DDoS wave continues as Mastodon hit after Bluesky incident Mastodon suffered a major DDoS attack shortly after a similar incident hit Bluesky. The outage was resolved within a few hours.

DDoS wave continues as Mastodon hit after Bluesky incident

Cyber Security Backups can save your butt if you get hack! » One of the steps in mitigation following a ransomware or other malware attack is to install your backups. This presumes that you do have a backup.

Cyber Security Backups can save your butt if you get hack! »

Mythos can find the vulnerability. It can't tell you what to do about it. Anthropic’s Mythos model marks a leap in AI-assisted vulnerability discovery, but is it a security game-changer? Andesite CTO Alex Thaman breaks down the real enterprise challenge: operationalizing…

Mythos can find the vulnerability. It can’t tell you what to do about it.

Crook claims to leak 'video surveillance footage' of firms : Mexican IT services firm admits it was hacked, but says client operations weren't affected

Crook claims to leak 'video surveillance footage' of companies

Demystifying Artificial Intelligence and Cyber Security » Many people are excited about Artificial Intelligence, while others fear it. Both perspectives are valid! Headlines scare,, but that won't keep you safe.

AI didn't change the hook. It just made the bait look better. Most breaches still start with a stolen password or an unpatched system. 4 habits do most of the work. Quick read:

No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attacks Stolen credentials remain top breach vector as AI speeds phishing and testing, increasing ransomware and persistence risk.

No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attacks

If You See This iCloud Message on Your iPhone, Don’t Click It—It’s a Scam

Seiko USA website defaced as hacker claims customer data theft The Seiko USA website was defaced over the weekend, displaying a message from attackers claiming they stole its Shopify customer database and threatening to leak it unless a ransom is paid.

Seiko USA website defaced as hacker claims customer data theft

Microsoft: Teams increasingly abused in helpdesk impersonation attacks Microsoft is warning of threat actors increasingly abusing external Microsoft Teams collaboration and relying on legitimate tools for access and lateral movement on enterprise networks.

Microsoft: Teams increasingly abused in helpdesk impersonation attacks

Software Updates in Cyber Security: Patch or Perish! If we have learned anything from the recent Microsoft Exchange Server hack, it is that software updates MUST be continually done to keep your systems safe.

Software Updates in Cyber Security: Patch or Perish!

Brussels launched an age checking app. Hackers say it takes 2 minutes to break it. Cyber experts say they have found holes in Brussels’ age verification app, despite claims by the EU executive that it is “technically ready.”

Cyber experts say the EU's age verification app has glaring privacy and security problems; after saying it was ready, EU officials say the app is "still a demo" (Politico)

CISA tells feds to patch 13-year-old Apache ActiveMQ bug : Bug hiding in plain sight for over a decade lands on KEV list

CISA tells feds to patch 13-year-old Apache ActiveMQ bug under active attack

Apple account change alerts abused to send phishing emails Apple account change notifications are being abused to send fake iPhone purchase phishing scams within legitimate emails sent from Apple's servers, increasing legitimacy and potentially allowing them…

Apple account change alerts abused to send phishing emails

Cyber attacks fuel surge in cargo theft across logistics industry Hackers infiltrate logistics firms to steal cargo and divert payments, cyberattacks are linked to organized crime and rising losses.

Cyber attacks fuel surge in cargo theft across logistics industry

Bluesky Disrupted by Sophisticated DDoS Attack A pro-Iran hacker group has taken credit for the attack on Bluesky, which appears to have lasted 24 hours.

Bluesky Disrupted by Sophisticated DDoS Attack

Cyber Security Weekly: Top 5 Cybersecurity News for the Week of March 23–29, 2026 » Commonwealth Sentinel 1: INTERPOL Takes Down 45,000+ Malicious IPs in Global Sweep Summary: An INTERPOL-coordinated operation spanning 72 countries dismantled 45,000+ malicious IPs and servers linked to phishing, malware,…

This week in cyber: 21-country DDoS takedown, Microsoft's 165-patch monster Tuesday, 108 malicious Chrome extensions, NIST rewrites vulnerability rules, and ActiveMQ under fire. Full breakdown: buff.ly/WhZYcdh

CyberSecurity #InfoSec

NIST narrows scope of CVE analysis to keep up with rising tide of vulnerabilities The National Vulnerability Database will now only analyze vulnerabilities in critical software, systems used in the federal government and those under active exploitation.

The NIST narrows its National Vulnerability Database priorities to CVEs in CISA's known exploited catalog, to deal with a backlog after its 2024 funding lapse (Matt Kapko/CyberScoop)

WordPress plugin suite hacked to push malware to thousands of sites More than 30 WordPress plugins in the EssentialPlugin package have been compromised with malicious code that allows unauthorized access to websites running them.

WordPress plugin suite hacked to push malware to thousands of sites

Server-room lock was nothing but a crock PWNED: Your cybersecurity is only as good as the physical security of the servers

Server-room lock was nothing but a crock

Ransomware Hits Automotive Data Expert Autovista The automotive analysis and data company is working with external experts to investigate the attack.

Ransomware Hits Automotive Data Expert Autovista

Data breach at edtech giant McGraw Hill affects 13.5 million accounts The ShinyHunters extortion group has leaked data from 13.5 million McGraw Hill user accounts, stolen after breaching the company's Salesforce environment earlier this month.

Data breach at edtech giant McGraw Hill affects 13.5 million accounts

Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest

Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution Cisco patches four CVEs up to CVSS 9.9 in ISE and Webex, preventing code execution and user impersonation risks.

Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution

Cisco says critical Webex Services flaw requires customer action Cisco has released security updates to patch four critical vulnerabilities, including a fixed improper certificate validation flaw in the company's cloud-based Webex Services platform that requires…

Cisco says critical Webex Services flaw requires customer action

Over 100 Chrome Web Store extensions steal user accounts, data More than 100 malicious extensions in the official Chrome Web Store are attempting to steal Google OAuth2 Bearer tokens, deploy backdoors, and carry out ad fraud.

Over 100 Chrome Web Store extensions steal user accounts, data

Microsoft Patch Tuesday for April 2026 fixed actively exploited SharePoint zero-day Microsoft Patch Tuesday security updates for April 2026 fixed 165 vulnerabilities, including an actively exploited SharePoint zero-day.

Microsoft Patch Tuesday for April 2026 fixed actively exploited SharePoint zero-day

Infrastructure is the New Battlefield of Cyber Warfare Infrastructure is the New Battlefield. Two days before Super Bowl LV in Tampa, FL, a hacker attempted to taint the water supply just 12 miles from the stadium.

Infrastructure is the New Battlefield of Cyber Warfare