Russian cyber threat actors have been attributed to a state-sponsored campaign targeting Western logistics entities and technology companies since 2022. The activity has been assessed to be orchestrated by APT28 (aka BlueDelta, Fancy Bear, or Forest Blizzard), which is linked to the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center, Military…
How to make the most of the new features in Sophos Firewall v21.5.
Steven Masada, Assistant General Counsel, Microsoft’s Digital Crimes Unit, writes: Microsoft’s Digital Crimes Unit (DCU) and international partners are disrupting the leading tool used to indiscriminately steal sensitive personal and organizational information to facilitate cybercrime. On Tuesday, May 13, Microsoft’s DCU filed a legal action against Lumma Stealer (“Lumma”), which is the favored info-stealing malware used by…
Alexander Martin reports: A notorious Russian hacking unit was blamed on Wednesday for conducting a widespread campaign that officials say “presents a serious risk” to the targeted organizations and sectors in more than a dozen countries. In a joint cybersecurity advisory co-sealed by what appears to be a record number of allied countries (11) and intelligence agencies…
Matthew Gault reports: Researchers published a massive database of more than 2 billion Discord messages that they say they scraped using Discord’s public API. The data was pulled from 3,167 servers and covers posts made between 2015 and 2024, the entire time Discord has been active. Though the researchers claim they’ve anonymized the data, it’s…
Alexander Koskey, Madison McMahan, and Matthew White of Baker Donelson write: A recent decision from the Federal Court of Australia in McClure v. Medibank Private Limited [2025] FCA 167 underscores just how easily privilege can be lost. While McClure was decided under Australian law, the court’s reasoning closely aligns with a series of U.S. cases that have…
A.J. Vicens and Raphael Satter report: A hacker who breached the communications service used by former Trump national security adviser Mike Waltz earlier this month intercepted messages from a broader swathe of American officials than has previously been reported, according to a Reuters review, potentially raising the stakes of a breach that has already drawn…
Continuous Integration and Continuous Delivery/Deployment (CI/CD) refers to practices that automate how code is developed and released to different environments. CI/CD pipelines are fundamental in modern software development, ensuring code is consistently tested, built, and deployed quickly and efficiently. While CI/CD automation accelerates software delivery, it can also introduce security
Counterfeit Facebook pages and sponsored ads on the social media platform are being employed to direct users to fake websites masquerading as Kling AI with the goal of tricking victims into downloading malware. Kling AI is an artificial intelligence (AI)-powered platform to synthesize images and videos from text and image prompts. Launched in June 2024,…
Russian organizations have become the target of a phishing campaign that distributes malware called PureRAT, according to new findings from Kaspersky. “The campaign aimed at Russian business began back in March 2023, but in the first third of 2025 the number of attacks quadrupled compared to the same period in 2024,” the cybersecurity vendor said….
