The uncomfortable reality is that the energy sector's cyberattacks have doubled between 2020 and 2022. Indeed, 48 successful attacks hit Europe’s energy infrastructure in 2022 alone, which is why cybersecurity has become a key component of ensuring overall energy security. In particular, cybersecurity experts in the Netherlands have been closely monitoring the major power outage affecting Spain and Portugal and are raising pressing concerns about the vulnerability of critical infrastructure.[1
All Articles (2554)
Sort by
A critical flaw found in the open source Langflow platform was added to the US Cybersecurity and Infrastructure Security Agency’s (CISA's) Known Exploited Vulnerabilities (KEV) catalog. Langflow is a Python-based Web application, a popular tool in the realm of agentic AI that allows users to build AI-driven agents and workflows. The vulnerability, tracked as CVE-2025-3248, is described as a missing authentication flaw that allows remote attackers to compromise Langflow servers. With a CVSS sc
Venture capital firm Insight Partners has confirmed that sensitive data for employees and limited partners was stolen in a January 2025 cyberattack. Insight Partners is a prominent global venture capital and private equity firm specializing in high-growth technology, software, and internet companies, managing over $90 billion in regulatory assets. The company has significant investments in more than 800 companies worldwide, including Twitter, HelloFresh, and Veeam Software.
On 18 February 2025
The US-FBI has shared 42,000 phishing domains tied to the LabHost cybercrime platform, one of the largest global phishing-as-a-service (PhaaS) platforms that was dismantled in April 2024. The published domains were registered between November 2021 and April 2024, the time of their seizure, and are being shared to increase awareness and provide indicators of compromise. LabHost was a major PhaaS platform that sold access to an extensive set of phishing kits targeting US and Canadian banks for be
A Russian-linked hacktivist group known as NoName057(16) claimed responsibility for cyberattacks on several Romanian websites over the weekend, as voters headed to the polls to elect a new president. Among the targets of the distributed denial-of-service (DDoS) attacks were the official websites of the Ministry of Foreign Affairs, the Romanian government, the Constitutional Court and several presidential candidates.
Romania’s National Directorate for Cyber Security (DNSC) confirmed the attacks,
The California Privacy Protection Agency (CPPA) recently announced a six-figure fine and an order demanding significant business practice changes for a national clothing retailer which allegedly used a flawed privacy portal. Todd Snyder, Inc. will have to pay $345,000 and fix poor technical infrastructure which has led to block consumers from opting out of the sale or sharing of their personal data, the CPPA said. The firm also allegedly forced customers to give it more data than was needed to
Jeffrey Bowie, CEO of the cybersecurity firm Veritaco,[1] is facing two counts of violating Oklahoma’s Computer Crimes Act for allegedly infecting employee computers at the Oklahoma City St. Anthony Hospital. The man is accused of having installed the malware on the hospital computers on 06 August 2024. Bowie was arrested on 14 April 2025 following the issuance of an arrest warrant. Security footage reportedly shows the man attempting to access multiple offices before installing malicious sof
A new study found that a gene recently recognized as a biomarker for Alzheimer’s disease is a cause due to its previously unknown secondary function. Researchers at the University of California, San Diego, used Artificial Intelligence (AI) to help unravel this mystery of Alzheimer’s disease and discover a potential treatment. In particular, the researchers found that Phosphoglycerate dehydrogenase deficiency (PHGDH) plays a causal role in disrupting gene regulation in the brain.
Alzheimer's dise
Jeffrey Bowie, CEO of the cybersecurity firm Veritaco,[1] is facing two counts of violating Oklahoma’s Computer Crimes Act for allegedly infecting employee computers at the Oklahoma City St. Anthony Hospital. The man is accused of having installed the malware on the hospital computers on 06 August 2024. Bowie was arrested on 14 April 2025 following the issuance of an arrest warrant. Security footage reportedly shows the man attempting to access multiple offices before installing malicious sof
In recent weeks, the DragonForce ransomware group has been targeting UK retailers in a series of coordinated attacks that have caused major service disruptions. Prominent retailers such as Harrods, Marks and Spencer, and the Co-Op have all reported ongoing incidents affecting payment systems, inventory, payroll, and other critical business functions.
DragonForce has previously been attributed to several notable cyber incidents, including attacks on Honolulu OTS (Oahu Transit Services), the Gover
According to the US Department of Justice, Ryan Mitchell Kramer has pleaded guilty to accessing a computer and obtaining information, and threatening to damage a protected computer, as well as to two felony charges that each carry a prison sentence of up to five years. Kramer is behind the 2024 hack targeting The Walt Disney Company. The media giant launched an investigation into the incident in July 2024, after a threat actor calling itself NullBulge announced the theft of 1.1 Tb of data from
Research from Economist Impact reveals that quantum industry professionals are overwhelmingly optimistic that quantum utility will be achieved within the next decade. According to the study, which surveyed quantum professionals across the UK, Europe, North America, and Asia, a huge 83% think that quantum utility, when quantum computers overcome hardware and error correction challenges to perform better than classical computers, will be realized within ten years or fewer.
See: https://redskyall
Cybersecurity researchers have detailed the activities of an Initial Access Broker (IAB) named ToyMaker that has been observed handing over access to double extortion ransomware gangs like CACTUS.
See: https://redskyalliance.org/xindustry/cactus-ransomware-in-france
The IAB has been assessed with medium confidence to be a financially motivated threat actor, scanning for vulnerable systems and deploying a custom malware called LAGTOY (aka HOLERUN). "LAGTOY can be used to create reverse shells an
Recent investigations by the Mexican military revealed that cybercriminals tied to the Cártel Jalisco Nueva Generación (CJNG) have attempted to infiltrate the networks of security agencies, including the Secretariat of Security and Citizen Protection, the National Intelligence Center, and state-run oil company Petróleos Mexicanos (Pemex).
Military sources familiar with the matter told local outlet Milenio that the Jalisco Cartel is recruiting young tech experts to breach the computer systems of
The practice of ransomware actors targeting healthcare organizations continues, as three big organizations in the sector suffered apparent or confirmed attacks. DaVita, a dialysis firm that provides its services at approximately 3,000 outpatient centers worldwide, became aware of a ransomware incident on April 12 that affected and encrypted "certain on-premises systems," according to a dedicated incident response website. The firm is currently responding to the incident and is relying on conti
France's foreign ministry explicitly accused Russia's GRU military intelligence agency on 29 April of mounting cyber-attacks on a dozen entities including ministries, defense firms and think tanks since 2021 to destabilize France. The accusations, levelled at GRU unit APT28, which officials said was based in Rostov-on-Don in southern Russia, are not the first by a Western power, but it is the first time Paris has blamed the Russian state on the basis of its own intelligence.
The ministry said i
Defending against real-world threats is not just part of the job at Sentinel Labs; it is the reality of operating as a cybersecurity company in today’s landscape. Real-world attacks against our environment serve as constant pressure tests, reinforcing what works, revealing what does not, and driving continuous improvement across our products and operations. When you’re a high-value target like Sentinel, for some of the most capable and persistent adversaries out there, nothing less will do.
Di
Abilene, Texas, shut down systems after a cyberattack caused server issues. The incident occurred on April 18, 2025. Texas emergency services remained operational, and no financial irregularities were found. “On April 18, 2025, City officials received reports of unresponsive servers within our internal network and immediately began executing our incident response plan and disconnecting affected and critical assets to secure our systems,” reads the notice of security incident published by the co
Across every stage of the attack chain, automation is reshaping threat behavior. In the reconnaissance phase, cybercriminals launched over 36,000 scans per second in 2024, a 16.7% global increase. These scans are no longer just searching for exposed ports; they’re probing deep into operational technology (OT), cloud APIs, and identity layers. SIP-based VoIP systems, RDP servers, and industrial protocols like Modbus TCP are being mapped automatically and continuously.
Automation also extends to
Have you ever thought of becoming a cybercriminal? There is no better time than now. Cheap ransomware is being sold for one-time use on the Dark Web, allowing the most inexperienced amateur criminals to get involved with cyber-crime without any direct interaction with the makers. Some of these kits that enable criminals with minimal tech skills to deploy malware to steal personal information, carry out identity theft and access bank accounts, are available for less than $25.
Such malware infe
