A sophisticated supply chain attack initially aimed at Coinbase has now been linked to a wider campaign targeting users of the “tj-actions/changed-files” GitHub Action. This breach is believed to have originated from the theft of a personal access token (PAT) connected to the SpotBugs project, unveiled by Palo Alto Networks’…
Recent reports have illuminated the continued digital aggression from the Russian state-sponsored hacking group, Gamaredon, which is employing Telegram as a tool to target military and law enforcement sectors in Ukraine. This tactic signifies a notable evolution in the methods used by the actors, who have a history of cyber…
Fraud Management & Cybercrime, Ransomware State Department Offers Up to $10M for Information on Cybercriminal Volodymyr Tymoshchuk David Perera (@daveperera) • September 9, 2025 Image: US Department of State/Shutterstock/ISMG Federal prosecutors announced the indictment of a hacker linked to the LockerGoga and MegaCortex ransomware strains, presenting a seven-count criminal case…
Cindy Cohn Steps Down as EFF Executive Director After 25 Years of Advocacy Cindy Cohn, a prominent defender of digital rights, announced her departure from the role of executive director at the Electronic Frontier Foundation (EFF) on Tuesday. Having led the San Francisco-based nonprofit since 2015, Cohn’s resignation marks the…
The U.S. Department of Justice has leveled charges against 12 individuals from China, linking them to a sophisticated effort aimed at data theft and the suppression of free speech worldwide. These individuals are believed to have ties to the People’s Republic of China’s Ministry of Public Security and a private…
NEWTOWN, Pa., Sept. 9, 2025 /PRNewswire/ — The law firm Edelson Lechtzin LLP is currently investigating data privacy concerns stemming from a breach at Cornwell Quality Tools. The firm reported that Cornwell became aware of unauthorized data access around December 20, 2024. Business owners and individuals affected by this incident…
Microsoft recently acknowledged an individual operating under the EncryptHub alias for uncovering and reporting two significant security vulnerabilities in Windows. This acknowledgment depicts a complex profile of a person straddling a legitimate cybersecurity career while engaging in cybercriminal activities. According to a detailed analysis by Outpost24 KrakenLabs, the individual behind…
The Emotet malware operation has significantly evolved in its approach, employing refined tactics designed to evade detection while simultaneously facilitating the distribution of other malicious software, including Bumblebee and IcedID. Initially dismantled in early 2021, Emotet re-emerged later that year and has since posed a relentless threat primarily through phishing…
Data Breach Notification, Data Security, Fraud Management & Cybercrime Breach Affecting 104,000 Highlights Health Data Risks for Non-Healthcare Companies Marianne Kolbasuk McGee (HealthInfoSec) • September 9, 2025 Cornwell Quality Tools has informed nearly 104,000 individuals that their medical information may have been compromised in a recent cyber incident. (Image: Cornwell)…
