Two Data Security Incidents Affected Immigration Law Firms and Their Clients
Immigration case‑management platform DocketWise disclosed a data breach that exposed personal information of 116,666 individuals, including Social Security numbers, passports, medical records, and payment details. The breach stemmed from compromised credentials to a third‑party partner, allowing attackers to clone repositories used in a data‑migration pipeline. No ransom demand was reported, and the firm began notifying affected law‑firm clients in early April. A separate incident involving a misconfigured Amazon S3 bucket left about 111,000 files from a New York immigration law firm publicly accessible.
Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab
German authorities have unmasked the hacker known as “UNKN,” identifying him as 31‑year‑old Russian Daniil Maksimovich Shchukin. Shchukin led the notorious ransomware groups REvil and GandCrab, orchestrating at least 130 sabotage and extortion attacks in Germany between 2019 and 2021....
Researchers Didn’t Want to Glamorize Cybercrims. So They Roasted Them.
Security researchers at Trellix have launched the Dark Web Roast, a campaign that publicly mocks notorious cybercrime groups. The effort responds to calls from former CISA chief Jen Easterly and other industry leaders to stop glorifying threat actors with heroic...
75% of Cyberattacks Start with Phishing Emails, UAE Cyber Council Says
The UAE Cyber Security Council warned that over 75% of cyberattacks now begin with phishing emails, citing a daily global volume of 3.4 billion deceptive messages. Attackers rely on urgent language, brand impersonation, and simple tricks to lure users into revealing...
Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools
Cisco Talos and Trend Micro report that Qilin and Warlock ransomware groups are employing a bring‑your‑own‑vulnerable‑driver (BYOVD) strategy to neutralize endpoint detection and response (EDR) solutions. Qilin’s malware drops a malicious msimg32.dll that side‑loads two drivers—rwdrv.sys and hlpdrv.sys—to terminate more than...
Future-Proof Your Security and Reduce Quantum Risk with Cryptographic Agility
Enterprise encryption faces imminent quantum risk, prompting a shift to post‑quantum cryptography (PQC). Because PQC algorithms are still maturing, organizations need cryptographic agility to replace and update algorithms without service disruption. Palo Alto Networks’ PAN‑OS 12.1 demonstrates this by allowing hybrid...
Escaping the COTS Trap
Enterprise cybersecurity teams have amassed large fleets of commercial off‑the‑shelf (COTS) tools, driving complexity, cost, and risk. While COTS promises rapid deployment and lower upfront spend, dependence creates structural lock‑in that hampers future changes and migration. The article highlights how...
CBP’s Flashcard Fiasco Points to a Deeper Problem: Security Culture Can’t Scale as Fast as Hiring
U.S. Customs and Border Protection’s Kingsville station inadvertently posted a Quizlet flashcard set containing entrance codes, gate combinations, and internal system details, leaving the information publicly accessible for about six weeks. The leak was discovered in March, prompting a swift...
Chat With Your Data: Introducing AI Assistant for Web Supply Chain Defense
Reflectiz has launched AI Assistant, a conversational AI built directly into its web supply‑chain security platform. The tool lets analysts ask natural‑language questions and receive answers drawn from live security data, eliminating the need to toggle between dashboards. It also...
All Emerging Cyber Threats Targeting Power Infrastructure at a Glance
Researchers at Morocco's Higher School of Technology examined emerging cyber threats to smart grids, highlighting AI‑driven detection and defense methods. They cataloged attacks such as DDoS, false data injection, replay, and IoT‑based intrusions, emphasizing their potential to disrupt power operations....
Beyond the Algorithm: Why Facial Recognition Risk Is Now a Boardroom Issue
Facial recognition technology (FRT) is moving from a back‑office security tool to a strategic boardroom risk. Collecting biometric data exposes firms to regulatory penalties, exemplified by Clearview AI’s £7.5 million (≈$9.5 million) fine in the UK. Boards must add FRT to risk...
Open-Source Software Malware Surging: Endor Labs
Open-source software (OSS) malware exploded in 2025, with more than 90% of OSV malware advisories issued—a 14‑fold increase over the prior two years, and 92% of NPM account takeovers occurring that year. Although 81% of organizations rank OSS malware as...
North Korean Workers Have Been Infiltrating DeFi for 7 Years: Researcher
Cybersecurity researcher Taylor Monahan disclosed that North Korean IT specialists have been embedded in more than 40 decentralized finance projects for at least seven years. The Lazarus Group, linked to the DPRK, has stolen roughly $7 billion in crypto, including high‑profile...
Why Voice Fraud Is CX’s Most Underestimated Problem
AI‑generated voice fraud is exploding, with deep‑fake scams rising 456% year‑over‑year and projected losses of $40 billion by 2027. Europe sees 13 spam calls per subscriber each month and a 15% fraud call rate in the UK, where victims lose an...
CISOs Grapple with AI Demands Within Flat Budgets
The 2026 RH‑ISAC CISO Benchmark reveals that security budgets in large organizations are inching upward, reaching 0.75 % of revenue, while overall IT spend climbs to 3.9 %. More than half of respondents expect modest 1‑10 % budget increases in 2026, but many...
Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab
German authorities have identified 31‑year‑old Russian Daniil Maksimovich Shchukin as the elusive “UNKN” who led the notorious ransomware groups GandCrab and REvil. Prosecutors say Shchukin and associate Anatoly Kravchuk extorted nearly €2 million (≈$2.2 million) in two dozen attacks, causing over €35 million...
Pasig Mayor Warns Public vs AI Video Using His Face
Pasig City Mayor Vico Sotto used social media to alert residents that an AI‑generated video featuring his likeness is promoting an illegal gambling website. He warned that deepfake videos are increasingly realistic, making it harder for victims to distinguish authentic...
Funniest/Most Insightful Comments Of The Week At Techdirt
Techdirt’s weekly roundup highlighted the most insightful and funniest reader comments, ranging from a security analysis of the White House’s new app to sharp legal critiques of the Murthy ruling. The editorial spotlight featured a deep dive into Virginia’s controversial...
AI Is Making Crypto's Security Problem Even Worse, Ledger CTO Warns
Ledger’s CTO Charles Guillemet warned that artificial intelligence is dramatically reducing the cost and speed of crypto hacks, turning what was once a high‑skill, expensive endeavor into a near‑zero‑cost operation. Over the past year, crypto attacks have siphoned roughly $1.4 billion,...
Researchers Didn’t Want to Glamorize Cybercrims. So They Roasted Them
Researchers at Trellix launched the Dark Web Roast, a meme‑filled blog that mocks cybercrime groups to counteract industry glamorization. The series lampoons a ransomware crew’s content‑calendar extortion tactics, an exploit developer pricing a Cisco RCE bug at $70,000, and undervalued...
The Hidden Cost of Hybrid: Data Risk and Compliance Gaps in Financial Services
Hybrid working has become the default model for UK financial services, but it is fragmenting data governance and exposing firms to hidden compliance risks. The spread of personal devices, unsecured networks, and shadow‑IT tools makes it difficult to maintain audit...
CBP Facility Codes Sure Seem to Have Leaked via Online Flashcards
A public Quizlet flashcard set titled “USBP Review” inadvertently disclosed four‑digit gate codes and internal procedural details for a U.S. Customs and Border Protection (CBP) facility in Kingsville, Texas. The set was taken down after WIRED alerted the platform, and...
Post-Quantum Cryptography: Moving From Awareness to Execution
Google’s new whitepaper moves the anticipated quantum‑break date, or “Q‑Day,” to 2029 and urges enterprises to adopt post‑quantum cryptography (PQC). The tech giant highlights that elliptic‑curve encryption could be compromised with fewer qubits than previously thought, and it showcases concrete...
Your Neighbor Just Got a Home Security System, but Should You Be Worried? ‘It’s Inherently a Little Creepy’ Says Surveillance...
Hilary Schneider, CEO of SimpliSafe, says rising privacy concerns are reshaping the home‑security market after a controversial Ring Super Bowl ad and backlash against AI‑powered license‑plate cameras. SimpliSafe differentiates itself by giving customers ownership of video footage, employing mechanical privacy...
The Hack That Exposed Syria’s Sweeping Security Failures
In early March 2026, several Syrian government accounts on X—including the presidency, central bank and ministries—were hijacked, posting pro‑Israel messages and explicit content. The breach was quickly contained, but investigators traced the takeover to shared credentials and a lack of...
Why DDoS Mitigation Fails: 5 Gaps That Testing Reveals
Companies pour money into DDoS mitigation, yet outages persist because the tools are rarely tested under realistic attack conditions. Red Button’s simulations reveal that 68% of faults are severe, with an average DDoS Resilience Score of 3.0—far below the 4.5‑5.0 benchmark....
How Scalable Is Agentic AI for Growing Businesses
Enterprises increasingly rely on Non‑Human Identities (NHIs) to power automated processes, yet many still lack comprehensive management. Effective NHI governance—covering discovery, access control, and continuous threat monitoring—delivers risk reduction, compliance assurance, and operational efficiency. Agentic AI adds scalability by automating...
The Breach Lasted 25 Minutes. How Long Will the Litigation Last?
On February 17, 2026, Auger & Auger suffered a 25‑minute unauthorized intrusion that exposed personal data of 5,102 individuals, including Social Security numbers and medical information. The firm notified affected parties on March 30 and provided a year of complimentary identity‑protection services. Within...
Sample Malware Phone Back C&C (Command and Control) MD5s From Domains Belonging to XSS Forum Users – A Compilation
Security Boulevard published a curated list of over 80 domain names and their corresponding MD5 hashes that serve as command‑and‑control (C2) servers for phone‑based malware. All the entries are tied to users of the XSS forum, revealing a coordinated effort...
OCSF Explained: The Shared Data Language Security Teams Have Been Missing
The Open Cybersecurity Schema Framework (OCSF) is emerging as a de‑facto standard for describing security events, findings, and context across vendors. Since its 2022 launch, the community has expanded to roughly 900 contributors after joining the Linux Foundation, and major...
Want a Private Homelab? Put These 12 Apps at the Top of Your List
The article lists twelve privacy‑focused self‑hosted applications that let users replace popular cloud services such as Dropbox, Google Photos, and GitHub with locally run alternatives. Each app runs in Docker or similar containers, enabling easy deployment on a home server...
LinkedIn Is Spying on You, According to a New 'BrowserGate' Security Report — Scripts Stealthily Scan Visitors' Browsers for over...
A new BrowserGate security report reveals that LinkedIn’s web pages run hidden scripts that probe visitors’ browsers for more than 6,000 Chrome extensions and collect hardware fingerprints such as screen resolution and device type. The data is harvested without explicit...
Hong Kong Hospital Authority Apologises for Data Breach Involving 56,000 Patients
Hong Kong’s Hospital Authority announced a data breach that exposed the personal and medical records of more than 56,000 patients from hospitals in Kowloon East. The unauthorized retrieval included names, identification numbers, contact details and health information. Hong Kong’s privacy...
Claude Code Leak Used to Push Infostealer Malware on GitHub
Threat actors are leveraging the recent Claude Code source‑code leak to create counterfeit GitHub repositories that distribute the Vidar information‑stealing malware. Claude Code, Anthropic’s terminal‑based AI coding agent, was exposed in a public dump, giving attackers a ready‑made framework to...
UK: School IT System Targeted in Cyber Attack Ahead of Exam Season
The Education Authority (EA) in Northern Ireland confirmed that its centralized school IT platform was hit by a cyber attack just days before the exam period. The breach prompted an emergency password reset for every user across the network. Authorities...
Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk
Meta has indefinitely paused all collaborations with data‑contracting firm Mercor while investigating a significant security breach at the startup. The breach, which exposed proprietary training datasets, has prompted other leading AI labs—including OpenAI and Anthropic—to reevaluate their relationships with Mercor....
Keeper Security Brings Zero-Trust Database Access to Its PAM Platform with KeeperDB
Keeper Security announced KeeperDB, a new database‑access capability embedded in its KeeperPAM privileged access management platform. The feature lets developers and DBAs connect to MySQL, PostgreSQL, Oracle, and Microsoft SQL Server directly from the vault, eliminating plaintext credential exposure. KeeperDB...
FIATA Makes Data Protection a Standard
FIATA and the Global Shippers Forum have introduced a signable version of their Data Governance Charter, converting previously voluntary principles into a binding framework for digital supply chains. The charter outlines mandatory standards on data ownership, permission controls, protection duties,...
That Dream Job Offer From Coca-Cola or Ferrari? It’s a Trap for Your Passwords
Phishing campaigns impersonating Coca‑Cola and Ferrari are targeting job seekers with sophisticated fake‑booking pages that harvest corporate Google Workspace and Facebook credentials. The Coca‑Cola kit mimics a Chrome window, captures passwords, and dynamically relays MFA challenges to bypass two‑factor authentication....
Protecting Your Digital Business: Cybersecurity Essentials for Entrepreneurs and Freelancers
Freelancers and solo entrepreneurs increasingly rely on Macs as all‑in‑one business hubs, making them prime targets for phishing, malware and credential theft. The article outlines how a single security lapse—such as a compromised login or a malicious download—can halt income...
Questions Raised After Cherry Creek Students Notified of Data Breach, Lawsuit
The Cherry Creek School District confirmed that a recent email to families about a class‑action settlement for a Naviance data breach was legitimate, but the district itself was not affected. The settlement covers roughly 10 million students nationwide who used Naviance...
BakerHostetler’s 2026 Report: Findings From 1,250 Clients’ Breach Experiences in 2025
BakerHostetler’s 2026 Data Security Incident Response Report examined 1,250 breach clients from 2025. Network intrusions (47%) and email compromise (32%) dominated, while ransomware payments rose 36% to an average $682,702 after initial demands jumped 70% to $4.2 million. Class‑action lawsuits increased...
Nacogdoches Memorial Hospital Notifies 257,073 After January Data Breach
Nacogdoches Memorial Hospital in Texas disclosed a cyberattack that compromised personal data of over 257,000 individuals. The breach was detected on Jan. 31, after an intrusion that began Jan. 15, 2026. Exposed information includes names, addresses, phone numbers, email, Social Security numbers, dates...
Apex Recovers Stolen Personal Data After About 22K Impacted in Cyberattack: Town
In July 2024, an attempted ransomware attack stole personal data of roughly 22,000 Apex, North Carolina residents. The data was hosted on U.S.-based service Bublup, which refused release until a Wake County Superior Court temporary restraining order in October 2024...
Inconsistent Privacy Labels Don't Tell Users What They Are Getting
App‑store privacy labels, introduced by Apple in 2020 and soon after by Google, aim to inform users about data collection, usage, and sharing. Experts Lorrie Cranor and Kelly Peterson argue the labels are inconsistent, often inaccurate, and provide little real...
Three Insights You May Have Missed From theCUBE’s Coverage of RSAC 2026
RSAC 2026 highlighted three emerging security trends: AI‑driven attacks are forcing enterprises to adopt machine‑speed, lateral‑focused defenses; the looming quantum threat is accelerating adoption of post‑quantum cryptography and crypto‑agility; and AI agents are reshaping identity management while helping close the cybersecurity...
LinkedIn Secretly Scans for 6,000+ Chrome Extensions, Collects Data
LinkedIn has embedded a hidden JavaScript file that scans visitors' browsers for more than 6,200 Chrome extensions and collects detailed device information. The script, confirmed by BleepingComputer, checks extension IDs to identify installed add‑ons, including rivals such as Apollo, Lusha,...
Trump Admin To Court: Don't Strike Down Video Privacy Act
The Department of Justice is urging the First Circuit to uphold the 1988 Video Privacy Protection Act (VPPA) as Hearst Television faces a lawsuit over sharing users' video‑viewing data with ad‑tech firms. A lower court dismissed the case, finding the...
OpenClaw Gives Users yet Another Reason to Be Freaked Out About Security
OpenClaw, the viral AI‑agent tool with 347,000 GitHub stars, was found to contain a critical flaw (CVE‑2026‑33579) rated 8.1‑9.8 that lets an attacker with the lowest pairing permission silently upgrade to full administrative control. The vulnerability stems from a missing...
Fake ChatGPT Ad Blocker Chrome Extension Caught Spying on Users
A counterfeit Chrome extension named “ChatGPT Ad Blocker” was discovered harvesting users' ChatGPT conversations under the guise of removing ads. DomainTools found the malicious add‑on on the Chrome Web Store in February 2026, where it cloned the page’s DOM, stripped...