North Korea’s APT37 expands toolkit to breach air-gapped networks
Zscaler says North Korea’s APT37 added five new tools, including capabilities that can help breach air-gapped networks.
University of Mississippi Medical Center still offline after ransomware attack
UMMC remains disrupted after a ransomware attack, underscoring how healthcare cyber incidents can threaten operations, data, and patient safety.
Odido breach impacts millions of Dutch telco users
Odido says a breach affected over six million customers, raising fraud, privacy, and regulatory concerns across the Dutch telecom sector.
Time to exploit is shrinking as attackers pile onto known flaws
Flashpoint says the gap between disclosure and exploitation is shrinking, with attackers increasingly abusing known flaws before defenders can patch.
AI is helping drive a sharp rise in phishing attacks, Cofense says
Cofense says phishing volume doubled in a year as AI helps attackers craft more convincing, personalized email lures.
Labyrinth Chollima evolves into three North Korean hacking groups
CrowdStrike says North Korea’s Labyrinth Chollima has split into three groups, signaling more specialized DPRK cyber operations.
Us data breaches hit record high but victim numbers decline
U.S. data breaches hit a record high in 2025, while victim totals fell, pointing to more frequent but smaller and more fragmented incidents.
Researchers say more than 454,000 malicious open source packages were found in 2025
Sonatype says it found 454,000+ malicious open source packages in 2025, signaling a sharp escalation in software supply-chain threats.
LastPass warns fake backup emails are trying to steal master passwords
LastPass says fake backup emails are phishing for master passwords and urges users not to trust urgent 24-hour account notices.
Over 160,000 companies have notified European regulators of GDPR breaches
DLA Piper says over 160,000 GDPR breach notifications were filed in Europe, with breached firms reporting incidents up 22%.
AI is supercharging cybercrime’s new ‘fifth wave,’ Group-IB warns
Group-IB says cybercrime has entered a fifth wave, with AI boosting phishing, deepfakes and impersonation fraud at scale.
Ransomware victim numbers rise despite fewer active extortion groups
ReliaQuest-linked reporting suggests ransomware victims rose in Q4 2025 despite fewer extortion groups, pointing to criminal market consolidation.











