Browsing: Security

Immigration and Customs Enforcement (ICE) is reportedly renewing a comprehensive cybersecurity contract that will significantly expand its ability to monitor and investigate its own employees, particularly amid increased government focus on leak investigations and internal dissent.

Covenant Health, a Catholic healthcare organization, recently disclosed that a cyberattack last year compromised the sensitive information of 478,188 individuals. The breach, which occurred in May 2025, involved hackers gaining access to the organization’s network and stealing various patient data.

Cybercriminal groups are shifting their SMS phishing tactics, moving from fake package deliveries to new schemes involving fraudulent rewards points for mobile carriers, bogus tax refunds, and convincing but fake e-commerce websites. These scams aim to steal payment card data and link it to mobile wallets, with a notable increase in activity during the holiday season.

A Pakistan-aligned hacking group, APT36 (Transparent Tribe), has launched a sophisticated cyber-espionage campaign against Indian government, academic, and strategic institutions. The operation uses spear-phishing emails to deliver advanced malware capable of remote control, data exfiltration, and persistent surveillance, indicating long-term intelligence-gathering objectives.

A prominent cybercriminal group, “Scattered LAPSUS$ Hunters,” has been known for its data theft and corporate extortion. However, the group’s technical operator, known as “Rey,” was recently identified and interviewed after being tracked down. This article details the methods used to uncover Rey’s real identity and his involvement with various cybercrime activities.

The effort includes a new research center that will bring government and industry experts together to study how AI will impact cybersecurity in critical infrastructure.

The RondoDox botnet is actively exploiting the critical React2Shell vulnerability (CVE-2025-55182) to compromise Next.js servers, deploying malware and cryptominers. This large-scale botnet, previously known for targeting various n-day flaws, has recently intensified its focus on React2Shell, with CloudSEK reporting significant exploitation attempts and the deployment of coinminers and Mirai variants.

Alexis Chavez, a leader of the 8884 offshoot of the 764 extremist collective, has pleaded guilty to charges including child exploitation. His admission marks a significant victory for law enforcement against the violent group he joined as a minor.

A recent Cloudflare outage, which temporarily took many websites offline, served as an unexpected security test for organizations relying on its protective services. Security experts suggest that companies that bypassed Cloudflare during the disruption should meticulously review their logs and internal processes to identify potential vulnerabilities and improve incident response strategies.

Two U.S. banks, Artisans’ Bank and VeraBank, have disclosed that thousands of their customers were affected by an August ransomware attack on Marquis Software, a financial software vendor. The breach exposed personal information, including Social Security numbers, for tens of thousands of individuals, though the banks confirmed their own systems remained secure.