Three new threat groups began targeting critical infrastructure last year, while a well-known Beijing-backed crew - Volt Typhoon - continued to compromise cellular gateways and routers, and then break into US electric, oil, and gas companies in 2025, according to Dragos' annual threat report published on Tuesday. Dragos specializes in operational technology (OT) security, and as such, its customers include energy, water, manufacturing, transportation, and other critical industries. READ MORE...
Hackers have stolen the personal and contact information of nearly 1 million accounts after breaching the systems of Figure Technology Solutions, a self-described blockchain-native financial technology company. Founded in 2018, Figure uses the Provenance blockchain for lending, borrowing, and securities trading, and has unlocked over $22 billion in home equity with over 250 partners, including banks, credit unions, fintechs, and home improvement companies. READ MORE...
European rail pass provider Eurail has confirmed that customer data stolen recently by hackers has been offered for sale. The Netherlands-based company disclosed a data breach in mid-January, informing the public that the personal, order, and travel reservation information of customers who were issued a Eurail pass may have been compromised. Those who reserved a seat through Eurail may also be affected. READ MORE...
Threat actors have leveraged legitimate email notification feature of Atlassian Jira to deliver localized scam emails at scale. From late December 2025 through late January 2026, victims were targeted with spam emails from legitimate-looking Atlassian Jira Cloud addresses. Organizations already using Jira were specifically targeted: the attackers selected domains known to have active Jira instances, which means recipients would be used to receiving Jira notifications. READ MORE...
Data-only extortion attacks surged elevenfold over the past year, according to a report that the security firm Arctic Wolf released on Tuesday, illustrating how ransomware gangs are capitalizing on businesses' fears of reputational damage. In 22% of cases that Arctic Wolf responded to between November 2024 and November 2025, hackers only threatened to expose stolen data, rather than to leave it encrypted - a significant increase from the prior period, when only 2% of cases unfolded that way. READ MORE...
Notepad++, the popular text and source code editor for Windows whose update mechanism was hijacked last year, has been updated to prevent similar attacks in the future. The hijacking of the update mechanism was confirmed earlier this month by Notepad++ maintainer Don Ho. The attackers were able to intercept communications between the updater client and the Notepad++ update servers, allowing them to deliver and run a malicious update in place of a legitimate one. READ MORE...
Researchers have spotted new malware embedded in the firmware of Android devices from multiple vendors that injects itself into every app on infected systems, giving attackers virtually unrestricted remote access to them. Kaspersky is tracking the malware as "Keenadu" after coming across it while hunting for Android-firmware level threats like the Triada remote access Trojan (RAT) for stealing data from banking and communication apps. READ MORE...
A suspected Chinese state-backed hacking group has been quietly exploiting a critical Dell security flaw in zero-day attacks that started in mid-2024. Security researchers from Mandiant and the Google Threat Intelligence Group (GTIG) revealed today that the UNC6201 group exploited a maximum-severity hardcoded-credential vulnerability (tracked as CVE-2026-22769) in Dell RecoverPoint for Virtual Machines, a solution used for VMware virtual machine backup and recovery. READ MORE...
Generative AI tools are surprisingly poor at suggesting strong passwords, experts say. AI security company Irregular looked at Claude, ChatGPT, and Gemini, and found all three GenAI tools put forward seemingly strong passwords that were, in fact, easily guessable. Prompting each of them to generate 16-character passwords featuring special characters, numbers, and letters in different cases, produced what appeared to be complex passphrases. READ MORE...
Researchers have identified more than a dozen vulnerabilities in popular PDF platforms from Foxit and Apryse, demonstrating how attackers could have exploited them for account takeover, data exfiltration, and other attacks. The vulnerabilities were discovered by researchers at penetration testing startup Novee, which emerged from stealth mode in January 2026 with over $51 million in funding. READ MORE...