Key TakeawaysSocial Engineering Vector: Attackers used social engineering tactics to breach Betterment's systems, resulting in the distribution of fraudulent cryptocurrency scam messages to customers.Massive Data…

Key TakeawaysNordVPN no-logs audit: Deloitte confirms NordVPN does not collect, store, or track user browsing data.Sixth independent verification: Audit follows global ISAE standards and reviews…

Key TakeawaysGlobal Scale: Silent Push analysts identified more than 10,000 unique IP addresses infected with SystemBC malware, with the highest concentrations in the U.S., Germany,…

Key TakeawaysNew Legislation: The Spanish government will introduce legislation to ban children under 16 from accessing social media platforms.Mandatory Age Verification: A central component of…

Key TakeawaysEspionage Allegations: A 60-year-old civilian employee of Poland's Ministry of National Defense has been detained on suspicion of spying for a foreign intelligence agency.Foreign…

Key TakeawaysRecord Exposure: The ShinyHunters hacking group claims to have compromised more than 2.2 million records from Harvard University and the University of Pennsylvania.Sensitive Data…

Key TakeawaysRapid Escalation: Sysdig observed a threat actor escalate from initial access to administrative privileges in an AWS environment in under 10 minutes.AI-Driven Tactics: The…

Key TakeawaysContextual Manipulation: The DockerDash flaw enables the weaponization of image metadata, turning AI context into executable instructions for Docker's Ask Gordon AI.Dual Attack Vectors:…

Key TakeawaysEspionage Campaign: A suspected Chinese state-sponsored group selectively poisoned Notepad++ updates for six months in 2025.Malware Deployment: Attackers deployed a novel backdoor via a…

Key TakeawaysReputation Whitewashing: Civil society groups accuse NSO Group of using the Pall Mall Process to rehabilitate its image.Diplomatic Rejection: Officials clarified that NSO Group…

John Landry – SyncraSys John Landry has joined SyncraSys as chief operating officer, taking responsibility for operational readiness and organizational scale. In the role, he…

Key TakeawaysGovernment Target: A Ministerio de Ciencia, Innovación y Universidades breach was claimed on a hacking forum.Flaw Exploitation: The actor claims to have exploited an…

Key TakeawaysTargeted Lure: Weaponized Excel files disguised as lists of protesters killed during the Dey 1404 protests target investigators documenting human rights abuses in Iran.AI-Accelerated…

Key TakeawaysRegistry Infiltration: Threat actors successfully compromised a developer account on the Open VSX registry to publish malicious updates.Malware Deployment: Four widely used extensions delivered…

Key TakeawaysSocial Engineering: Threat actors are leveraging vishing and victim-branded credential harvesting sites to compromise SSO credentials and MFA codes.Targeted Escalation: They exfiltrate sensitive data…

This week’s news shows cyber risk entering a more dangerous phase. In France, the Waltio breach demonstrated how leaked crypto data can place individuals at…

Key TakeawaysIPVanish Threat Protection Pro: New beta feature blocks malware, phishing, trackers, harmful downloads even without VPNWindows beta availability: Feature included with IPVanish Advanced plan…

Key TakeawaysSignificant Degradation: Google's Threat Intelligence Group reduced the IPIDEA network's available devices by millions, used by over 550 distinct threat groups.Two Guilty Pleas: The…

Key TakeawaysZero-Day Discovery: Security researchers have identified two critical RCE flaws in Ivanti Endpoint Manager Mobile (EPMM) that are currently being exploited in the wild.Active…

Key TakeawaysOperational Impact: A significant network disruption has taken specific New Britain City Hall systems offline, though police and fire services remain fully operational.Incident Response:…