China-Linked Hackers Hit Asian Militaries in Patient Espionage Operation
Southeast Asian military organizations have been targeted in a China-linked cyberespionage campaign running for years, Palo Alto Networks reports. Likely ongoing since at least 2020 and attributed to a state-sponsored threat actor tracked as CL-STA-1087, the activity shows a high degree of patience, as the attackers stayed dormant in the compromised environments for months. Palo Alto Networks determined that CL-STA-1087 had access to an organization's environment for months. READ MORE...
Hacking Attempt Reported at Poland's Nuclear Research Center
Poland's national nuclear research center was recently targeted in a cyberattack that may have been conducted by Iranian hackers. The National Centre for Nuclear Research (NCBJ) is Poland's largest research institute focused on nuclear science and technology. It operates the country's only nuclear research reactor, MARIA, and conducts research in nuclear and particle physics, reactor technology, radiopharmaceuticals for medical applications, and industrial and environmental applications. READ MORE...
Credential-stealing crew spoofs VPN clients from Cisco, Fortinet, and others
A group of cybercriminals tracked as Storm-2561 is using fake enterprise VPN clients from CheckPoint, Cisco, Fortinet, Ivanti, and other vendors to steal users' credentials, according to Microsoft. Storm-2561 is a newish criminal gang ("Storm" followed by a number is how Microsoft tracks groups still in development) that has been around since May 2025, and typically uses SEO positioning and vendor impersonation to distribute malware. READ MORE...
The ransomware economy is shifting toward straight-up data extortion
Ransomware remains a scourge that shows some signs of relenting, but incident responders and threat hunters are busier than ever as more financially-motivated attackers lean exclusively on data theft for extortion. Attacks that only involve data theft for extortion may not be more prevalent than traditional ransomware when attackers encrypt systems, but momentum is moving in that direction, Genevieve Stark, head of cybercrime intelligence at Google Threat Intelligence Group, told CyberScoop. READ MORE...
Attackers are exploiting AI faster than defenders can keep up, new report warns
Cybersecurity is entering "a new phase" as artificial intelligence tools have matured and given IT defenders significantly less time to respond to cyberattacks and other threats, according to a new report released Monday. The report, authored by federal contractor Booz Allen Hamilton, concludes that threat actors have adopted AI more quickly than governments and private companies have adopted it for cyber defense. READ MORE...
FBI seeks victims of Steam games used to spread malware
The FBI is asking gamers who installed Steam titles containing malware to provide information as part of an ongoing investigation into eight malicious games uploaded to the gaming platform. In a notice published today by the FBI's Seattle Division, the agency said it is attempting to identify individuals who were affected after installing one of the malicious games on Steam between May 2024 and January 2026. READ MORE...
Supply-chain attack using invisible code hits GitHub and other repositories
Researchers say they've discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that's flummoxing traditional defenses designed to detect such threats. The researchers, from firm Aikido Security, said Friday that they found 151 malicious packages that were uploaded to GitHub from March 3 to March 9. Such supply-chain attacks have been common for nearly a decade. READ MORE...
Why Post-Quantum Cryptography Can't Wait
Somewhere in the world right now, a cybercriminal is trying to steal your organization's encrypted data. They can't read it yet, but the technology needed to do so is rapidly approaching. When ready, that technology will allow criminals to break even the most stringent traditional protections in a matter of minutes. This type of attack is part of a new "harvest-now, decrypt-later" approach, and it represents one of the most insidious threats facing organizations today. READ MORE...
- ...in 1751, President James Madison, known as the "Father of the Constitution" and cowriter of The Federalist Papers, is born in the Virginia Colony.
- ...in 1926, physicist Robert Goddard launches the first ever liquid-propellant rocket (fueled by gasoline and liquid oxygen) from a field in Auburn, MA.
- ...in 1995, the state of Mississippi formally ratifies the 13th Amendment, becoming the last state to approve the abolition of slavery, nearly 130 years after the fact.
- ...in 2020, the Dow Jones Industrial Average falls by 2,997.10, the single largest point drop in history.
