Most ransomware playbooks don't address machine credentials. Attackers know it.

The gap between ransomware threats and the defenses meant to stop them is getting worse, not better. Ivanti’s 2026 State of Cybersecurity Report found that the preparedness gap widened by an average [...]

Hacker used Anthropic's Claude chatbot to attack multiple government agencies in Mexico

Here's yet another troubling story about this "golden" era of AI. A hacker has exploited Anthropic's Claude chatbot to carry out attacks against Mexican government agencies, accord [...]

New UK law would ban ransomware payments by publicly funded orgs

The British government has announced plans to move forward with a law that would bar public organizations from paying off ransomware attackers. The proposed legislation would add schools, town council [...]

How an Oregon court became the stage for a $115,000 showdown between Meta and Facebook creators

Some of the most successful creators on Facebook aren't names you'd ever recognize. In fact, many of their pages don't have a face or recognizable persona attached. Instead, they run pa [...]

Pro-Russian hacker group claims responsibility for DDoS attack on French postal service

A pro-Russian hacker group has come forward as the perpetrator of a DDoS attack on the French national postal service La Poste that took place on December 22, according to Reuters. The distributed den [...]

How recruitment fraud turned cloud IAM into a $2 billion attack surface

A developer gets a LinkedIn message from a recruiter. The role looks legitimate. The coding assessment requires installing a package. That package exfiltrates all cloud credentials from the developerâ [...]

Claude didn't just plan an attack on Mexico's government. It executed one for a month — across four domains your security stack can't see.

Attackers jailbroke Anthropic’s Claude and ran it against multiple Mexican government agencies for approximately a month. They stole 150 GB of data from Mexico’s federal tax authority, the nationa [...]

Security researchers aren't buying Musk's spin on the cyberattack that took down X

One day after X went down for hours, security researchers are throwing cold water on Elon Musk’s public comments about who might be behind the DDoS attack. On Monday, as X was still struggling to re [...]

Your IT stack is the enemy: How 84% of attacks evade detection by turning trusted tools against you

It’s 3:37 am on a Sunday in Los Angeles, and one of the leading financial services firms on the West Coast is experiencing the second week of a living-off-the-land (LOTL) attack. A nation-state cybe [...]