Windows Server Update Services (WSUS) vulnerability abused to harvest sensitive data

A threat actor possibly of Russian origin has been attributed to a new set of attacks targeting the energy sector in Kazakhstan. The activity, codenamed Operation BarrelFire, is tied to a new threat group tracked by Seqrite Labs as Noisy Bear. The threat actor has been active since at least April 2025. “The campaign is…

Fiona Simmons reports: A tribal casino hotel in Minnesotahas become the latest victim of cybercrime targeting the gambling sector. Because of that, the property was forced to temporarily shut down many of its systems until the problem was resolved. The Junction Casino Hotel, a property in the Lower Sioux Indian Community, just suffered a cybersecurity breach. As…

Run by the team at workflow orchestration and AI platform Tines, the Tines library features over 1,000 pre-built workflows shared by security practitioners from across the community – all free to import and deploy through the platform’s Community Edition. The workflow we are highlighting streamlines security alert handling by automatically identifying and executing the appropriate…

When people ask us, “Aren’t all endpoint solutions the same these days?” — our answer is simple: No. They’re not.

Diogo Santos Coelho (aka “Omnipotent” of RaidForums) was arrested in January 2022 in the U.K. when he traveled there to visit his mother. For the past 3+ years, he has been in limbo while both the U.S. and Portugal seek his extradition. It has not been a straightforward matter legally. Far from it, actually. The……

Attack Surface Management (ASM) tools promise reduced risk. What they usually deliver is more information.  Security teams deploy ASM, asset inventories grow, alerts start flowing, and dashboards fill up. There is visible activity and measurable output. But when leadership asks a simple question, “Is this reducing incidents?” the answer is often unclear.  This gap between…