The Record

A critical vulnerability in products from the file transfer company Wing FTP Server is being actively exploited, the Cybersecurity and Infrastructure Security Agency said.

The Department of Justice alleged that Hill Associates had billed for cybersecurity services that were out of the scope of its contract, and which would have required it to undergo a technical evaluation required by the General Services Administration.

Last week, the FBI’s Atlanta field office announced the seizure of nsw2u.com, nswdl.com, game-2u.com, bigngame.com, ps4pkg.com, ps4pkg.net and mgnetu.com — placing FBI banners on all of the sites.

A Kremlin-linked group has been publishing fake articles on spoofed news websites to spread disinformation in France, Armenia, Germany, Moldova and Norway, researchers have found.

Britain's tax agency and Romanian police combined on an operation to break up a fraud ring that used phishing emails to capture U.K. taxpayer information.

Albemarle County officials confirmed systems were hit with ransomware last month, exposing resident and employee data and knocking services offline.

The cases, which stretched across multiple continents and shed light on the shady world of corporate espionage and mercenary hackers, stemmed from a scheme allegedly orchestrated by an attorney at the law firm Dechert to hack into Azima’s accounts for one of its clients.

The person behind a $42 million theft from the decentralized exchange GMX has returned the stolen cryptocurrency in exchange for a $5 million bounty.

The one-day deadline issued by CISA on Thursday appears to be the shortest one ever issued. Federal civilian agencies are typically given three weeks to patch bugs added to the known exploited vulnerability catalog.

Indonesia has extradited to Russia a man accused of running a Telegram channel that sold personal data obtained from law enforcement databases.

The AI products from Chinese company DeepSeek present unacceptable national security risks, Czechia said in banning the software from government use.

Huawei will manage and store judicially authorized wiretaps in Spain, under a contract that bucks the trend of Western governments restricting use of the Chinese tech company's products and services.

The investigation comes in response to an account in the Israeli business publication TheMarker, which reported that the contracts included a deal to buy Pegasus — the powerful spyware manufactured by Israel-based NSO Group.

Daniil Kasatkin, 26, was detained in June at Paris’s Charles de Gaulle Airport shortly after arriving in the country with his fiancée, according to local media reports.

Kemp spoke with Recorded Future News about why he believes data brokers are dangerous and whether forthcoming federal privacy legislation is likely to wipe out California’s pioneering privacy law.

In an updated advisory, Qantas broke down the categories of personal data breached in a recent cyberattack, saying frequent-flyer numbers were involved, but not in a way that would compromise accounts.

Iranian advanced persistent threat (APT) groups, including those tracked as MuddyWater and APT33, appeared to launch more attacks against U.S. industrial entities in May and June, according to a report from Nozomi Networks.

Britain's National Crime Agency said police arrested one woman and three men suspected in ransomware attacks against major U.K. retailers.

The court in Leipzig ruled that Meta must pay €5,000 ($5,900) to a German Facebook user who sued the platform for embedding tracking technology in third-party websites — a ruling that could open the door to other lawsuits.

Bitcoin Depot, which operates cryptocurrency ATMs across North America, says information belonging to more than 26,000 people was breached in an incident last year.