Featured
CISA Extends Critical CVE Program Funding in Last-Minute Decision
CISA has granted an 11-month extension to MITRE for managing the globally essential CVE vulnerability database, averting a potential crisis just hours before contract expiration. The incident has sparked discussions about establishing a CVE Foundation to ensure long-term stability through a non-profit model.
Former CISA Director Chris Krebs Exits SentinelOne Following Trump Administration Clash
Chris Krebs abruptly departed from his role at cybersecurity firm SentinelOne amid an escalating dispute over security clearances with the Trump administration. The former CISA director cited the need to focus on his personal fight for democracy, as tensions rise following a presidential memo targeting him and company employees.
Russian IP Address Attempts Access to NLRB Systems Following Suspicious DOGE Activity
A federal cybersecurity specialist exposed concerning login attempts from Russia to access NLRB systems shortly after DOGE received broad system credentials. The whistleblower's disclosure reveals potential data extraction and unusual access permissions granted to DOGE officials, leading to calls for investigation.
Major Data Breach at Conduent Exposes Social Security Numbers and Disrupts Government Services
Business services provider Conduent suffered a significant cybersecurity incident in January 2024, resulting in stolen personal data including Social Security numbers. The breach disrupted critical government services across multiple U.S. states, affecting child support and food assistance programs.
Math Prodigy Turned Crypto Hacker: The $65M Heist That Shocked Two Nations
A 22-year-old Canadian mathematics genius faces multiple criminal charges for allegedly stealing $65 million through cryptocurrency platform exploits. The University of Waterloo graduate, who earned two degrees by age 19, remains a fugitive while authorities grapple with prosecuting sophisticated digital financial crimes.
4chan Security Breach Could Unmask Anonymous Administrators
A significant hack of the controversial image board 4chan has potentially exposed administrator identities and internal data, threatening the site's anonymous foundation. Security experts suggest the breach exploited unpatched legacy systems, while leaked information could aid law enforcement investigations.
North Korean Hackers Target Crypto Developers Through LinkedIn Job Scam
A sophisticated North Korean hacking group dubbed Slow Pisces is exploiting LinkedIn to target cryptocurrency developers with malware through fake job recruitment. The campaign has already led to major cryptocurrency heists totaling over $1 billion in 2023 alone.
Chinese State Hackers Deploy SNOWLIGHT Malware in Global Linux System Attack Campaign
Chinese state-sponsored group UNC5174 launches sophisticated attack campaign targeting Linux systems using SNOWLIGHT malware and VShell RAT. The operation, affecting multiple sectors across 20 countries, demonstrates a strategic shift toward open-source tools to evade detection.
SSL Certificate Lifespans to Shrink Dramatically: 47-Day Validity Coming in 2029
Major changes approved by the CA/Browser Forum will reduce SSL/TLS certificate validity periods to just 47 days by 2029, down from the current 398 days. The staged reduction aims to enhance online security while pushing organizations toward automated certificate management solutions.