Former CISA Director Chris Krebs Exits SentinelOne Following Trump Administration Clash
Chris Krebs abruptly departed from his role at cybersecurity firm SentinelOne amid an escalating dispute over security clearances with the Trump administration. The former CISA director cited the need to focus on his personal fight for democracy, as tensions rise following a presidential memo targeting him and company employees.
Russian IP Address Attempts Access to NLRB Systems Following Suspicious DOGE Activity
A federal cybersecurity specialist exposed concerning login attempts from Russia to access NLRB systems shortly after DOGE received broad system credentials. The whistleblower's disclosure reveals potential data extraction and unusual access permissions granted to DOGE officials, leading to calls for investigation.
Major Data Breach at Conduent Exposes Social Security Numbers and Disrupts Government Services
Business services provider Conduent suffered a significant cybersecurity incident in January 2024, resulting in stolen personal data including Social Security numbers. The breach disrupted critical government services across multiple U.S. states, affecting child support and food assistance programs.
4chan Security Breach Could Unmask Anonymous Administrators
A significant hack of the controversial image board 4chan has potentially exposed administrator identities and internal data, threatening the site's anonymous foundation. Security experts suggest the breach exploited unpatched legacy systems, while leaked information could aid law enforcement investigations.
Chinese State Hackers Deploy SNOWLIGHT Malware in Global Linux System Attack Campaign
Chinese state-sponsored group UNC5174 launches sophisticated attack campaign targeting Linux systems using SNOWLIGHT malware and VShell RAT. The operation, affecting multiple sectors across 20 countries, demonstrates a strategic shift toward open-source tools to evade detection.
SSL Certificate Lifespans to Shrink Dramatically: 47-Day Validity Coming in 2029
Major changes approved by the CA/Browser Forum will reduce SSL/TLS certificate validity periods to just 47 days by 2029, down from the current 398 days. The staged reduction aims to enhance online security while pushing organizations toward automated certificate management solutions.
Healthcare Industry Targeted by Sophisticated ResolverRAT Malware Campaign
A new sophisticated malware called ResolverRAT is actively targeting pharmaceutical and healthcare organizations through multilingual phishing campaigns. The malware employs advanced in-memory execution and evasion techniques to steal sensitive data while avoiding detection.
Advanced Persistence Attack Targets FortiGate Devices Through Symbolic Link Exploit
Sophisticated hackers have discovered a way to maintain access to FortiGate devices even after security patches by exploiting symbolic links in SSL-VPN language files. The ongoing campaign has affected hundreds of devices internationally, prompting Fortinet to release critical updates and security agencies to issue warnings.
Meta Whistleblower to Expose Company's Secret Chinese Dealings to Congress
A former Facebook employee is set to testify that Meta executives compromised U.S. national security by sharing sensitive tech information with Chinese officials. Sarah Wynn-Williams will reveal details about 'Project Aldrin' and alleged development of censorship tools for the Chinese Communist Party.
Social Security Website Faces Major Outages After DOGE Software Update
The Social Security Administration is experiencing widespread website crashes following recent software changes implemented by Elon Musk's DOGE team. The issues stem from expanded fraud detection measures that are overwhelming the system, leaving many beneficiaries unable to access critical services.