A filing with the Maine Attorney General's Office, which requires organizations to disclose the number of individuals impacted by cybersecurity incidents, revealed that a company operating gas stations in Texas has suffered a data breach affecting more than 377,000 individuals. The disclosure was made by Gulshan Management Services, Inc., apparently associated with Gulshan Enterprises, which manages roughly 150 Handi Plus and Handi Stop gas stations and convenience stores in Texas. READ MORE...
The North Korean state-sponsored hacker group Kimsuki is using malicious QR codes in spearphishing campaigns that target U.S. organizations, the Federal Bureau of Investigation warns in a flash alert. The observed activity targets organizations involved in North Korea-related policy, research, and analysis, including non-governmental organizations, think tanks, academic institutions, strategic advisory firms, and government entities in the U.S. READ MORE...
One of the world's most capable threat actors has been carrying out seriously simple, inexpensive credential harvesting attacks against specific organizations in the Balkans, the Middle East, and Central Asia. APT 28 - popularly known as Fancy Bear and linked to the Russian Federation's Main Directorate of the General Staff of the Armed Forces (GRU) - was the single most notorious advanced persistent threat (APT) of the mid-2010s. READ MORE...
Welcome to a new year of my Patch Tuesday forecast blog where I provide a summary of Microsoft and other vendor's security patch activity (and reported issues) for the month, talk about some of the latest trends, processes, and evolution of patch management, and finally yes, provide a forecast of what security patches are expected to release next week on Patch Tuesday. Microsoft reported several issues you should be aware of with respect to the December Patch Tuesday releases. READ MORE...
The founder of a spyware company that encouraged customers to secretly monitor their romantic partners has pleaded guilty to federal charges - marking one of the few successful US prosecutions of a stalkerware operator. Bryan Fleming, who ran the now-defunct surveillance software company pcTattletale, entered a guilty plea on January 6 in a San Diego federal court to charges including computer hacking, conspiracy, and the unlawful advertising of surveillance software. READ MORE...
Our first story of 2026 revealed how a destructive new botnet called Kimwolf has infected more than two million devices by mass-compromising a vast number of unofficial Android TV streaming boxes. Today, we'll dig through digital clues left behind by the hackers, network operators and services that appear to have benefitted from Kimwolf's spread. On Dec. 17, 2025, the Chinese security firm XLab published a deep dive on Kimwolf, which forces infected devices to participate in DDOS attacks. READ MORE...
Malicious Google Chrome extensions have stolen large language model (LLM) conversations and browser data from hundreds of thousands of users. Application security vendor Ox Security detailed a campaign in a recent research blog involving malicious Google Chrome extensions posing as legitimate extensions from a company called AItopia that adds a sidebar on websites that enables chats with popular LLMs like ChatGPT and DeepSeek. READ MORE...
The US Cybersecurity and Infrastructure Security Agency (CISA) added both a newly discovered flaw and a much older one to its catalog of Known Exploited Vulnerabilities (KEV). The KEV catalog gives Federal Civilian Executive Branch (FCEB) agencies a list of vulnerabilities that are known to be exploited in the wild, along with deadlines for when they must be patched. In both of these cases, the due date is January 28, 2026. READ MORE...
There's a well-worn pattern in the development of AI chatbots. Researchers discover a vulnerability and exploit it to do something bad. The platform introduces a guardrail that stops the attack from working. Then, researchers devise a simple tweak that once again imperils chatbot users. The reason more often than not is that AI is so inherently designed to comply with user requests that the guardrails are reactive and ad hoc. READ MORE...