Microsoft Office vulnerability (CVE-2026-21509) in active exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting n8n to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2025-68613 (CVSS score: 9.9), concerns a case of expression injection that leads to remote code execution. The security shortcoming was patched

Sergiu Gatlan reports: Four REvil ransomware members arrested in January 2022 were released by Russia on time served after they pleaded guilty to carding and malware distribution charges. As they confirmed, Andrey Bessonov, Mikhail Golovachuk, Roman Muromsky, and Dmitry Korotayev were involved in the Revil gang’s carding activities between October 2015 and January 2022, according…

While the ransomware attack on the Oregon Department of Environmental Equality (DQE) is making headlines this month, there was also an update to a lawsuit stemming from the MOVEit breach in 2023 that affected 3.5 million Oregonians whose driver’s license and identity information was held by the  Oregon Driver and Motor Vehicle Services. Aimee Green…

Eduard Kovacs reports: Nucor, which claims to be the largest steel manufacturer and recycler in North America, disclosed the cybersecurity incident in mid-May. The attack involved unauthorized access to IT systems and resulted in some systems being taken offline and the temporary halting of certain production operations. Nucor on Friday shared an update on the incident in…

HOUSTON – A coordinated effort involving an international disruption of an online software crypting syndicate which provides services to cybercriminals to assist them with keeping their malicious software (malware) from being detected has resulted in the seizure of four domains and their associated server, announced U.S. Attorney Nicholas J. Ganjei. Crypting is the process of…

French version. The English version is below. It’s interesting to note that IntelBroker was described as a British national who was arrested in France in February, 2025 and detained in pre-trial detention.