The Conduent breach has quietly grown into one of the biggest third-party data incidents in US history, and the real story now is how many different programs and employers are swept up in it, even for people who have never heard of Conduent. When we first covered this incident, public filings suggested roughly 10.5 million affected individuals, heavily concentrated in Oregon and a few other states. Fresh state notifications reportedly put the total at more than 25 million people across the US. READ MORE...
Prolific cybercrime crew Scattered Lapsus$ Hunters (SLSH) is reportedly recruiting women in the hope of improving its social engineering success. According to Telegram channel posts made on February 22, gathered by Dataminr, the group behind last year's Salesloft Drift attacks promised payments between $500-$1,000 per call, depending on "success and hit rate." Interested applicants are invited to apply by sending a message to the group's "Support" account. READ MORE...
There is a certain poetic justice in a cybersecurity-related story that has emerged from Moscow this week: A man has been accused of trying to extort money... from a notorious Russian ransomware gang. Conti, one of the world's most infamous cybercriminal operations, was allegedly the victim of an attempted scam by someone pretending to be an officer of Russia's Federal Security Service (FSB). READ MORE...
The number of ransomware victims paying threat actors has dropped to 28% last year, an all-time low, despite a significant increase in the number of claimed attacks. A downward payment trend has been observed for the past four consecutive years by the blockchain intelligence platform Chainalysis. At the moment, the total of on-chain ransomware payments in 2025 stands at $820 million but the company notes that "the 2025 total is likely to approach or exceed $900 million." READ MORE...
Federal agencies have until Friday evening to update certain Cisco networking devices that are vulnerable to compromise, the Cybersecurity and Infrastructure Security Agency said on Tuesday. In an emergency directive about Cisco's Software-Defined Wide-Area Networking (SD-WAN) systems, CISA said it was "aware of a cyber threat actor's ongoing exploitation" of two vulnerabilities in Cisco Catalyst SD-WAN Manager and Catalyst SD-WAN Controller devices. READ MORE...
TrendAI, the new name of Trend Micro's enterprise business, on Wednesday announced patches for several critical and high-severity vulnerabilities found in the Windows and macOS versions of the Apex One endpoint security solution. A total of eight vulnerabilities have been addressed, including two with a critical severity rating based on their CVSS scores. The critical flaws both impact the Trend Micro Apex One management console. READ MORE...
Malwarebytes researchers have uncovered a fake (but convincing) Zoom meeting page that downloads surveillance software on Windows computers and tricks users into running it. According to Microsoft MVP Steven Lim, the page has claimed nearly 1,500 victims in 12 days. Potential victims likely visit the page after getting a meeting invite/link via email or text. The page is made to look like a Zoom waiting room and three scripted fake participants appear to join the call. READ MORE...
Three critical security vulnerabilities in Anthropic's AI-powered coding tool, Claude Code, exposed developers to full machine takeover and credential theft simply by opening a project repository. Anthropic fixed the issues after Check Point Research discovered the flaws and reported it to the company last year. Anthropic plans to introduce additional security features to harden the coding platform and, in the meantime, wants developers to use the latest version of Claude Code. READ MORE...
Networking provider Zyxel this week released patches for multiple vulnerabilities across dozens of device models, including a critical flaw leading to remote code execution. The critical-severity bug, tracked as CVE-2025-13942 (CVSS score of 9.8), is described as a command injection issue affecting the UPnP feature of 18 routers, ONTs, and wireless extenders. An attacker could exploit the flaw via crafted UPnP SOAP requests to execute OS commands on a vulnerable device. READ MORE...