Extortion crews are visiting law firms pretending to be tech support, FBI warns
The FBI is warning unsuspecting lawyers that their firms continue to be an active target for members of a longstanding extortion crew. Silent Ransom Group has been operating since 2022, by the FBI's reckoning, and its latest message [PDF] about the gang comes almost exactly a year after its last. The group is still targeting US law firms and their staff, and the criminals are pretending to be company IT staff. READ MORE...
Romanian gets 5 years in prison for hacking Oregon govt network
A Romanian national was sentenced this week to 56 months in federal prison for breaking into an Oregon state government computer network and fr cyberattacks targeting dozens of other U.S. victims. 46-year-old Catalin Dragomir (who used the online handle "inthematrixl") of Constanta, Romania, pleaded guilty on February 19 to one count of aggravated identity theft and one count of obtaining information from a protected computer. READ MORE...
Your Windows PC has a security deadline in June 2026
A Secure Boot certificate refresh is rolling out across supported Windows devices through Windows Update. In June 2026, the Secure Boot certificates that have shipped inside Windows since 2011 begin to expire, and Microsoft is replacing them with new 2023-dated certificates. The good news: If you keep your PC updated, you probably won't need to do anything. The bad news: Some older devices may not transition cleanly. READ MORE...
Zapier fixes bug chain that researchers say risked widespread account takeover
Security researchers chained together five separate weaknesses in the popular workflow automation service Zapier that, if first discovered by a malicious actor, could have granted access to millions of user accounts and the systems those accounts connect to. The flaws, disclosed by security firm Token Security, did not require malware or insider access. The only prerequisite, according to the company's report, was a free Zapier account. READ MORE...
New BTMOB Android Malware Enables Full Device Takeover
The BTMOB remote access trojan (RAT) is becoming a heightened threat to Android users due to its data theft and device takeover capabilities, ESET warns. Believed to be based on the SpySolr malware, BTMOB is distributed via phishing attacks leveraging lures such as streaming, cryptocurrency mining, and other familiar services. Its developers, however, sell it bundled with an APK builder interface, allowing threat actors to tailor lures and create new payloads. READ MORE...
Coordinated operation takes down Glassworm botnet
The Glassworm botnet, a global operation targeting software developers through the open-source supply chain, was disrupted Wednesday in a coordinated takedown led by CrowdStrike. All four of the botnet's command-and-control channels were targeted simultaneously, effectively disconnecting them from their infected computers and leaving them unable to deliver malicious payloads, according to a blog post from the cybersecurity company. READ MORE...
Enterprise data is creeping its way into shadow AI tools
Nearly all executives are confident their employees are using AI responsibly, but shadow AI is creeping its way into organizations, an Okta survey released Wednesday found. More than half of employees reported they're using personal AI tools without approval, the security platform provider learned in surveying nearly 300 tech executives and 500 knowledge workers along with market research firm Apprize360. READ MORE...
Websites have a new way to spy on visitors: Analyzing their SSD activity
Over the decades, there has been no shortage of sites using clever techniques to covertly track visitors' browsing histories, device fingerprints, and keystrokes and mouse movements in real time. Even Meta and Yandex were recently caught joining in the privacy-invasive free-for-all. Now sites have a new way to spy on their visitors: measuring subtle interactions with their solid-state drives. The technique allows sites to monitor other sites and apps a visitor is using on their devices. READ MORE...
Gitea Vulnerability Exposed 30,000 Deployments to Attacks
A vulnerability in open source, self-hosted Git service Gitea could have allowed unauthenticated attackers to pull private container images from over 30,000 deployments, AI pentesting firm NoScope warns. Tracked as CVE-2026-27771, the security flaw is described as an access control issue impacting Gitea's built-in container registry. Forgejo, which shares the implementation, is also affected. Other Gitea-derived forks may be impacted as well. READ MORE...
AI-Assisted Exploit Development Outpaces Scanner Detection
Attackers have reduced the time to develop an exploit for a known vulnerability from 125 days to a mere half a day, thanks to the use of AI-assisted development, leaving vulnerability scanners struggling to keep pace, new research has found. Cogent Research analyzed 69,159 common vulnerabilities and exposures (CVEs) and found that in January 2025, attackers needed 125.3 days to develop a method for exploiting them, according to a report published today. READ MORE...
- ...in 1588, A massive Spanish fleet, known as the "Invincible Armada", sets sail from Lisbon on a mission to secure control of the English Channel.
- ...in 1892, naturalist John Muir organizes the Sierra Club.
- ...in 1910, blues guitarist Aaron Thibeaux Walker, AKA "T-Bone" Walker, is born in Linden, TX.
- ...in 1987, West German teenager Matthias Rust takes off from Helsinki in a small aircraft, makes an unauthorized 400-mile flight through Soviet airspace, and lands in Red Square.
