Hackers exploiting flaw in widely used Wing FTP Server

Researchers warn that a vulnerability in the file-transfer service could enable remote code execution.

Updated July 14, 2025

Researchers, CISA confirm active exploitation of critical Citrix Netscaler flaw

Critics have faulted Citrix for not updating its guidance in recent days, even as concerns grow about a resumption of the 2023 CitrixBleed crisis.

Updated July 11, 2025

Businesses are overconfident as mobile phishing scams surge

Nearly six in 10 companies experienced incidents because of voice or text phishing attacks that led to executive impersonation, according to a new report from Lookout.

UK authorities arrest 4 people in probe of retail cyberattack spree

The arrests mark the first major break in a case linked to the Scattered Spider cybercrime group, although additional work continues with multiple agencies.

Updated July 10, 2025

Ingram Micro restores global operations following hack

The company is still assessing the full impact of the ransomware attack, which has been linked to the SafePay hacker group.

Iran-linked hackers target US transportation, manufacturing firms

U.S. authorities have been warning of potential state-linked or hacktivist threats since the country intervened in the Israel-Iran war.

M&S chairman calls for mandatory disclosure of material cyberattacks

The chairman testified before British lawmakers following a major social-engineering attack on the department-store chain.

Qantas says cyberattack affected 5.7 million customers

The incident follows a notorious hacker gang’s pivot to targeting transportation companies with its trademark social-engineering attacks.

Suspected contractor for China’s Hafnium group arrested in Italy

U.S. authorities charged the man and a co-conspirator with hacking COVID-19 researchers and kicking off a cyberattack spree targeting Microsoft Exchange servers. 

Ingram Micro makes progress on restoring operations following attack

An attack linked to the ransomware gang SafePay has disrupted certain fulfillment capabilities.  

Scattered Spider poses serious risk to several hundred major companies

A new report shows that a select group of large companies uses technologies that the hacker group often targets.

Security coalition urges Congress to renew 2015 CISA law

A group of top cybersecurity and technology firms said the law provided critical protections for sharing essential vulnerability information.

SEC seeks SolarWinds settlement in reversal for agency under new leadership

The decision by the commission, now under Republican control, could reshape the landscape of corporate accountability for cyber incidents.

Ingram Micro investigating ransomware attack

The technology company said the attack has affected its ability to process and ship orders.

Qantas says large amount of customer data stolen in cyberattack on call center

The attack follows a recent increase in cyberattacks and disruptions at major airlines.

Updated July 7, 2025

FBI cyber guidance to lawmakers falls short, US senator says

Sen. Ron Wyden wants FBI briefings to cover four often-overlooked cybersecurity practices.

Ahold Delhaize USA says cyberattack exposed personal data of 2M people

The intruders who gained access to the grocer’s online systems in November had access to information including birthdays, Social Security numbers and bank account details.

US authorities unmask North Korean IT worker schemes and their American accomplices

Federal officials said businesses should carefully verify the identities of remote employees to avoid falling prey to similar scams.

US government warns of new Iran-linked cyber threats on critical infrastructure

Companies should disconnect operational technology from the internet and enforce strong protections for user accounts, a joint alert from CISA, the FBI, NSA and DoD said.

Scattered Spider appears to pivot toward aviation sector

A cyberattack on Hawaiian Airlines carries some hallmarks of the notorious cybercrime group.

Updated June 27, 2025

Hackers exploiting critical Citrix Netscaler flaw, researchers say

After confirming exploitation of a separate zero-day flaw, Cloud Software Group promises to be transparent.

AI security issues dominate corporate worries, spending

Two reports illustrate how business leaders are thinking about and budgeting for generative AI.

United Natural Foods says cyberattack will reduce quarterly earnings

The company, which supplies Whole Foods and other grocery stores nationwide, had to disable electronic ordering systems while responding to the attack earlier this month.

Microsoft to make Windows more resilient following 2024 IT outage

The company has been working with security partners to make sure future software updates don’t lead to operational disruptions for customers.

Updated June 26, 2025

‘Suspended animation’: US government upheaval has frayed partnerships with critical infrastructure

Recent federal cuts, reorganizations and other disruptions have alarmed industry leaders, who say the government is a less reliable partner even as cyber threats increase.