Security Bulletin

Washington has long acknowledged the growing cyber threat posed by China. In national security circles, the refrain is clear—“China, China, China”— and for good reason. But recognition is no longer enough. The time for action is now.

CyberScoop reports that the Cybersecurity and Infrastructure Security Agency would have a budget of $2.4 billion, which is $495 million lower than last year, as well as lose 1,083 positions as part of the fiscal 2026 budget proposal presented by...

NSO Group has filed an appeal to reject last month's jury ruling that ordered a $167 million payment to WhatsApp after infecting over 1,400 users of the messaging app with spyware as part of an attack campaign six years ago, TechCrunch reports.

Volkswagen Group was claimed to have been compromised by the Stormous ransomware gang but the group's assertions have not been backed by adequate evidence, reports Cybernews.

SentinelOne has attributed widespread hours-long network connectivity outages last Thursday to an infrastructure control system vulnerability leading to the deletion of critical network routes and DNS resolver rules, according to Cybersecurity Dive.

If your CISO isn't wielding influence with the CEO and helping top leaders clearly see the flight path ahead, your company is dangerously exposed.

BleepingComputer reports that leading U.S. outdoor apparel and equipment brand The North Face has confirmed that its customers' data had been pilfered following a credential stuffing intrusion against its website in April.

French luxury goods conglomerate Cartier has disclosed having its customers' data exposed following a systems breach, BleepingComputer reports.

Virginia-based community bank MainStreet Bancshares had information from almost 5% of its customers compromised following an attack against a third-party vendor in March, according to The Record, a news site by cybersecurity firm Recorded Future.

TechCrunch reports that leading trust management platform Vanta had private information from less than 4% of its over 10,000 clients inadvertently exposed to other customers due to a product code change issue, which will be completely remediated by...

Major U.S. cryptocurrency exchange Coinbase has reportedly been long aware of a customer data leak involving outsourcing firm TaskUs' Indian employees, which has resulted in a major breach that may cost up to $400 million, according to Reuters.

Confusing threat actor attribution may lead to delayed response, tech firms say.