News Feed

Secure Your Spot at RSAC 2026 Conference

[Virtual Event] Shields Up: Key Technologies Reshaping Cybersecurity Defenses

Canadian retail giant Loblaw notifies customers of data breach

Still, out of an abundance of caution, Loblaw says it has automatically logged out all customers from their accounts. Account holders who need to access the company's digital services will have to log in again. [...]

US, Europol disrupt SocksEscort network that exploited thousands of residential routers

The SocksEscort proxy network allowed cybercriminals to purchase access to routers infected with malware, which they used to conceal their location and IP addresses.

Iran MOIS Colludes With Criminals to Boost Cyberattacks

Iranian APTs have long pretended to be cybercriminal groups. Now they're working with actual cybercriminal groups.

England Hockey investigating ransomware data breach

England Hockey, the governing body for field hockey in England, is investigating a potential data breach after the AiLock ransomware gang listed it as a victim on its data leak site. [...]

Commercial Spyware Opponents Fear US Policy Shifting

Rescinded sanctions and reactivated contracts have created confusion about the Trump administration's spyware policy and where it draws the line.

AI-generated Slopoly malware used in Interlock ransomware attack

A new malware strain dubbed Slopoly, likely created using generative AI tools, allowed a threat actor to remain on a compromised server for more than a week and steal data in an Interlock ransomware attack. [...]

Exclusive: New data shows increase in FBI searches of Americans’ data last year

The number of FBI searches of data collected through the surveillance program known as Section 702 of the Foreign Intelligence Surveillance Act (FISA) between December 2024 to November 2025 rose to 7,413 from 5,518 the previous year.

Veeam warns of critical flaws exposing backup servers to RCE attacks

Data protection company Veeam Software has patched multiple flaws in its Backup & Replication solution, including four critical remote code execution (RCE) vulnerabilities. [...]

Why Stryker's Outage Is a Disaster Recovery Wake-Up Call

The Iranian cyberattack on Stryker is the kind of stress test that business continuity and disaster recovery programs often do not plan for.

US disrupts SocksEscort proxy network powered by Linux malware

Law enforcement agencies in the U.S. and Europe along with private partners have disrupted the SocksEscort cybercrime proxy network that used only edge devices compromised via the AVRecon malware for Linux. [...]

Google paid $17.1 million for vulnerability reports in 2025

Google paid over $17 million to 747 security researchers who reported security bugs through its Vulnerability Reward Program (VRP) in 2025. [...]

Telus Digital confirms breach after hacker claims 1 petabyte data theft

Canadian business process outsourcing giant Telus Digital has confirmed it suffered a security incident after threat actors claimed to have stolen nearly 1 petabyte of data from the company in a multi-month breach. [...]

Stryker tells SEC that timeline for recovery from cyberattack unknown

In an 8-K filing with the SEC, Stryker confirmed that the cyberattack caused a global disruption to the company’s Microsoft environment and said external cybersecurity experts were brought in to “assess and to contain the threat.”

Going the Extra Mile: Travel Rewards Turn into Underground Currency.

Stolen airline miles are converted into flights and hotel stays, then resold as discounted travel. Flare shows how cybercriminals and underground markets treat loyalty accounts like tradable currency. [...]

Apple patches older iPhones and iPads against Coruna exploits

​Apple has released security updates to patch older iPhones and iPads against a set of vulnerabilities targeted in cyberespionage and crypto-theft attacks using the Coruna exploit kit. [...]

Fake government and Starlink apps used in malware campaign targeting Brazil

The malware, dubbed BeatBanker by Russian cybersecurity firm Kaspersky, infects smartphones through fake applications that mimic legitimate services, including the Starlink satellite internet app and the Brazilian government portal INSS Reembolso.

Backstory Of East Coast Hang Out (ECHO), The First Social Network Launched In 1989

This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Mar. 12, 2026 – Listen to the podcast Stacy Horn, 66, is an author and the founder of East Coast Hang Out, or ECHO, which is widely regarded as the first social The post Backstory Of East …

US charges another ransomware negotiator linked to BlackCat attacks

The U.S. Department of Justice charged another former DigitalMint employee for his involvement in an insider scheme in which ransomware negotiators secretly partnered with the BlackCat (ALPHV) ransomware operation. [...]