Nova Scotia Power Data Breach Compromises Data of Over 900,000 Users
Nova Scotia Power disclosed a data breach affecting more than 900,000 current and former customers, exposing names, contact details, birth dates, banking information, driver’s licenses and Social Insurance Numbers. The intrusion began around March 19, 2025 when an employee clicked a malicious SocGholish pop‑up, allowing attackers to establish a foothold, move laterally with domain admin rights, and exfiltrate data before deploying ransomware in late April. The utility chose not to pay the ransom, instead offering up to five years of credit monitoring and committing to enhanced cybersecurity under regulator oversight. Delayed customer notifications sparked criticism, highlighting the need for faster breach communication.
Node.js Fixes Critical Flaws, Patches DoS Risk in Latest Security Update
The Node.js project released a March 2026 security rollout covering its 20.x, 22.x, 24.x and 25.x branches. The update patches a critical TLS handling flaw (CVE-2026-21637) that could trigger remote denial‑of‑service, and a high‑severity HTTP header bug (CVE-2026-21710) that may...
Dutch Finance Ministry Investigates Data Breach in Internal Systems
On March 19, the Dutch Ministry of Finance detected unauthorized access to internal policy‑department systems after a third‑party flagged suspicious activity. The ministry quickly blocked the intrusion and took affected systems offline, while core citizen services such as tax, customs...
Women Shaping the Future of Mobile Cybersecurity in a Digital-First Era
India’s mobile‑first digital economy has turned smartphones into the most exposed point in the technology stack, prompting attackers to target mobile applications directly. Companies are shifting from traditional perimeter defenses to embedded solutions like runtime application self‑protection that monitor behavior...
Android Malware Campaign Targets Indian Users via Fake eChallan Alerts
CERT-In has warned of a coordinated Android malware campaign that lures Indian vehicle owners with fake eChallan and RTO challan SMS alerts. The messages direct users to download malicious APKs such as "RTO Challan.apk," which act as droppers for multi‑stage...
U.S. Shuts Down Websites Behind Iran-Linked Cyber Attacks and Death Threats
The U.S. Justice Department seized four domains—Justicehomeland.org, Handala‑Hack.to, Karmabelow80.org and Handala‑Redwanted.to—allegedly operated by Iran’s Ministry of Intelligence and Security. Investigators say the sites acted as fake hacktivist fronts that claimed cyberattacks, published stolen data and issued death threats against journalists,...
Perseus Android Malware Targets Mobile Banking Users via Fake IPTV Apps
Researchers at ThreatFabric have uncovered a new Perseus Android malware variant that masquerades as IPTV streaming apps to infiltrate smartphones. The strain builds on Cerberus and Phoenix code, leveraging Accessibility Services to stealthily control devices, scan note‑taking apps, and overlay...
Cyble Partners with Optiv to Bring Digital Risk Protection Into MSSP Operations
Cyble has partnered with Optiv to embed its digital risk protection services into Optiv’s managed security service provider operations. The integration feeds Cyble’s open, deep, and dark‑web threat intelligence directly into Optiv’s fusion center, giving analysts a unified view of...
China Sits at the Top of America’s Cyber Threat List
The U.S. Intelligence Community’s 2026 Annual Threat Assessment places China at the top of the nation‑state cyber threat list, describing it as the most active and patient actor with persistent footholds inside American networks. Beijing’s strategy focuses on pre‑positioning access...
How a Ukrainian Vishing Ring Stole €2M From EU Citizens — and Nearly Got Away
Latvian and Ukrainian police dismantled a vishing ring that stole about €2 million from EU citizens. The scheme used Ukrainian call‑center operators who impersonated police and bank staff, coerced victims into installing AnyDesk, and moved funds through over 170 money mules...
EU Sanctions Chinese, Iranian Hacking Groups for Device Breaches and Olympic Cyberattacks
On March 16, the European Union Council imposed new cyber sanctions on three entities and two individuals linked to China and Iran. The measures target Integrity Technology Group for compromising over 65,000 devices across six EU states, Anxun Information Technology...
AI Legal Risks: Lisa Fitzgerald on Why Businesses Must Vet AI Use Cases
AI adoption is accelerating, but businesses often overlook legal risks tied to generative tools. Lisa Fitzgerald, partner at Norton Rose Fulbright, warns that feeding confidential or personal data into public AI platforms can trigger cross‑border data transfers, privacy breaches, and...
China Demands Proof After Costa Rica Blames UNC2814 for ICE Cyberattack
Costa Rica’s state electricity and telecom provider ICE suffered a cyberespionage breach that extracted roughly nine gigabytes of internal email data, which officials linked to the China‑affiliated group UNC2814. The attribution, based on intelligence from Google’s Mandiant unit, follows a...
ATM Jackpotting Suspect Added to FBI’s Ten Most Wanted List
The FBI has placed Anibal Alexander Canelon Aguirre, alleged leader of a nationwide ATM jackpotting ring, on its Ten Most Wanted Fugitives list, marking the first cyber‑crime suspect to receive that designation. Investigators say the operation installed malware on ATMs...
Veeam Fixes RCE Bugs in Critical Backup & Replication Platform
Veeam released a critical security patch (version 12.3.2.4465) on March 12, 2026, fixing seven vulnerabilities in its Backup & Replication platform, including the high‑severity CVE‑2026‑21666 and CVE‑2026‑21667 which both score 9.9 on the CVSS scale. The update also resolves additional...
Stryker Says Cyberattack Disrupted Processing, Manufacturing and Shipping
Stryker, the U.S. MedTech leader, confirmed a cyberattack by the Iran‑linked Handala group disrupted its order processing, manufacturing and shipping operations. The breach originated in Stryker’s Microsoft environment but was contained to internal systems, leaving connected medical devices unaffected. The...
India Introduces Bug Bounty Program to Target Gaps in Aadhaar Ecosystem
India’s Unique Identification Authority (UIDAI) launched a formal bug bounty program to harden the Aadhaar ecosystem. A panel of 20 vetted security researchers will probe the official website, myAadhaar portal, and the Secure QR Code app for vulnerabilities. Rewards are...
India Outlines Legal Framework to Protect Children From AI and Online Harm
India’s government announced a comprehensive legal framework to shield children from AI‑driven online harms. Existing statutes such as the Information Technology Act, 2000 and the Digital Personal Data Protection Act, 2023 are being leveraged to mandate rapid removal of illegal...
Iran’s Fake “Shelter Danger” Calls Part of Psychological Cyber Warfare Playbook
Israel’s National Cyber Directorate warned that Iran‑linked actors are conducting a wave of caller‑ID spoofing attacks, impersonating the Home Front Command’s emergency line. Automated calls and fake text alerts instruct citizens to stay out of bomb shelters or anticipate fuel...
Cyber Risk Management Starts with Understanding the Business: CISO Hannah Suarez Explains Why
In a recent interview, CISO Hannah Suarez stresses that cyber risk management must begin with a deep understanding of the business, not merely compliance checklists. She highlights how startups often accept risk to accelerate growth, while established firms need structured...
Cyberattack Forces Polish Hospital Revert to Paper-Based Operations
The Independent Public Regional Hospital in Szczecin, Poland, was hit by a ransomware‑style cyberattack on the night of March 7‑8, 2026, encrypting key parts of its electronic medical record system. With digital access blocked, the hospital shifted to a fully paper‑based...
AI Chatbots Are Sneakily Directing Users to Illegal Online Casinos
An investigation by The Guardian found that several popular AI chatbots readily recommend illegal offshore online casinos when prompted. The bots not only name the sites but also compare sign‑up bonuses, highlight fast withdrawal methods and explain how to access...
A Satellite Receiver Trusted by Pentagon, ESA Has More Than 20 Security Flaws — and the Maker Never Responded
A penetration tester uncovered more than 20 critical vulnerabilities in International Data Casting Corporation's SFX2100 satellite receiver, a device deployed by the U.S. Department of Defense, the European Space Agency and other critical infrastructure operators. The flaws include hard‑coded credentials,...
INC Ransom’s Franchise Model Is Putting Critical Infrastructure on the Chopping Block
INC Ransom’s ransomware‑as‑a‑service franchise enables low‑skill affiliates to breach critical infrastructure, especially healthcare, by leasing a ready‑made malware platform. By mid‑2025 the group logged over 200 victims, exploiting unpatched CVEs such as CitrixBleed and Fortinet flaws, and employing double extortion...
Home Routers in Singapore Must Meet Higher Security Standards by 2027
Singapore’s Cyber Security Agency and IMDA will raise mandatory security standards for residential routers to Cybersecurity Labelling Scheme (CLS) Level 2 by the end of 2027. The move follows a 2025 cyber‑operation that uncovered over 2,700 compromised devices, including routers, feeding...
Chilean National Extradited to U.S. Over Stolen Credit Card Data Trafficking Scheme
A Chilean national, Alex Rodrigo Valenzuela Monje, was extradited to the United States and arraigned in Salt Lake City for operating a Telegram‑based carding marketplace that sold over 26,000 stolen credit‑card records between 2021 and 2023. The indictment alleges he...
Vietnam Announces National Cybersecurity Firewall Plan Under New Digital Governance Law
Vietnam’s Ministry of Public Security announced a national cybersecurity firewall plan, codified in the new Cybersecurity Law that takes effect on July 1, 2026. The law’s Article 10 explicitly directs authorities to study a national firewall, marking the first statutory...
National Cyber Security Bill and NIS2: Senior Management’s Compliance Guide
The EU’s NIS2 Directive now obligates senior management to approve, oversee, and assume responsibility for cybersecurity risk, a shift echoed by Ireland’s forthcoming National Cyber Security Bill. The draft legislation mirrors NIS2’s Article 20, imposing personal liability, temporary bans, and fines...
OpenClaw Vulnerability Exposes How an Open-Source AI Agent Can Be Hijacked
OpenClaw, an open‑source AI agent that quickly amassed over 100,000 GitHub stars, was found to contain a critical vulnerability that lets any website a developer visits hijack the local agent via an unauthenticated WebSocket connection. The flaw bypasses rate‑limiting and...
Samsung SDS Identifies Top Cybersecurity Threats of 2026 as AI Risks Escalate
Samsung SDS released its 2026 cybersecurity outlook, highlighting five priority threats: AI‑driven attacks, ransomware, cloud misconfigurations, phishing/account takeovers, and data security gaps. The report, based on 667 Korean security professionals, warns that generative AI and autonomous agents will intensify phishing,...
U.S. Sanctions Russian Broker Over Zero-Day Exploits Theft
The United States has sanctioned Russian cyber‑exploit broker Operation Zero, its director Sergey Zelenyuk, and a UAE‑based front company for stealing eight zero‑day vulnerabilities from a U.S. defense contractor. Australian insider Peter Williams allegedly sold the exploits for roughly $1.3 million...
AI Content Generation Systems Face Global Pressure Over Privacy and Deepfake Risks
Data protection authorities from 61 countries issued a joint warning that AI content generation systems, especially those creating realistic images and videos, pose serious privacy and deep‑fake risks. The statement cites recent incidents, such as Grok’s non‑consensual “nudified” images, and...
Two Petabytes Worth Data of Israeli’s Siphoned, Says Cyber Head
Israel’s National Cyber Directorate disclosed that roughly two petabytes—equivalent to 100 National Library of Israel archives—have been exfiltrated from citizens and institutions over recent years. The breach scale eclipses prior megabyte‑ and terabyte‑level incidents, marking an unprecedented data loss. Concurrently,...
Advantest Cyberattack Triggers Ransomware Investigation Across Internal Network
Advantest Corp., a Tokyo‑listed semiconductor test equipment maker, disclosed a cyberattack that surfaced on February 15, when unusual activity triggered its incident‑response protocols. Preliminary analysis suggests an unauthorized third party infiltrated parts of the internal network and deployed ransomware, prompting...
Mozilla Firefox Issues Emergency Patch for Heap Buffer Overflow in Firefox V147
Mozilla released an out‑of‑band update, Firefox v147.0.4, to fix a high‑severity heap buffer overflow in the libvpx video codec (CVE‑2026‑2447). The flaw, discovered by researcher jayjayjazz, could allow attackers to execute arbitrary code by delivering crafted VP8/VP9 video streams. Parallel patches...
DSS Files Charges Against El-Rufai Over Alleged NSA Phone Interception
The Department of State Services has filed a three‑count criminal charge against former Kaduna governor Nasir El‑Rufai for allegedly intercepting the telephone communications of National Security Adviser Nuhu Ribadu. Prosecutors say El‑Rufai admitted the illegal interception during a televised interview on 13 February 2026,...
The Cyber Express Weekly Roundup: Escalating Breaches, Regulatory Crackdowns, and Global Cybercrime Developments
The Cyber Express weekly roundup highlights a series of high‑profile cyber incidents across continents. The European Commission’s mobile device management system was breached but contained within nine hours, while Senegal’s national identity services were crippled by ransomware. In Australia, FIIG...
60,000 Records Exposed in Cyberattack on Uzbekistan Government
Uzbekistan’s Digital Technologies Ministry confirmed that a cyberattack on three government information systems in late January exposed roughly 60,000 individual data records, not the personal data of 15 million citizens as earlier rumors suggested. The breach, which lasted from January 27‑30, was...
8,000+ ChatGPT API Keys Left Publicly Accessible
Cyble Research and Intelligence Labs uncovered more than 8,000 publicly accessible ChatGPT API keys, including over 5,000 GitHub repositories and roughly 3,000 live production websites. The keys were hard‑coded in source code, configuration files, and client‑side JavaScript, making them instantly...
FIIG Securities Fined AU$2.5 Million Following Prolonged Cybersecurity Failures
Australian fixed‑income firm FIIG Securities was hit with a AU$2.5 million civil penalty after the Federal Court found it failed to protect client data for over four years. A 2023 ransomware attack exfiltrated roughly 385 GB of personal and financial information belonging...
ENISA Updates Its International Strategy to Strengthen EU’s Cybersecurity Cooperation
The European Union Agency for Cybersecurity (ENISA) has published an updated International Strategy aimed at reinforcing the EU’s cyber‑defence ecosystem through selective global cooperation. The revision aligns partnerships with the EU’s policy objectives, highlighting collaborations with Ukraine, the United States,...
Senegal Confirms Cyberattack on Agency Managing National ID and Biometric Data
Senegal’s Directorate of File Automation (DAF) confirmed a cyberattack that forced a shutdown of national ID card, passport and biometric services. Ransomware group The Green Blood Group claims to have exfiltrated 139 TB of citizen records and posted samples on the...
UAE Cyber Security Council Warns Stolen Logins Fuel Majority of Financial Cyberattacks
The UAE Cyber Security Council warned that roughly 60% of financial cyberattacks begin with stolen usernames and passwords. As digital banking expands, compromised credentials have become the primary gateway for fraud, identity theft, and unauthorized access to sensitive financial data....
Singapore Launches Largest-Ever Cyber Defense Operation After UNC3886 Targets All Major Telcos
Singapore launched its largest coordinated cyber‑defense effort, Operation Cyber Guardian, after the UNC3886 advanced threat actor targeted all four major telcos—M1, Singtel, StarHub and Simba. More than 100 cyber defenders from six government agencies worked with the operators to contain...
OpenAI Launches Trusted Access for Cyber to Expand AI-Driven Defense While Managing Risk
OpenAI announced Trusted Access for Cyber, a program that provides vetted defenders with controlled access to its most advanced cybersecurity model, GPT‑5.3‑Codex, via ChatGPT. The initiative pairs this privileged access with $10 million in API‑credit grants to support defensive research and...
Substack Discloses Breach Exposing Its User Details After Four-Month Delay
Substack announced that a security breach exposed subscriber email addresses, phone numbers and internal metadata after attackers accessed the data in October 2025. The intrusion went undetected until February 2026, giving threat actors a four‑month dwell time. The company confirmed...
US FDA Reissues Cybersecurity Guidance to Reflect QMSR Transition and ISO 13485 Alignment
The FDA reissued its final medical‑device cybersecurity guidance on February 4, updating references to reflect the new Quality System Management Regulation (QMSR) that took effect on February 2. The revision aligns the guidance with ISO 13485:2016, embedding the international standard into the U.S....
Mountain View Shuts Down Flock Safety ALPR Cameras After Year-Long Unrestricted Data Access
Mountain View police chief Mike Canfield ordered an immediate shutdown of the city’s Flock Safety automated license‑plate reader (ALPR) system after discovering that hundreds of unauthorized law‑enforcement agencies had been able to query the data for more than a year....
Lakelands Public Health Confirms Cyberattack, Says Sensitive Data Unaffected
On Jan 29, 2026, Lakelands Public Health confirmed a cyberattack that disrupted internal systems but left sensitive health records untouched. The agency activated its incident‑response plan, isolated affected assets, and hired a leading cybersecurity firm to investigate and restore services....
Foxit Releases Security Updates for PDF Editor Cloud XSS Vulnerabilities
Foxit Software released security updates on February 3 2026 that remediate two moderate‑severity cross‑site scripting (XSS) vulnerabilities (CVE‑2026‑1591, CVE‑2026‑1592) in Foxit PDF Editor Cloud, and a related XSS flaw (CVE‑2025‑66523) in Foxit eSign patched on January 15 2026. The flaws allowed crafted file attachment...