Lawmakers Renew Push for Labor Department-Backed Cyber Apprenticeship Grants
Lawmakers introduced the bipartisan Cyber Ready Workforce Act, directing the Department of Labor to launch a grant program that expands registered cybersecurity apprenticeship programs. The legislation adds House co‑sponsors to revive a previously stalled Senate effort and targets the estimated half‑million cyber‑skill gap nationwide. Grants would fund curriculum development, technical instruction, recruitment, and support services such as transportation and childcare. The bill aims to create good‑paying, high‑impact jobs without requiring a four‑year degree.
Medtech Giant Stryker Says It’s Back up After Iranian Cyberattack
Medtech leader Stryker announced it is now fully operational after a March 11 wiper attack by the Iranian‑linked Handala group, which crippled order processing, manufacturing and shipping. The breach, framed as retaliation for U.S. actions in the Israel‑Palestine conflict, forced...
European-Chinese Geopolitical Issues Drive Renewed Cyberespionage Campaign
Proofpoint reports that Chinese state‑aligned cyberespionage group TA416, also known as Twill Typhoon, has re‑engaged Europe in mid‑2025, targeting diplomatic missions, NATO delegations and EU institutions amid heightened EU‑China tensions following the 25th EU‑China summit. The campaign coincides with disputes over...
Alleged RedLine Infostealer Conspirator Extradited to US
An Armenian national, Hambardzum Minasyan, was extradited to the United States and appeared in a Texas federal court on charges tied to the RedLine infostealer. Prosecutors allege he helped develop, host, and monetize the malware, which siphons billions of user...
Treasury Asks Whether Terrorism Risk Insurance Program Should Bolster Cyber Coverage
The U.S. Treasury Department has opened a public comment period to consider expanding the Terrorism Risk Insurance Program (TRIP) to cover cyber‑related losses stemming from acts of terrorism. The agency will incorporate feedback into a mandatory report to Congress due...
An AI-Powered Phishing Campaign Has Compromised Hundreds of Organizations
Huntress uncovered an AI‑driven phishing campaign that leveraged Railway’s PaaS to spin up credential‑harvesting infrastructure, compromising hundreds of organizations across sectors. The attackers used generative AI to craft unique email lures and exploited Microsoft’s device authentication flow, stealing OAuth tokens...
The Phone Call Is the New Phishing Email
Voice‑based phishing surged in 2025, representing 11% of the incidents Mandiant investigated, while email phishing dropped to just 6% of initial‑access vectors. Exploited software vulnerabilities remained the dominant entry point, featuring in 32% of attacks. The rise reflects attackers’ willingness...
FBI, CISA Issue PSA on Russian Intelligence Campaign to Target Messaging Apps
The FBI and CISA released a joint public service announcement warning that Russian intelligence‑linked hackers are conducting a global phishing campaign against commercial messaging apps. The attackers impersonate Signal support staff to coax verification codes, compromising accounts of current and...
Ubiquiti Defect Poses Account Takeover Risk for UniFi Networking Application Users
Researchers have identified a critical path‑traversal flaw (CVE‑2026‑22557) in Ubiquiti’s UniFi Network Application that enables unauthenticated attackers to manipulate files and take over accounts. The vendor issued patches on Wednesday, also addressing a related privilege‑escalation bug (CVE‑2026‑22558). Censys data shows...
North Carolina Tech Worker Found Guilty of Insider Attack Netting $2.5M Ransom
A 27‑year‑old North Carolina contractor, Cameron Nicholas Curry, was convicted of six extortion counts after stealing sensitive employee and compensation data from a D.C.‑based tech firm and demanding a $2.5 million ransom. Curry accessed the data between August and December 2023,...
Can Zero Trust Survive the AI Era?
Federal agencies are confronting a dual challenge: AI‑enabled attackers are slashing attack timelines to roughly 11 minutes and dramatically lowering malware development costs, while defenders must integrate AI into their security stacks. Zero Trust principles—continuous verification, least‑privilege access, and micro‑segmentation—remain...
Second iOS Exploit Kit Now in Use by Suspected Russian Hackers
Researchers have identified a second mass‑scale iOS exploit kit, DarkSword, linked to suspected Russian actors. The kit targets devices running iOS 18 or earlier, potentially affecting up to 270 million iPhones, and can steal passwords, crypto wallets, and messages. It exploits Apple’s...
CISA Official Advises Agencies Not to Get Too Hung up on Who Takes Lead in Critical Infrastructure Sectors
Acting CISA director Nick Andersen told an Auburn University event that agencies should stop rigidly adhering to the traditional sector risk‑management agency (SRMA) designations when engaging with critical infrastructure. Instead, the lead should be the entity with the strongest relationship...
It’s Time to Get Serious About Post-Quantum Security. Here’s Where to Start.
Quantum computers are nearing practical use, threatening current encryption like RSA and ECC, with a potential "Q‑Day" as early as 2029. The economic fallout of a successful quantum attack could exceed $3 trillion, prompting CISOs and CTOs to prioritize post‑quantum cryptography...
Zero Lessons Learned: Convicted Scammer Allegedly Ran Another Athlete-Focused Phishing Scam From Federal Prison
Kwamaine Jerell Ford, a 34‑year‑old Georgia man, allegedly operated a new phishing operation against NBA and NFL athletes while incarcerated for a prior cyber‑fraud scheme. Posing as an adult‑film star, he tricked victims into revealing iCloud login credentials and MFA...
The Ransomware Economy Is Shifting Toward Straight-Up Data Extortion
Google Threat Intelligence Group reports a clear shift in cybercrime, with data‑theft extortion now accounting for more than 15% of financially motivated incidents in 2025, up from just 2% in 2020. Traditional ransomware deployments have fallen to roughly 31% of...
Officials Worry Salt Typhoon Apathy Is Killing Momentum for Tougher Telecom Security Rules
Two years after Chinese‑state linked group Salt Typhoon breached at least ten U.S. telecoms, officials say the public remains largely indifferent. The hack gave attackers access to call‑detail records for millions of Americans, yet most citizens cannot see a direct impact...
Microsoft’s Monthly Patch Tuesday Is First in 6 Months with No Actively Exploited Zero-Days
Microsoft’s March Patch Tuesday addressed 83 vulnerabilities spanning Windows, Azure, Office, and core services. For the first time in six months, the update contained no actively exploited zero‑day flaws, though six defects were flagged as more likely to be weaponized....
FBI Says Even in an AI-Powered World, Security Basics Still Matter
The FBI warned that AI is speeding up cyberattacks, but the attack lifecycle remains unchanged, meaning traditional defenses still apply. Deputy Assistant Director Jason Bilnoski highlighted that both criminal and nation‑state actors are leveraging AI, yet basic security steps can...
Critical Defect in Java Security Engine Poses Serious Downstream Security Risks
A maximum‑severity vulnerability (CVE‑2026‑29000) was discovered in pac4j, the Java security engine used for authentication across dozens of frameworks. The flaw allows attackers to forge JWTs or inject raw JSON claims, bypassing authentication without needing any secret, merely the public...
We’ve Seen Ransomware Cost American Lives. Here’s What It Will Actually Take to Stop It.
Ransomware attacks surged in 2024, with the Department of Homeland Security reporting over 5,600 publicly disclosed incidents worldwide and nearly half targeting the United States. The FBI notes a nine‑percent year‑over‑year rise, and the average breach now costs $2.73 million, threatening...
DHS CISO, Deputy CISO Exit Amid Reported IT Leadership Overhaul
The Department of Homeland Security is replacing its top cyber leaders, with Chief Information Security Officer Hemant Baidwan departing later this month and Deputy CISO Amanda Day leaving at February’s end. Their exits are part of a broader IT realignment...
Congress Looks to Revive Critical Cyber Program for Rural Electric Utilities
The House Energy and Commerce Committee unanimously passed a bipartisan package that reauthorizes the Rural and Municipal Utility Advanced Cybersecurity program and adds $250 million in grants over five years. The legislation targets underfunded rural electric cooperatives, giving them federal assistance...
The FBI’s Cyber Chief Is Using Winter SHIELD to Accelerate China Prep, Threat Intelligence Sharing
The FBI’s cyber division, led by Brett Leatherman, has launched Operation Winter SHIELD to boost preparation for Chinese cyber threats, improve adversary contestation, and accelerate threat‑intelligence sharing with industry. The campaign spotlights ten practical security controls and combines regional events,...
Project Compass Is Europol’s New Playbook for Taking on The Com
Project Compass, a Europol‑led operation backed by 28 nations including the Five Eyes, began in January 2025 to dismantle the transnational youth‑focused cybercrime network known as The Com. Since its launch the initiative has secured 30 arrests, fully or partially...
Senate Moves One Step Closer to Passing Health Care Cyber Reforms
The Senate Health, Education and Labor Committee approved the bipartisan Health Care Cybersecurity and Resiliency Act by a 22‑1 vote, with only Sen. Rand Paul dissenting. The legislation obliges the Department of Health and Human Services to craft a cybersecurity...
Chinese Group’s ChatGPT Use Reveals Worldwide Harassment Campaign Against Critics
OpenAI’s latest threat report reveals a Chinese law‑enforcement unit using ChatGPT to edit internal briefings and draft a propaganda push against Japan’s prime minister. The single account uploaded dozens of operation reports, exposing a coordinated effort involving mass posting, bogus...
CrowdStrike Says Attackers Are Moving Through Networks in Under 30 Minutes
CrowdStrike’s 2025 Global Threat Report reveals that attacker breakout time fell to an average of 29 minutes, a 65% acceleration from the previous year. The speed of initial intrusion to lateral movement is now measured in seconds for the fastest...
HHS Burrows Into Identifying Risks to Health Sector From Third-Party Vendors
HHS is intensifying its focus on third‑party vendor security after the 2024 Change Healthcare ransomware attack, which exploited a remote‑access portal lacking multifactor authentication and exposed the data of about 190 million individuals. The breach threatened the liquidity of the entire...
ONCD Official Says Trump Administration Aims to Bolster AI Use for Defense without Increasing Risk
The Office of the National Cyber Director announced that the Trump administration will accelerate the deployment of AI-driven cyber defensive tools while safeguarding against expanded attack surfaces. Principal Deputy Assistant Cyber Director Alexandra Seymour said the effort will be coordinated...
Unit 42: Nearly Two-Thirds of Breaches Now Start with Identity Abuse
Unit 42’s annual incident‑response report reveals identity abuse now initiates roughly two‑thirds of network intrusions, with social engineering responsible for one‑third of the 750 incidents examined. Compromised credentials, brute‑force attacks and permissive identity policies further fuel the trend, while identity‑related...
Citizen Lab Links Cellebrite to the Hacking of a Kenyan Presidential Candidate’s Phone
Citizen Lab’s forensic analysis uncovered Cellebrite’s phone‑cracking software on Kenyan activist Boniface Mwangi’s device, indicating that state authorities used the tool after his arrest. The evidence shows the phone was unlocked without a password, exposing personal photos, messages, and his...
Proofpoint Acquires Acuvity to Tackle the Security Risks of Agentic AI
Proofpoint announced the acquisition of AI‑security startup Acuvity to bolster its defenses against the emerging risks of agentic AI. While financial terms remain undisclosed, Acuvity’s engineering team will join Proofpoint’s California headquarters. The startup offers visibility and governance tools that...
0APT Ransomware Group Rises Swiftly with Bluster, Along with Genuine Threat of Attack
The 0APT ransomware group burst onto the scene last month, publicly claiming roughly 200 victims within its first week. While investigators have found no evidence that any of those organizations were actually breached, the group’s infrastructure includes a fully functional,...
