CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-34291 Langflo...
Government
20 articles
Webworm APT targets European government organizations with new backdoors
ESET has released an analysis of the 2025 activity of Webworm, a China-aligned APT group tracked as Space Pirates and UAT-8302. Active since at least 2022, t...
Major U.S. telecom companies form new cybersecurity information sharing group
The C2 ISAC, founded by AT&T, Charter, Comcast, Cox, Lumen, T-Mobile, Verizon, and Zayo, aims to foster more candid information exchange than previously ...
Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API
Cybersecurity researchers have flagged fresh activity from a China-aligned threat actor known as Webworm in 2025, deploying custom backdoors that employ Disc...
CISA contractor's public GitHub repo exposed sensitive government credentials
The repository, named "Private-CISA" and maintained by contractor Nightwing, exposed AWS administrative credentials, access keys, tokens, plaintext usernames...
Contractor’s public GitHub account exposed GovCloud and CISA credentials
Until a few days ago, a publicly-accessible GitHub repository exposed credentials for both US government AWS accounts and internal Cybersecurity and Infrastr...
CISA Admin Reportedly Exposes AWS GovCloud Credentials in Public GitHub Repository
A significant security lapse involving the U.S.
CISA Admin Leaked AWS GovCloud Keys on Github
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed creden...
AI cyberattackers are getting better faster
The ability of AI models to perform end-to-end, multi-stage penetration tests that match the capabilities of humans undertaking the same tasks has improved d...
Breaking the Black Box: A Case Study in Red-Teaming a Government Education AI
In a new red-teaming exercise, social engineering moved to advanced tunneling attacks, revealing a critical lesson in today's AI security.
Colorado governor commutes prison sentence for election denier Tina Peters
Peters was sentenced to nine years for stealing voting data and has been publicly unrepentant. But Colorado Governor Jared Polis has been hinting at the deci...
U.S. officials discard items from China trip over security concerns
During a high-level meeting between U.S.
ESET details new Ghostwriter activity targeting Ukrainian government
The latest FrostyNeighbor campaign begins with a spear-phishing email containing a PDF attachment disguised as an official communication from Ukrtelecom, a m...
Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access
The Russian state-sponsored hacking group known as Turla has transformed its custom backdoor Kazuar into a modular peer-to-peer (P2P) botnet that's engineere...
CISA orders all federal agencies to patch exploited bug in Cisco SD-WAN systems by Sunday
Cisco released a patch for the vulnerability on Thursday, writing in an advisory that it could “allow an unauthenticated, remote attacker to bypass authentic...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-42897 Microsoft...
Ghostwriter group resumes attacks on Ukrainian Government targets
ESET uncovered new Ghostwriter (aka FrostyNeighbor) activity targeting Ukrainian government organizations in a campaign active since March 2026. ESET researc...
CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
The U.S.
Trump administration's voter data collection efforts face legal challenges
The Department of Justice's Office of Legal Counsel issued a memo arguing that a provision in the 1960 Civil Rights Act, requiring election officials to reta...
ODNI taps officials to coordinate response to foreign election threats
Director of National Intelligence Tulsi Gabbard has tapped two individuals to coordinate work across U.S.