The federal government is warning users of home and small office routers to secure their devices as Russia state hackers continue to mass-compromise them for use in obscuring nefarious actions against sensitive organizations in the public and private sectors. Both the Russian and Chinese governments have been compromising routers for years, sometimes in prolonged tugs-of-war to wrest control of devices the other has already commandeered. READ MORE...
The UK and EU are demanding urgent action from critical infrastructure organizations after formally attributing the December 2025 cyberattack on Poland's power grid to Russia's Federal Security Service. The Foreign, Commonwealth & Development Office (FCDO) described the attack, carried out by the FSB's Centre 16 division, as "another example of the Russian state's irresponsible attempts to sow chaos across Europe." READ MORE...
Enterprise software maker SAP on Tuesday announced the release of 20 new and updated security notes as part of its July 2026 security patch day. The most severe of the resolved vulnerabilities is CVE-2026-44747 (CVSS score of 9.9), a memory corruption bug in NetWeaver Application Server ABAP. Successful exploitation of the security defect could allow an attacker to access and modify data, and cause system unavailability, SAP security firm Onapsis explains. READ MORE...
Broadcom announced on Tuesday that new VMware Avi Load Balancer updates patch several critical and high-severity vulnerabilities. VMware Avi Load Balancer is a software-defined platform that provides load balancing, application security, and analytics for applications in hybrid and multi-cloud environments. According to Broadcom, two external researchers recently discovered that the VMware product is affected by seven potentially serious vulnerabilities. READ MORE...
When a company falls victim to a ransomware attack, it is not uncommon for it to turn to experts for help. Specialist ransomware negotiation firms handle communications with criminal gangs on a victim's behalf. They know how the ransomware gangs operate, how to buy time, and how to push back on extortionate demands. They can help manage the technical side of any payment if needed, and help a corporate victim assess whether decryptors actually work. READ MORE...
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned two individuals and one entity for enabling ransomware attacks against U.S. organizations. On Monday, OFAC designated First VPN Service (1VPNS), a virtual private network provider that sold services to ransomware groups, and its administrator, Dmytro Rashevskyi. Since it surfaced in 2014, 1VPNS has advertised on cybercriminal forums that it keeps no logs of user activity and does not cooperate with law enforcement. READ MORE...
A new approach tried out by Tracebit researchers has proven very effective at stopping AI agents from fully compromising targeted environments. What makes it notable isn't the technique - prompt injection is old news - but the direction it's pointed: not to hijack AI agents, but to defend against them. Tracebit offers customers a range of canaries, i.e., decoy resources and credentials that, when targeted by attackers, provide early warning of an attack. READ MORE...
The Trump administration's abrupt firing of Election Assistance Commission commissioners last week and a Department of Justice warning threatening states with criminal prosecution have created new legal peril for officials who run, administer and secure elections. The EAC is an obscure but important agency that oversees testing and standards for voting machines, including around security. States have until now relied upon their stamp of approval when purchasing voting machines. READ MORE...
Analysts across the security industry now run generative AI through their daily work, from log triage to incident write-ups. Active use in cybersecurity strategy reached 78% of practitioners in 2026, up from half the field a year earlier. The 2026 SANS AI Survey, drawn from 536 IT and security professionals, describes what that commitment costs to keep. Reliability trailed adoption over the year. 63% of practitioners report significant shortcomings when AI detects or responds to threats. READ MORE...
Businesses should be on guard for a hacking campaign in which attackers spoof OAuth client IDs to collect information about targets' user directories, the security firm Proofpoint said on Monday. The security firm said it had observed "multiple campaigns at scale abusing spoofed OAuth application identifiers, with distinct tooling, infrastructure, and execution patterns indicating independent adoption by multiple threat actors." READ MORE...