The Record

Chinese authorities accused the U.S. of compromising the National Time Service Center, a research institute responsible for providing timekeeping services in China for national security applications.

Sweden-based home security provider Verisure said a local subsidiary known as Alert Alarm suffered a data breach that was limited to that brand's systems.

Polish developer Kuba Gretzky wanted to prove that multi-factor authentication wasn’t foolproof. He succeeded — maybe too well. What happens when a cybersecurity warning becomes the threat itself?

A leading technology industry association has sued Texas, seeking to block a state law that requires app stores to verify user ages to purchase and download apps.

The regional American airline Envoy Air confirmed that its IT system was impacted by a recent hacking campaign targeting Oracle E-Business Suite.

Authorities raided a "SIM farm" operation that used tens of thousands of cards to enable fraud in several European countries, including Latvia and Austria.

The Dairy Farmers of America said cybercriminals breached company systems in June, gaining access to the information of employees and members of the cooperative.

Under the new partnership, law enforcement agencies which use Flock Safety products can ask Ring owners to provide images for “evidence collection and investigative work,” according to a blog post on the Ring website.

Almost 60 South Koreans will be sent home from Cambodia after that country's government agreed to repatriate people rescued from scam compounds.

Hackers are also increasingly turning to other methods to obtain credentials. Microsoft tracked surges in the use of infostealer malware by criminals and an increase of IT scams where cybercriminals call a company’s help desk and simply ask for password resets.

A German member of the European Parliament has filed a complaint urging authorities to investigate Hungarian Prime Minister Viktor Orbán for allegedly ordering the country’s secret service to break into his phone with spyware.

Cisco still has work to do in communicating with the private sector about the impact of two vulnerabilities in its Adaptive Security Appliances, Sen. Bill Cassidy says in a letter to the company's CEO.

The emergency directive orders all agencies to apply the latest updates for all at-risk F5 virtual and physical devices and downloaded software by October 22.

Matthew Lane, who demanded a ransom of $2.9 million from PowerSchool in exchange for not leaking personal data belonging to more than 70 million people, also was ordered to pay about $14 million in restitution and a $25,000 fine.

Spain-based fashion chain Mango reported a data breach that exposed customer information but did not appear to affect internal corporate systems.

Car insurance price-quote tools that auto-populated with people's sensitive data allowed cybercriminals to commit fraud elsewhere, New York's state government said in announcing fines against several companies.

U.K. outsourcing giant Capita will pay the largest penalty ever imposed by the Information Commissioner's Office (ICO) in a ransomware case.

According to a new report by cybersecurity firm Symantec, the hackers gained access to the Russian company’s software build and code-repository systems between January and May 2025 — suggesting the breach may have been an attempted software supply-chain attack aimed at the firm’s customers.

Michigan City, Indiana, has confirmed that a damaging cyber incident in September that impacted government systems was a ransomware attack.

The Florida attorney general's office sued the smart television company Roku for collecting and selling children’s sensitive data, including information showing precise geolocation, without notice and parental consent.