Latest IT News & Tech Trends
A former IT employee at an Iowa school district was sentenced to 21 months in prison for conducting a prolonged cyberattack against the former employer that disrupted classroom operations, deleted accounts, and caused tens of thousands of dollars in damages. According to court documents, Ezekiel Dean Potter, 34, previously worked as a senior IT support specialist […]
Chinese hackers took control of a target organization’s authentication stack and maintained persistence for 10 years, with full visibility into the administrative activity. Dubbed “Operation Highland,” the intrusion is attributed to the Velvet Ant cyberespionage threat group, which targeted vulnerable internet-facing systems before pivoting to a network with no direct external path. Chinese hackers of […]
Anthropic has suspended access to its two most capable AI models, Fable 5 and Mythos 5, for all users worldwide after the US government issued an export control directive ordering the company to block access by any foreign national. US Gov: bar ‘foreign national’ access to Fable 5 The directive, which Anthropic says it received at 5:21pm ET […]
Maine has taken its public data breach reporting portal offline after fraudulent breach disclosures were published on the state’s website, prompting a review of procedures to prevent abuse in the future. Yesterday, GeekFeed reported that fake data breach disclosures had been submitted to Maine’s official breach notification portal impersonating Discord and the multiplayer social virtual reality platform […]
A 10-year-old authentication bypass vulnerability discovered in the phpBB forum software allows an attacker to log in as any user, including administrators. The flaw does not have an identifier and is trivial to exploit with a single HTTP request. It impacts phpBB versions 4.0.0-a2 or 3.3.16 and below. Researchers at application security company Aikido found […]
A Ukrainian national extradited from Ireland to the United States last year has pleaded guilty to conspiracy charges tied to the Conti ransomware operation. The U.S. Department of Justice announced Thursday that 44-year-old Oleksii Oleksiyovych Lytvynenko pleaded guilty to conspiracy to commit wire fraud for his role in Conti ransomware attacks conducted between 2021 and […]
More than 400 packages in the Arch User Repository (AUR) are distributing a Linux rootkit and infostealer malware targeting credentials and access tokens. A report from the open-source intelligence community Independent Federated Intelligence Network (IFIN) notes that a new maintainer is spoofing a trusted publisher on the AUR platform to push infected packages. The Arch […]
Microsoft has fixed a known issue that caused Windows updates released since May 2025 to fail when installed via the Windows Update Standalone Installer (WUSA) from a network share. WUSA is a built-in Windows command-line tool that helps admins install and uninstall Microsoft Standalone Update (.msu) files through the Windows Update Agent API to deploy […]
Danish pharmaceutical giant Novo Nordisk, the world’s largest producer of insulin, disclosed a data breach affecting patient information from some clinical trials. Founded in 1923, Novo Nordisk now employs around 67,900 people across 80 offices worldwide and is the maker of viral GLP-1 receptor agonist drugs Wegovy and Ozempic. The company revealed on Thursday that attackers gained access […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch an actively exploited Ivanti Sentry flaw within three days, as mandated by the newly issued Binding Operational Directive (BOD) 26-04. Tracked as CVE-2026-10520, this maximum-severity vulnerability was found in Ivanti’s security gateway appliance (formerly known as MobileIron Sentry) and stems from an OS […]
