Security Bulletin

Attackers post links to fake websites on LinkedIn to ask people to complete malicious CAPTCHA challenges that install malware.

AI will do the tedious work – leaving SOC workers free to do higher-level analysis and threat hunting.

SecurityWeek reports that 99% of 351 healthcare organizations had internet of medical things devices with actively exploited vulnerabilities, while 20% of hospital information systems are impacted by security issues leveraged in ransomware intrusions...

Reduced federal support for the Cybersecurity and Infrastructure Security Agency under the Trump administration was warned by experts to preview a significant threat to the integrity of the U.S. elections, according to Infosecurity Magazine.

Despite claiming to encourage improved cybersecurity defenses, President Donald Trump's new "Achieving Efficiency Through State and Local Preparedness" executive order was criticized by cybersecurity experts for giving state and local governments...

More than $8.2 billion worth of Tether pilfered via romance baiting scams have been sequestered by the U.S.

Fifty-six percent of 270 U.S. appellate court judges may have had their personal details available on data broker sites, reports The Record, a news site by cybersecurity firm Recorded Future.

Cybernews reports that Walmart's membership-only warehouse chain Sam's Club was among the hundreds of other organizations most recently claimed to have been breached by the Clop ransomware operation as part of its attacks leveraging a Cleo file...

Significant enterprise data compromise could be facilitated by browser-native ransomware attacks, which set sights on users' digital identities and exploit the increasing adoption of cloud-based enterprise storage instead of depending on the...

Advanced Crocodilus Android trojan emerges Widely known cryptocurrency wallets, as well as banks in Spain and Turkey, have already been targeted in attacks involving the novel sophisticated Crocodilus Android trojan, which combines bot and remote...

Attacks with the Grandoreiro banking trojan have been deployed against individuals in Mexico, Argentina, and Spain as part of recent phishing campaigns, SecurityWeek reports.

About three weeks ago, Apache patched two vulnerabilities in Apache Camel. The two vulnerabilities (CVE-2025-27636 and CVE-2025-29891) may lead to remote code execution, but not in the default configuration. The vulnerability is caused by Apache...