The Record

Ukraine's military intelligence agency confirmed that it participated with two volunteer hacking groups in an operation against Gaskar Group, a Russian drone company.

Cameron John Wagenius faces up to 27 years in prison after pleading guilty to wire fraud, extortion and aggravated identity theft in data breaches involving major corporations.

On Tuesday, Google said Big Sleep managed to discover CVE-2025-6965 — a critical security flaw that Google said was “only known to threat actors and was at risk of being exploited.”

“The good news" is that China's Volt Typhoon hacking campaign "really failed," an NSA official said at a cyber conference in New York. An FBI official also described an incident of "true cyberwarfare" with the Flax Typhoon group.

A statement from Louis Vuitton South Korea said the breach involved names, contact information and other data provided by customers. No financial information was included in the breach.

A critical vulnerability in products from the file transfer company Wing FTP Server is being actively exploited, the Cybersecurity and Infrastructure Security Agency said.

The Department of Justice alleged that Hill Associates had billed for cybersecurity services that were out of the scope of its contract, and which would have required it to undergo a technical evaluation required by the General Services Administration.

Last week, the FBI’s Atlanta field office announced the seizure of nsw2u.com, nswdl.com, game-2u.com, bigngame.com, ps4pkg.com, ps4pkg.net and mgnetu.com — placing FBI banners on all of the sites.

A Kremlin-linked group has been publishing fake articles on spoofed news websites to spread disinformation in France, Armenia, Germany, Moldova and Norway, researchers have found.

Britain's tax agency and Romanian police combined on an operation to break up a fraud ring that used phishing emails to capture U.K. taxpayer information.

Albemarle County officials confirmed systems were hit with ransomware last month, exposing resident and employee data and knocking services offline.

The cases, which stretched across multiple continents and shed light on the shady world of corporate espionage and mercenary hackers, stemmed from a scheme allegedly orchestrated by an attorney at the law firm Dechert to hack into Azima’s accounts for one of its clients.

The person behind a $42 million theft from the decentralized exchange GMX has returned the stolen cryptocurrency in exchange for a $5 million bounty.

The one-day deadline issued by CISA on Thursday appears to be the shortest one ever issued. Federal civilian agencies are typically given three weeks to patch bugs added to the known exploited vulnerability catalog.

Indonesia has extradited to Russia a man accused of running a Telegram channel that sold personal data obtained from law enforcement databases.

The AI products from Chinese company DeepSeek present unacceptable national security risks, Czechia said in banning the software from government use.

Huawei will manage and store judicially authorized wiretaps in Spain, under a contract that bucks the trend of Western governments restricting use of the Chinese tech company's products and services.

The investigation comes in response to an account in the Israeli business publication TheMarker, which reported that the contracts included a deal to buy Pegasus — the powerful spyware manufactured by Israel-based NSO Group.

Daniil Kasatkin, 26, was detained in June at Paris’s Charles de Gaulle Airport shortly after arriving in the country with his fiancée, according to local media reports.

Kemp spoke with Recorded Future News about why he believes data brokers are dangerous and whether forthcoming federal privacy legislation is likely to wipe out California’s pioneering privacy law.