The FBI is warning unsuspecting lawyers that their firms continue to be an active target for members of a longstanding extortion crew. Silent Ransom Group has been operating since 2022, by the FBI's reckoning, and its latest message [PDF] about the gang comes almost exactly a year after its last. The group is still targeting US law firms and their staff, and the criminals are pretending to be company IT staff. READ MORE...
A Romanian national was sentenced this week to 56 months in federal prison for breaking into an Oregon state government computer network and fr cyberattacks targeting dozens of other U.S. victims. 46-year-old Catalin Dragomir (who used the online handle "inthematrixl") of Constanta, Romania, pleaded guilty on February 19 to one count of aggravated identity theft and one count of obtaining information from a protected computer. READ MORE...
A Secure Boot certificate refresh is rolling out across supported Windows devices through Windows Update. In June 2026, the Secure Boot certificates that have shipped inside Windows since 2011 begin to expire, and Microsoft is replacing them with new 2023-dated certificates. The good news: If you keep your PC updated, you probably won't need to do anything. The bad news: Some older devices may not transition cleanly. READ MORE...
Security researchers chained together five separate weaknesses in the popular workflow automation service Zapier that, if first discovered by a malicious actor, could have granted access to millions of user accounts and the systems those accounts connect to. The flaws, disclosed by security firm Token Security, did not require malware or insider access. The only prerequisite, according to the company's report, was a free Zapier account. READ MORE...
The BTMOB remote access trojan (RAT) is becoming a heightened threat to Android users due to its data theft and device takeover capabilities, ESET warns. Believed to be based on the SpySolr malware, BTMOB is distributed via phishing attacks leveraging lures such as streaming, cryptocurrency mining, and other familiar services. Its developers, however, sell it bundled with an APK builder interface, allowing threat actors to tailor lures and create new payloads. READ MORE...
The Glassworm botnet, a global operation targeting software developers through the open-source supply chain, was disrupted Wednesday in a coordinated takedown led by CrowdStrike. All four of the botnet's command-and-control channels were targeted simultaneously, effectively disconnecting them from their infected computers and leaving them unable to deliver malicious payloads, according to a blog post from the cybersecurity company. READ MORE...
Nearly all executives are confident their employees are using AI responsibly, but shadow AI is creeping its way into organizations, an Okta survey released Wednesday found. More than half of employees reported they're using personal AI tools without approval, the security platform provider learned in surveying nearly 300 tech executives and 500 knowledge workers along with market research firm Apprize360. READ MORE...
Over the decades, there has been no shortage of sites using clever techniques to covertly track visitors' browsing histories, device fingerprints, and keystrokes and mouse movements in real time. Even Meta and Yandex were recently caught joining in the privacy-invasive free-for-all. Now sites have a new way to spy on their visitors: measuring subtle interactions with their solid-state drives. The technique allows sites to monitor other sites and apps a visitor is using on their devices. READ MORE...
A vulnerability in open source, self-hosted Git service Gitea could have allowed unauthenticated attackers to pull private container images from over 30,000 deployments, AI pentesting firm NoScope warns. Tracked as CVE-2026-27771, the security flaw is described as an access control issue impacting Gitea's built-in container registry. Forgejo, which shares the implementation, is also affected. Other Gitea-derived forks may be impacted as well. READ MORE...
Attackers have reduced the time to develop an exploit for a known vulnerability from 125 days to a mere half a day, thanks to the use of AI-assisted development, leaving vulnerability scanners struggling to keep pace, new research has found. Cogent Research analyzed 69,159 common vulnerabilities and exposures (CVEs) and found that in January 2025, attackers needed 125.3 days to develop a method for exploiting them, according to a report published today. READ MORE...