Third Party Risk Management, Data Security, Governance & Risk Management Lawsuit Alleges SonicWall Cloud Backup Vulnerability Led to Ransomware Attack on Marquis Michael Novinson (@MichaelNovinson) • February 25, 2026 Marquis Software Solutions has initiated legal action against SonicWall, asserting that the company inadequately represented the seriousness of a breach in…
Hacker Exploits Anthropic’s Claude to Compromise Mexican Data In a significant breach incident, a hacker has leveraged Anthropic’s AI tool, Claude, to access a substantial cache of data from a Mexican entity. The event underscores the potential vulnerabilities associated with AI technologies and their applications within organizations. This incident raises…
OpenClaw Enhances Security of AI Skills Marketplace Through Partnership with VirusTotal OpenClaw, the platform formerly known as Moltbot and Clawdbot, has officially announced its collaboration with VirusTotal, a subsidiary of Google, to enhance the security protocols surrounding the skills uploaded to its ClawHub marketplace. This partnership marks a significant step…
Cybercrime, Cybercrime as-a-Service, Fraud Management & Cybercrime Russian and Armenian Operators Linked to Logistics-Centric ‘Diesel Vortex’ Group Mathew J. Schwartz (euroinfosec) • February 25, 2026 Cybersecurity investigators have dismantled a coordinated effort that utilized phishing-as-a-service to target users of major logistics platforms. (Image: Shutterstock) In a recent investigation, cybersecurity experts…
According to a recent report from the Identity Theft Resource Center, data breaches and compromises reached unprecedented levels in 2025, signaling significant security challenges for organizations. The findings reveal that companies often fail to provide clear guidance to affected individuals following such incidents, raising concerns about the adequacy of their…
Cybersecurity experts have identified a significant campaign that has been strategically launched against cloud-native environments, aiming to establish malicious infrastructure for further exploitation. This activity, observed around December 25, 2025, has been characterized as “worm-driven.” Attackers exploited exposed Docker APIs, Kubernetes clusters, Ray dashboards, and Redis servers, while also leveraging…
Artificial Intelligence & Machine Learning, General Data Protection Regulation (GDPR), Next-Generation Technologies & Secure Development EU Council Rejects Redefined ‘Personal Data’ Classification David Meyer • February 24, 2026 Image: Christophe Licoppe/Shutterstock The Council of the European Union has formally rejected a proposal from the European Commission aimed at redefining ‘personal…
The Dutch Public Prosecutor’s Office has initiated a criminal investigation into a significant cyberattack on the telecom provider Odido, resulting in the theft of millions of customer records. While the investigation is confirmed, no additional details have been disclosed at this time. Odido has also opted for no public commentary…
The Dutch Data Protection Authority (AP) and the Council for the Judiciary have confirmed that their systems were compromised in a cyber attack exploiting vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM). This information was disclosed in a notice to the Dutch parliament, revealing that both agencies experienced unauthorized access to…