Insurance giant Aflac discloses data breach after subsidiary hack
American insurance giant Aflac has disclosed a new data breach after attackers breached its Japan subsidiary's systems and stole personal and bank account information.
Blackfield ransomware asks Nidec Corporation for $2 million ransom
The Blackfield ransomware gang is asking for a $2 million ransom from Nidec Corporation, a large Japanese manufacturer of electronic components for automotive and computing applications.
CISA: Windows BlueHammer flaw now exploited by ransomware gangs
CISA confirmed on Monday that ransomware gangs are now exploiting a Microsoft Defender privilege escalation vulnerability, dubbed BlueHammer, that has previously been abused in zero-day attacks.
Nissan discloses employee data breach linked to Oracle zero-day attacks
Nissan is warning that it suffered a data breach affecting current and former employees after threat actors exploited an Oracle PeopleSoft vulnerability in data theft attacks previously linked to the ShinyHunters extortion group.
NAIC says public data stolen in ShinyHunters' PeopleSoft breach
The National Association of Insurance Commissioners (NAIC) says the ShinyHunters extortion group stole only publicly available data, outdated logs, and configuration files after breaching its systems by exploiting a zero-day vulnerability in an Oracle PeopleSoft server.
WhatsApp rolls out usernames to help users hide their phone number
WhatsApp is finally allowing users to reserve usernames, a privacy feature that lets them hide their phone numbers from people not in their contact list.
In major privacy win, Supreme Court rules geofence warrants are protected by privacy rights
The Supreme Court's decision to limit geofence warrants is a win for privacy advocates, who called their use unconstitutional but sought an outright ban.
Kali Linux 2026.2 Release (GNOME 50, KDE 6.6, Helper Scripts, APT Formats & VM Boot Tweaking)
It’s the final week of Q2, and Kali Linux 2026.2 is here - right on schedule ;) We have been heads down since our last release, and we are ready to share what we have been working on. This release is a mix of desktop refreshes, infrastructure improvements, and quality-of-life changes that we think you will appreciate.
Come calcolare il ROSI: metriche e modelli finanziari per convalidare la spesa in sicurezza
Metodologie di calcolo del ROSI, metriche finanziarie e tecniche per misurare l'efficacia degli investimenti in sicurezza e comunicarne il valore al board aziendale
U.S. offers $10 million for hackers targeting WhatsApp, Signal users
The U.S. Department of State is offering up to $10 million for information that helps identify or locate members of the UNC5792 and UNC4221 hacker groups, which are linked to Russia's intelligence and military services.
Unmasking the Digital Trail: Essential Techniques for Vetting AI-Generated Content
We outline the practical, human-driven techniques threat intelligence teams must deploy to detect synthetic media, protect corporate RAG ecosystems, and filter through the noise of AI-polluted networks.
Critical SimpleHelp flaw exploited to deploy new stealer malware
Hackers are exploiting a recently disclosed critical vulnerability (CVE-2026-48558) in SimpleHelp to deploy Djinn Stealer, a previously undocumented cross-platform information stealer targeting Windows, macOS, and Linux.
Agentic AI Has an Identity Problem and Attackers Know It
AI agents can access data, trigger workflows, and take action across enterprise systems. Token Security explains why governing these privileged identities is becoming essential for enterprise security.
Flash Alert: From Bing Search to Ransomware: Bumblebee and AdaptixC2 Deliver Akira
Overview Bumblebee malware has been an initial access tool used by threat actors since late 2021. In 2023 the malware was first reported as using SEO poisoning as a delivery mechanism. Recently in May of 2025 Cyjax reported on a campaign using this method again, impersonating various IT tools. We observed a similar campaign in […]