The Record

Federal civilian agencies are not patching vulnerable Cisco devices sufficiently to protect themselves from an active hacking campaign, the Cybersecurity and Infrastructure Security Agency warned.

Concerns about domestic SIM card use in Ukrainian drones have led the Kremlin to impose a mobile internet "cooling-off period" for anyone returning home to Russia from abroad.

After years of delays, the British government introduced its landmark Cyber Security and Resilience Bill to Parliament, threatening large fines for companies that fail to protect themselves from cyberattacks.

The hackers notably used custom malware and were exploiting CVE-2025-5777 — now known colloquially as “Citrix Bleed Two” — before it was disclosed publicly in July.

Lt. Gen. Joshua Rudd, the No. 2 at U.S. Indo-Pacific Command, has emerged as a potential pick to lead U.S. Cyber Command and the National Security Agency, multiple people familiar with the search told Recorded Future News.

Court documents show evidence proving Volkov served as an initial access broker for the ransomware gang — breaking into the network of victims and then offering his access for a percentage of the ransom.

California’s legislature also has enacted an algorithmic pricing law, but it has not yet taken effect, making New York the first state in the country to regulate the practice.

California's influential privacy agency sent the state legislature three proposals, including a measure to create anti-retaliation safeguards and financial rewards for insiders who make regulators aware of corporate practices that violate state privacy law.

NSO Group announced Friedman’s appointment on Sunday, saying that NSO’s three founders no longer have any stake in the firm.

Emergency blackouts lasting up to 12 hours were introduced following the attack, with Kyiv and other regions facing widespread internet and communication outages, according to internet watchdog NetBlocks.

An expired 2015 law that gives companies liability protection when they share cyberthreat information with the federal government would be renewed through January 30 under Senate legislation to end the government shutdown.

The latest model for improving U.S. Cyber Command is circulating at the Pentagon. Some of the initiatives will spill into the next decade — an approach that is sure to create friction on Capitol Hill and beyond.

A spokesperson for the CBO confirmed the security incident and said the agency has taken immediate action to contain it while also implementing “additional monitoring and new security controls to further protect the agency’s systems going forward.”

Researchers spotted a 9-month-long campaign involving previously undiscovered spyware they call LANDFALL, which leveraged a zero-day bug in Samsung Galaxy phones.

Illuminate Education also allegedly failed to monitor its systems for suspicious activity and did not separately secure backup and active databases.

The state government of Nevada did not pay a ransom to cybercriminals who took down critical government systems in August, the state said in a post-mortem review of the attack.

Privacy and civil liberties advocates have decried the proposed expansion for how it will allegedly facilitate mass surveillance and large scale data privacy violations.

A prominent Italian communications executive and political adviser has revealed that he was targeted with Paragon spyware, making him the fifth Italian to come forward in a scandal that has rocked the Italian government.

The Russian state-backed hacking unit Sandworm has been targeting Ukraine's grain industry with wiper malware amid Moscow's ongoing efforts to undermine Kyiv's wartime economy.

Five others were handed life sentences, while nine of the accused were handed prison sentences of three to 20 years.