Cybersecurity News Feeds

Major international auction house Sotheby's is notifying customers of a data breach incident on its systems where threat actors stole sensitive inform...

Hackers stole the personal information of over 17.6 million people after breaching the systems of financial services company Prosper. [...]

Threat actors exploited a recently patched remote code execution vulnerability (CVE-2025-20352) in older, unprotected Cisco networking devices to depl...

AI might help some threat actors in certain respects, but one group is proving that its use for cyberattacks has its limits.

Microsoft has disrupted a wave of Rhysida ransomware attacks in early October by revoking over 200 certificates used to sign malicious Teams installer...

Privacy left the chat. A misconfigured Kafka broker effectively undid the anonymity many users rely on.

CNN has a great piece about how cryptocurrency ATMs are used to scam people out of their money. The fees are usurious, and they’re a common place for ...

The fashion retailer says a breach at a marketing partner exposed limited contact details—but no financial data or passwords.

Florida claims Roku ignored clear signs its users were minors, collecting and selling viewing habits, voice recordings and precise locations.

The deal, which builds on LevelBlue's recent acquisition of Trustwave and Aon, aims to provide customers with a broad portfolio of extended detection ...

The cyber-espionage group has been using sophisticated custom tools to target government and diplomatic entities in South Asia since early 2025.

F5 disclosed a breach this week that included zero-day bugs, source code, and some customer information.

We dive into the “last goodbye” messages sent via TikTok that lead victims to a crypto paywall scam.

Apple is now offering a $2M bounty for a zero-click exploit. According to the Apple website: Today we’re announcing the next major chapter for Apple S...

Microsoft today released software updates to plug a whopping 172 security holes in its Windows operating systems, including at least three vulnerabili...

This is a current list of where and when I am scheduled to speak: Nathan E. Sanders and I will be giving a book talk on Rewiring Democracy at the Harv...

This chilling paragraph is in a comprehensive Brookings report about the use of tech to deport people from the US: The administration has also adapted...

The world's largest and most disruptive botnet is now drawing a majority of its firepower from compromised Internet-of-Things (IoT) devices hosted on ...

A cybercriminal group that used voice phishing attacks to siphon more than a billion records from Salesforce customers earlier this year has launched ...

U.S. prosecutors last week levied criminal hacking charges against 19-year-old U.K. national Thalha Jubair for allegedly being a core member of Scatte...

2.5 million people were affected, in a breach that could spell more trouble down the line.

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.