Silent Ransom Group Hits US Law Firms in Escalating Extortion Attacks

The financially motivated group is combining vishing, IT impersonation, and in-person office intrusions to steal data and extort victims.

Check Point VPN Flaw Exploited Since Early May

A newly discovered, critical zero-day vulnerability is under attack; a Qilin ransomware affiliate has been blamed for at least one incident.

Iran Signed a Ceasefire — Its Hackers Didn't

An extension of the Geneva Conventions could impose restrictions on cyberwarfare under ceasefire conditions and close a major loophole in international conflict.

'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud

The latest attacks, which hit 37 PyPI wheels and 19 code packages, show a continued evolution of the persistent software supply chain threat.

Exposed Fuel Tank Gauges Under Attack in the US

Threat actors are taking advantage of Internet-exposed tank gauges by breaching gas stations, opening the door to disruption.

Rust-Written IronWorm Hits NPM Supply Chain

Like Shai-Hulud, the campaign targets developers to steal credentials and reuses them to propagate across the software supply channel.

4 Critical Threats Where Attackers Have the Advantage

Gartner analysts issued a call to action to bolster defenses against several emerging critical threats, such as deepfakes and prompt injections.