CISA Warns of Axios Supply Chain Attack; Ransomware Gangs Industrialize and Target EDR

Ransomware Industrialized: Vect RaaS Partners with BreachForums and TeamPCP

The Vect ransomware-as-a-service (RaaS) group has formed a strategic alliance with the BreachForums cybercrime marketplace and the TeamPCP hacking group. This partnership aims to industrialize ransomware deployment by leveraging credentials from TeamPCP's supp...

Nearly 600,000 Patients Affected by Data Breaches at Three U.S. Healthcare Providers

Three U.S. healthcare providers have disclosed significant data breaches affecting a combined total of nearly 600,000 individuals. The North Texas Behavioral Health Authority reported a network intrusion impacting 285,000 people. In Illinois, Southern Illinois...

Progress Patches Critical Command Injection Flaws in MOVEit WAF and LoadMaster

Progress Software has released patches for a suite of vulnerabilities in its Application Delivery Controller (ADC) products, including MOVEit WAF and LoadMaster. The patched flaws include several authenticated command injection vulnerabilities (CVE-2026-3517,...

ShinyHunters Breach at Canada Life Exposes Data of 70,000 Customers

Insurance giant The Canada Life Assurance Company has confirmed a data breach affecting up to 70,000 individuals after being targeted by the ShinyHunters extortion group. The attackers gained initial access through a compromised employee account. The stolen da...

Qilin Ransomware Blinds Defenses with Advanced EDR Killer, Abusing Vulnerable Drivers

The Qilin ransomware group is using a sophisticated, multi-stage attack to neutralize endpoint security solutions before encrypting systems. According to analysis by Cisco Talos, the attack uses DLL side-loading and a "bring your own vulnerable driver" (BYOVD)...

Gentlemen RaaS Expands with SystemBC Botnet for Covert Attacks

The Gentlemen ransomware-as-a-service (RaaS) operation is now leveraging the SystemBC proxy malware botnet to enhance its attacks, according to research from Check Point. Affiliates of the group have been observed deploying SystemBC to create covert SOCKS5 tun...

Chinese APT Mustang Panda Targets Indian Banks, Korean Policy Experts in Espionage Campaign

The China-linked APT group Mustang Panda (TA416) has been conducting a widespread espionage campaign targeting financial organizations in India and public policy experts in Korea and the U.S. According to Acronis, the attacks use spear-phishing and DLL sideloa...

Semperis Extends Purple Knight AD Security Tool to US Government Clouds

Semperis has announced that its free identity security assessment tool, Purple Knight, now fully supports Microsoft's Government Community Cloud High (GCC High) environments. This update allows U.S. federal agencies and defense contractors to scan their Entra...

Ex-FBI Official Urges Terror Designations for Ransomware Gangs Attacking Hospitals

A former high-ranking FBI cyber official, Cynthia Kaiser, has called for the U.S. government to consider designating ransomware groups that target hospitals as terrorist organizations. In testimony before the House Homeland Security Committee, she argued that...

CISA Mandates Urgent Patching for Eight Actively Exploited Flaws in Cisco, JetBrains, and More

Update:CISA has provided a detailed analysis of CVE-2026-20133, a high-severity (CVSS 6.5) information disclosure vulnerability in Cisco Catalyst SD-WAN Manager. This flaw, actively exploited, allows unauthenticated remote attackers to read sensitive system informati...