The Record

A prominent Cambodian tycoon was the subject of multiple raids conducted Tuesday by Thai police, who accused him of being involved in cyber scams.

Google researchers reported on a malware campaign against end-of-life SonicWall appliances, noting that the attackers were good at covering their tracks.

The group, known as “Diskstation,” is accused of encrypting victims’ systems and demanding large cryptocurrency ransoms to restore access to their data, Italy’s Postal and Cybersecurity Police said in a statement.

The measure aims to prevent compromise of U.S. telecommunications through strengthening network security by establishing “baseline cybersecurity requirements for vendors of telecommunications services” to the country’s 18 intelligence agencies, according to a summary of the bill released by the panel.

Ukraine's military intelligence agency confirmed that it participated with two volunteer hacking groups in an operation against Gaskar Group, a Russian drone company.

Cameron John Wagenius faces up to 27 years in prison after pleading guilty to wire fraud, extortion and aggravated identity theft in data breaches involving major corporations.

On Tuesday, Google said Big Sleep managed to discover CVE-2025-6965 — a critical security flaw that Google said was “only known to threat actors and was at risk of being exploited.”

“The good news" is that China's Volt Typhoon hacking campaign "really failed," an NSA official said at a cyber conference in New York. An FBI official also described an incident of "true cyberwarfare" with the Flax Typhoon group.

A statement from Louis Vuitton South Korea said the breach involved names, contact information and other data provided by customers. No financial information was included in the breach.

A critical vulnerability in products from the file transfer company Wing FTP Server is being actively exploited, the Cybersecurity and Infrastructure Security Agency said.

The Department of Justice alleged that Hill Associates had billed for cybersecurity services that were out of the scope of its contract, and which would have required it to undergo a technical evaluation required by the General Services Administration.

Last week, the FBI’s Atlanta field office announced the seizure of nsw2u.com, nswdl.com, game-2u.com, bigngame.com, ps4pkg.com, ps4pkg.net and mgnetu.com — placing FBI banners on all of the sites.

A Kremlin-linked group has been publishing fake articles on spoofed news websites to spread disinformation in France, Armenia, Germany, Moldova and Norway, researchers have found.

Britain's tax agency and Romanian police combined on an operation to break up a fraud ring that used phishing emails to capture U.K. taxpayer information.

Albemarle County officials confirmed systems were hit with ransomware last month, exposing resident and employee data and knocking services offline.

The cases, which stretched across multiple continents and shed light on the shady world of corporate espionage and mercenary hackers, stemmed from a scheme allegedly orchestrated by an attorney at the law firm Dechert to hack into Azima’s accounts for one of its clients.

The person behind a $42 million theft from the decentralized exchange GMX has returned the stolen cryptocurrency in exchange for a $5 million bounty.

The one-day deadline issued by CISA on Thursday appears to be the shortest one ever issued. Federal civilian agencies are typically given three weeks to patch bugs added to the known exploited vulnerability catalog.

Indonesia has extradited to Russia a man accused of running a Telegram channel that sold personal data obtained from law enforcement databases.

The AI products from Chinese company DeepSeek present unacceptable national security risks, Czechia said in banning the software from government use.