at The Citizen Lab who helped confirm the infection.

Under the bail conditions, Illia Vitiuk must appear when summoned, report any change of residence, avoid contact with certain individuals and surrender his foreign passports to investigators.

A proposed update to China's national Cybersecurity Law would give Beijing firmer oversight over tech products while increasing penalties for companies and executives that don't meet requirements.

At least 29 people are dead and the prime minister has resigned following days of protests in Nepal over a social media ban that officials eventually lifted.