united states
Fake BianLian ransom notes mailed to US CEOs in postal mail scam
Scammers are impersonating the BianLian ransomware gang in fake ransom notes sent to US companies via snail mail through the United States Postal Service. The fake ransom notes were first reported by Guidepoint Security today, with GeekFeed later being sent a scan of the note from a CEO who received the same letter. The envelopes for these […]
DHS says CISA will not stop monitoring Russian cyber threats
The US Cybersecurity and Infrastructure Security Agency says that media reports about it being directed to no longer follow or report on Russian cyber activity are untrue, and its mission remains unchanged. “CISA‘s mission is to defend against all cyber threats to U.S. Critical Infrastructure, including from Russia,” the US cyber agency posted to X. “There has been […]
U.S. recovers $31 million stolen in 2021 Uranium Finance hack
U.S. authorities recovered $31 million in cryptocurrency stolen in 2021 cyberattacks on Uranium Finance, a Binance Smart Chain-based DeFi protocol. Uranium Finance was a decentralized finance (DeFi) protocol built on Binance’s BNB Chain that operated as an automated market maker (AMM) similar to Uniswap. The platform launched in April 2021, but hackers quickly exploited vulnerabilities in […]
Microsoft names cybercriminals behind AI deepfake network
Microsoft has named multiple threat actors part of a cybercrime gang accused of developing malicious tools capable of bypassing generative AI guardrails to generate celebrity deepfakes and other illicit content. An updated complaint identifies the individuals as Arian Yadegarnia from Iran (aka ‘Fiz’), Alan Krysiak of the United Kingdom (aka ‘Drago’), Ricky Yuen from Hong Kong, China […]
US drug testing firm DISA says data breach impacts 3.3 million people
DISA Global Solutions, a leading US background screening and drug and alcohol testing firm, has suffered a data breach impacting 3.3 million people. In January, the company first disclosed a cybersecurity incident that occurred between February 9, 2024, and April 22, 2024, the day it discovered the breach. In an update earlier this month, DISA […]
CISA flags Craft CMS code injection flaw as exploited in attacks
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) warns that a Craft CMS remote code execution flaw is being exploited in attacks. The flaw is tracked as CVE-2025-23209 and is a high severity (CVSS v3 score: 8.0) code injection (RCE) vulnerability impacting Craft CMS versions 4 and 5. Craft CMS is a content management system (CMS) used […]
US healthcare org pays $11M settlement over alleged cybersecurity lapses
Health Net Federal Services (HNFS) and its parent company, Centene Corporation, have agreed to pay $11,253,400 to settle allegations that HNFS falsely certified compliance with cybersecurity requirements under its Defense Health Agency (DHA) TRICARE contract. The U.S. government contracted HNFS to provide managed healthcare support services for TRICARE’s North region, covering 22 states. The contract […]
Chinese hackers breach more US telecoms via unpatched Cisco routers
China’s Salt Typhoon hackers are still actively targeting telecoms worldwide and have breached more U.S. telecommunications providers via unpatched Cisco IOS XE network devices. Recorded Future’s Insikt Group threat research division states that the Chinese hacking group (tracked Salt Typhoon and RedMike) has exploited the CVE-2023-20198 privilege escalation and CVE-2023-20273 Web UI command injection vulnerabilities. These ongoing attacks have […]
US sanctions LockBit ransomware’s bulletproof hosting provider
The United States, Australia, and the United Kingdom have sanctioned Zservers, a Russia-based bulletproof hosting (BPH) services provider, for supplying essential attack infrastructure for the LockBit ransomware gang. Two of its key administrators, Russian nationals Alexander Igorevich Mishin and Aleksandr Sergeyevich Bolshakov, were also designated for their roles in directing Lockbit virtual currency transactions and […]
Hacker pleads guilty to SIM swap attack on US SEC X account
Today, an Alabama man pleaded guilty to hijacking the U.S. Securities and Exchange Commission (SEC) account on X in a January 2024 SIM swapping attack. This comes after the defendant, 25-year-old Eric Council Jr., first pleaded not guilty to hacking the account and enabling his co-conspirators to make a fake announcement that Bitcoin ETFs were approved. “Today […]