How CISOs can survive geopolitical cyberattacks
Geopolitical cyberattacks increasingly favor wipers and disruption, pushing CISOs to focus on segmentation, containment, and recovery.
Ransomware affiliate leak exposes The Gentlemen’s playbook
A leak from affiliate Hastalamuerte reportedly reveals The Gentlemen’s use of FortiGate exploits, BYOVD evasion and Qilin-style tactics.
Middle East conflict highlights cloud resilience gaps
Conflict in the Middle East shows how cloud outages can stem from physical attacks, power loss, and telecom failures—not just cyber incidents.
America’s critical infrastructure still runs on controllers old enough to buy on eBay
Critical infrastructure operators are still securing decades-old industrial controllers, often using secondhand parts as legacy OT risk grows.
Iran claims massive cyber-attack on medtech firm Stryker
A pro-Iran group says it wiped 200,000 Stryker systems, but public evidence is thin. Here’s what’s known, what isn’t, and why it matters.
Compromised WordPress sites used in global ClickFix infostealer campaign
Rapid7 warns over 250 legitimate sites were compromised to push ClickFix prompts and infostealer malware at unsuspecting visitors.
Iran’s MuddyWater hackers hit US firms with new Dindoor backdoor
Iran-linked MuddyWater used a new Dindoor backdoor against a bank, airport, non-profit, and software firm branch in a fresh espionage campaign.
Israel: RedAlert spyware campaign exploits wartime panic with trojanized app
A wartime-themed spyware campaign in Israel used SMS lures and a fake Red Alert app to trick users into installing Android surveillance malware.
AI and deepfakes are making cyber-attacks easier to launch, Cloudflare warns
Cloudflare says AI and deepfakes are helping attackers scale phishing, impersonation and fraud with less skill and greater realism.
Less lucrative ransomware market pushes attackers toward stealthier Windows tools
Ransomware groups are replacing Cobalt Strike with native Windows tools as payments fall and data-theft extortion becomes more common.
Critical Langflow flaw was exploited within hours of disclosure
A critical Langflow vulnerability enabling unauthenticated RCE was reportedly exploited within hours of public disclosure.
Ransomware payments fall even as attacks jump, signaling a harsher but less reliable extortion market
Chainalysis data shows ransomware attacks up 50% in 2025, while total payments fell 8% and median payouts climbed sharply.











