A dangerous deal: The anatomy of the Pearson data breach and the ransom paid for deletion
A deep dive into the Pearson data breach, where a deal with Medusa ransomware hackers was struck to delete student data stolen via a third-party vendo
Instructure's 'agreement' with ShinyHunters highlights the perilous reality of data extortion
Instructure, maker of the Canvas LMS, reached an "agreement" with ShinyHunters to stop a data leak, highlighting the grim reality of cyber extortion.
Cloudflare's strategic layoffs: Parsing the reality behind the AI-powered growth narrative
Cloudflare's early 2024 layoffs, despite strong profits, signal a strategic pivot to AI, impacting employees and setting a new industry precedent.
Misinformation in the machine: The truth behind the 'first AI-generated zero-day exploit'
In November 2023, reports of an AI-generated zero-day shocked the security world. We debunk the myth and analyze the real threat: AI-assisted attacks.
Multiple universities forced to reschedule final exams after Canvas cyber incident
A cyber incident targeting the Canvas LMS forced multiple universities to reschedule final exams, highlighting institutional vulnerabilities and new c
The cyber front: Analyzing Russia's digital war against Ukraine
A deep dive into Russia's sustained cyber warfare campaign against Ukraine, detailing the wiper malware, critical infrastructure attacks, and global s
A decade-old report on foreign-fueled separatism in Alberta offers a modern lesson in disinformation
A decade-old, debunked report alleging foreign promotion of Alberta separatism serves as a key lesson in identifying and countering modern disinformat
Palo Alto Networks zero-day exploited in campaign with suspected Chinese state-actor ties
A critical zero-day in Palo Alto Networks' firewalls (CVE-2024-3400) was exploited by a suspected Chinese state actor to breach high-value networks.
EU's AI Act deal bans deepfake 'nudification' while delaying high-risk rules
European leaders have clarified the AI Act, banning tools that create non-consensual synthetic intimate content and postponing rules for high-risk sys
Polish water plants breached in coordinated attack on industrial controls
A detailed analysis of the coordinated cyberattacks on five Polish water treatment plants, which gave hackers control over industrial systems.
The hidden cost of your commute: GM's record $12 million privacy fine explained
General Motors will pay a record $12.1M in a California privacy settlement over its OnStar program sharing driver data with brokers without clear cons
A congressional inquiry questions the US government's double standard on commercial spyware
A new congressional inquiry is challenging the U.S. government's use of commercial spyware, questioning a double standard that sanctions foreign firms