A self-replicating worm is ravaging the JavaScript ecosystem with unprecedented aggression, compromising over 800 packages and 25,000+ repositories Executive Summary The npm ecosystem is under siege from one of the most aggressive and sophisticated supply chain attacks ever witnessed. Dubbed "Shai-Hulud 2.0" or "The Second
Bottom Line Up Front: In September 2025, a sophisticated hybrid cyber operation named "Korean Leaks" devastated South Korea's financial sector through a single managed service provider (MSP) breach, compromising 28 asset management firms and exfiltrating over 1 million files totaling 2TB of data. The campaign represents
Breaking: Multiple London borough councils have been hit by what appears to be a coordinated cyber attack, raising serious questions about the security of shared IT infrastructure in local government. The Cyber Siege: How Ransomware is Crippling America’s Cities and TownsThe summer of 2025 has proven to be one
A wave of sophisticated cyber attacks has targeted half of the Ivy League institutions, exposing sensitive donor and student data while universities face mounting political scrutiny In what cybersecurity experts are calling an unprecedented assault on American higher education, four of the eight Ivy League universities have fallen victim to
Executive Summary The emergence of Crimson Collective and its subsequent merger into the Scattered Lapsus$ Hunters alliance represents a watershed moment in cybercrime evolution. What began as disparate groups of teenage hackers has transformed into a sophisticated criminal enterprise that has compromised over 1,000 organizations, stolen billions of records,
Executive Summary INC Ransom has emerged as one of the most aggressive and prolific ransomware-as-a-service (RaaS) operations since its appearance in July 2023. Unlike traditional ransomware groups that claim to avoid healthcare, education, and government targets, INC Ransom has systematically attacked precisely these sectors, demonstrating a complete abandonment of the
Executive Summary A sophisticated cyberattack has crippled the OnSolve CodeRED emergency notification platform, impacting hundreds of municipalities across the United States and potentially exposing personal information of millions of residents. The incident, which began in early November 2025, has forced OnSolve to permanently decommission its legacy CodeRED infrastructure and migrate
In the evolving landscape of digital privacy, security, and internet regulation, several legislative frameworks have significantly shaped the discourse in the United States. These include the Foreign Intelligence Surveillance Act (FISA) along with Section 702, the House Permanent Select Committee on Intelligence (HPSCI) bill, Net Neutrality, the Internet Bill of
Introduction: In an unexpected move that further underscores the tensions on the international stage, the European Union (EU) has proposed imposing sanctions on certain Chinese companies for their alleged role in supporting Russian activities. This decision highlights the EU's commitment to address perceived violations of international norms through
Key Takeaway The key takeaway from the web page content is that digital security in 2030 will revolve around the ability of societies to match the speed of trust with the speed of innovation, with a focus on trust, data privacy, technology adoption, and the US-China relationship. wefcybersecuritytrendswefcybersecuritytrends.pdf1 MBdownload-circle
Introduction The cyberattacks on MGM Resorts International and Caesars Entertainment, two titans in the casino and hospitality industry, represent a significant episode in the annals of cybercrime. These incidents not only led to considerable financial losses but also exposed sensitive customer data, underscoring the escalating threat of cyberattacks in the
Website highlighting all the recent hacking attempts at companies and technology providers.
British retail giant's profits plunge 55% following devastating Easter ransomware attack, but insurance payout and recovery plans signal path forward Executive Summary Marks & Spencer has revealed the full financial devastation of the Easter 2025 cyber attack that crippled its operations for weeks, with underlying pre-tax profits tumbling
Bottom Line Up Front: The Jaguar Land Rover cyber attack has delivered a devastating financial blow to parent company Tata Motors, with direct costs of £196 million ($258 million) contributing to a staggering £485 million ($639 million) quarterly loss. This incident, which caused a five-week production shutdown and £1.9
Executive Summary The UK cyber insurance landscape experienced a dramatic transformation in 2024, with payouts skyrocketing from £59 million to £197 million—a staggering 234% increase that signals both the growing sophistication of cyber threats and critical gaps in organizational preparedness. This surge occurred before several of 2025's
Breaking: Suspected Scattered Spider members deny all charges in devastating TfL breach that paralyzed London's transport infrastructure In a significant development in one of the UK's most high-profile cybercrime cases, two teenagers accused of orchestrating the devastating Transport for London (TfL) cyber attack have formally pleaded
Breaking: Cybersecurity Giant Terminates Employee Who Allegedly Sold Screenshots to Notorious Hacking Collective Executive Summary In a stark reminder that insider threats remain one of the most challenging security vulnerabilities, CrowdStrike has confirmed it terminated an employee last month who allegedly shared internal system screenshots with the notorious Scattered Lapsus$
Executive Summary: Salesforce has disclosed yet another major security incident affecting customer data, this time involving compromised Gainsight applications. The breach, attributed to the notorious ShinyHunters cybercrime collective, has impacted over 200 Salesforce instances and represents the latest chapter in a devastating year of supply chain attacks that have exposed
When a termination turns into a cyber catastrophe—the Maxwell Schultz case exposes the critical vulnerabilities in offboarding procedures Executive Summary In a stark reminder that insider threats remain one of cybersecurity's most persistent challenges, Maxwell Schultz, a 35-year-old IT contractor from Columbus, Ohio, has pleaded guilty to
How 'bulletproof' hosting providers enable billions in ransomware attacks—and why law enforcement is finally fighting back In the ongoing war against cybercrime, there's a critical battlefield that rarely makes headlines: the digital infrastructure that keeps criminal operations running. While ransomware gangs like LockBit and malware
Executive Summary A sophisticated phishing campaign has struck New Haven Public Schools, with attackers compromising at least four student accounts to distribute over 10,000 fraudulent emails seeking personal banking information. More than half of the student body received these malicious emails, and approximately 1,000 students—representing 10% of
November 20, 2025 - The City of Attleboro, Massachusetts became the latest American municipality to fall victim to a sophisticated cyberattack, joining a growing list of cities and towns struggling against an unprecedented surge in ransomware operations targeting local governments. Smart City Cybersecurity Assessment | CyberSafe.CityComprehensive security assessment for smart
Executive Summary In September 2025, Cloudflare mitigated an 11.5 terabits per second (Tbps) distributed denial-of-service (DDoS) attack—a record that stood for just three weeks before being shattered by a 22.2 Tbps assault. These unprecedented attacks represent the culmination of a multi-year escalation that has seen volumetric DDoS
Executive Summary On the morning of November 18, 2025, a configuration error at Cloudflare triggered a cascading failure that rendered significant portions of the internet inaccessible for several hours. ChatGPT, X (formerly Twitter), Spotify, League of Legends, and countless other services went dark, exposing an uncomfortable truth: our modern digital