Authorities in the United Kingdom this week arrested four people aged 17 to 20 in connection with recent data theft and extortion attacks against the retailers Marks & Spencer and Harrods, and the British food retailer Co-op Group. The breaches have been linked to a prolific but loosely-affiliated cybercrime group dubbed "Scattered Spider," whose other recent victims include multiple airlines. READ MORE...
Nippon Steel Solutions, also known as NS Solutions and a subsidiary of Nippon Steel, disclosed a recent data breach after threat actors exploited a zero-day vulnerability. After launching an investigation into the breach, the Japan-based company found that hackers were able to gain access to information on its customers, partners, and employees after exploiting a flaw found in network equipment. READ MORE...
At the request of the United States, French police arrested a professional Russian basketball player who had a brief tenure at Penn State over accusations that he was part of a ransomware ring, according to overseas reports. News of the arrest of Daniil Kasatkin came in a court in Paris on Wednesday. His lawyer denied to foreign press that he was part of any ransomware ring. READ MORE...
A team of researchers from the University of Toronto has demonstrated that Rohammer attacks against GPUs are possible and practical. The attack method, dubbed GPUHammer, has been proven to work against a GPU from Nvidia, with the researchers using it to degrade the accuracy of machine learning models. The Rowhammer attack method has been known for more than a decade. READ MORE...
The U.S. Cybersecurity & Infrastructure Security Agency has confirmed active exploitation of the CitrixBleed 2 vulnerability (CVE-2025-5777) in Citrix NetScaler ADC and Gateway and is giving federal agencies one day to apply fixes. Such a short deadline for installing the patches is unprecedented since CISA released the Known Exploited Vulnerabilities (KEV) catalog, showing the severity of the attacks exploiting the security issue. READ MORE...