Tag: government
-
Ukrainian emergency services and hospitals hit by espionage campaign using new AgingFly malware
Hackers have targeted Ukrainian hospitals and local government bodies in a new espionage campaign using a malware tool dubbed AgingFly, researchers say. First seen on therecord.media Jump to article: therecord.media/aging-fly-espionage-campaign-targets-ukraine-emergency-services
-
NIST narrows scope of CVE analysis to keep up with rising tide of vulnerabilities
The National Vulnerability Database will now only analyze vulnerabilities in critical software, systems used in the federal government and those under active exploitation. First seen on cyberscoop.com Jump to article: cyberscoop.com/nist-narrows-cve-analysis-nvd/
-
Two Americans sentenced for helping North Korea steal $5 million in fake IT worker scheme
The U.S. Department of Justice announced that two Americans were sentenced to years in prison for helping the North Korean government place fake IT workers in U.S. companies. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/16/two-americans-sentenced-for-helping-north-korea-steal-5-million-in-fake-it-worker-scheme/
-
From clinics to government: UAC-0247 expands cyber campaign across Ukraine
CERT-UA reports UAC-0247 targeting Ukrainian clinics and government bodies with malware stealing data from Chromium browsers and WhatsApp. CERT-UA has revealed a cyber campaign by the threat actor UAC-0247 targeting Ukrainian government entities and municipal healthcare facilities, including clinics and emergency hospitals. The operation between March and April 2026, used malware designed to steal sensitive…
-
UK’s Sovereign AI supports supercomputing and drug discovery AI startups
The UK government’s £500m Sovereign AI fund announces first cohort of startups backed to boost economic growth and national security First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366641874/UKs-Sovereign-AI-supports-supercomputing-and-drug-discovery-AI-startups
-
CYBERUK ’26: UK lagging on legal protections for cyber pros
Ahead of next week’s CYBERUK conference, the CyberUp Campaign for reform of the UK’s hacking laws urges the government to keep focus, and proposes a four-pillar framework that would protect cyber professionals from prosecution. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366641875/CYBERUK-26-UK-lagging-on-legal-protections-for-cyber-pros
-
5 trends defining the future of AI-powered cybersecurity
Tags: ai, automation, backup, breach, business, cloud, compliance, cyber, cybersecurity, data, defense, detection, endpoint, framework, government, metric, monitoring, msp, regulation, resilience, threatSee how AI is altering the landscape in the new N-able and Futurum report, Cybersecurity in the Age of AI: Moving from Fragile to Resilient. Get key insights on building a modern framework for business resilience. 2. From perimeter security to continuous cyber resilience: The “castle and moat” approach is obsolete. In a world of…
-
Anthropic co-founder confirms the company briefed the Trump administration on Mythos
Tags: governmentIn an interview at the Semafor World Economy summit this week, Anthropic co-founder Jack Clark explained why the company was still engaged with the U.S. government while simultaneously suing them. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/14/anthropic-co-founder-confirms-the-company-briefed-the-trump-administration-on-mythos/
-
FCC signals continued commitment to Cyber Trust Mark program
The government approved a new lead overseer for its IoT device security labeling initiative. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/fcc-cyber-trust-mark-new-lead-administrator/817437/
-
Testing reveals Claude Mythos’s offensive capabilities and limits
Could Claude Mythos Preview, Anthropic’s latest large language model, be leveraged for fully automated cyber attacks? The UK government’s AI Security Institute … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/14/claude-mythos-test-attack-capabilities-limits/
-
The Iranian Conflict Leads to the Latest Attack on OT Production – ARIA Cybersecurity
<div cla CISA and the FBI warned that Iranian-backed cyber attackers are targeting Rockwell LOGIX® PLC deployments in Government, Energy and Water/Wastewater as well as other industries first back on March 20th 206. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/the-iranian-conflict-leads-to-the-latest-attack-on-ot-production-aria-cybersecurity/
-
UK reliance on US big tech companies is ‘national security risk’, claims report
UK government urged to follow European countries by backing technology based on open standards First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366641487/UK-reliance-on-US-big-tech-companies-is-national-security-risk-claims-report
-
Here’s how cyber heavyweights in the US and UK are dealing with Claude Mythos
Two reports from former high-level U.S. cyber officials and the UK government’s top AI research institution reveal how top defenders think about the tool’s hacking capabilities. First seen on cyberscoop.com Jump to article: cyberscoop.com/claude-mythos-ai-cybersecurity-threat-report/
-
France Tees Up Big Public Sector Move Away From US Tech
European Governments Grow Suspicious of Silicon Valley. French abandonment of American software for open-source alternatives continues apace, with all government ministries now facing a fall deadline for outlining plans to reduce their dependence on U.S. tech. France must regain control of our digital destiny, said public action minister David Amiel. First seen on govinfosecurity.com Jump…
-
Hacker Used Claude Code, GPT-4.1 to Exfiltrate Hundreds of Millions of Mexican Records
A lone hacker used Claude Code and GPT-4.1 to exfiltrate hundreds of millions of Mexican citizen records from 9 government agencies. First seen on hackread.com Jump to article: hackread.com/hacker-claude-code-gpt-4-1-mexican-records/
-
Hungarian government creds left in the safe hands of ‘FrankLampard’
Nearly 800 state logins surfaced in breach data, including defense and NATO-linked accounts First seen on theregister.com Jump to article: www.theregister.com/2026/04/11/hungary_government_logins_breach/
-
Claude and ChatGPT Exploited in Sweeping Cyber Campaign Against Government Agencies
In a groundbreaking technical report released by Gambit Security researcher Eyal Sela, new details have emerged about a massive cyberattack targeting government infrastructure. A single threat actor successfully leveraged artificial intelligence platforms to breach nine Mexican government agencies. The campaign, which operated from late December 2025 through mid-February 2026, resulted in the exfiltration of hundreds…
-
Commerce setting up new AI export regime to push adoption of ‘American AI’ abroad
The department is looking to create a “menu of priority AI export packages that the U.S. Government will promote to allies and partners around the world.” First seen on cyberscoop.com Jump to article: cyberscoop.com/commerce-ai-export-regime-promotes-american-ai-adoption-abroad/
-
UK government threatens tech bosses with jail time if they do not adequately fight nudification tools
A U.K. communications regulator, Ofcom, has said it will be cracking down on the spread of the images in the aftermath of the Grok scandal, which led to millions of “nudified” images of women and children to be circulated worldwide. First seen on therecord.media Jump to article: therecord.media/uk-threatens-tech-bosses-with-jail-ai-nudification
-
Big Tech, Big Exposure: Data from Over 3.5 Million Accounts Handed to US Authorities
New research from digital privacy firm Proton has revealed the staggering scale of how Google, Apple, and Meta share user data with US government authorities, and the numbers are only growing. According to the findings, the three tech giants have collectively handed over data from more than 3.5 million user accounts over the past decade,…
-
Industrial Controllers Still Vulnerable As Conflicts Move to Cyber
The US government warns programmable logic controllers are being targeted, and research turns up 179 vulnerable operational technology (OT) devices. First seen on darkreading.com Jump to article: www.darkreading.com/ics-ot-security/industrial-controllers-vulnerable-conflicts-cyber
-
The cyber winners and losers in Trump’s 2027 budget
Tags: cisa, communications, compliance, corporate, cyber, cybersecurity, defense, government, group, infrastructure, international, network, office, risk, service, strategy, threatFigure 1- Top gainers in Trump’s 2027 budget. Compilation from OMB cross-cut tables. CSOSeveral smaller agencies, including the EPA, Department of Education, Tennessee Valley Authority, Federal Mine Safety and Health Review Commission, and the US Army Corps of Engineers, also stand to post modest gains under the 2027 budget. Losers: DHS, VA, and research programs…
-
CMMC compliance in the age of AI
Tags: access, ai, automation, awareness, business, compliance, control, data, detection, email, governance, government, grc, metric, risk, tool, trainingThe primary readiness gap: data scope awareness: Central to preparation is gaining a complete understanding of the data subject to CMMC 2.0 controls. Many organizations are still struggling to define the full scope of systems, workflows and third-party relationships that process or store CUI. When contractors conduct detailed CMMC-focused data inventories, it’s common that they’ll…
-
Middle East Espionage Attack Uses Fake Secure Messaging Apps to Deliver ProSpy
Hackers are impersonating popular secure messaging apps to deploy a sophisticated Android spyware tool called ProSpy against journalists, activists, and political figures across the Middle East, in a hack”‘for”‘hire campaign linked to the BITTER APT group. The campaign has been active since at least 2022. It primarily targets civil society members and potentially government officials in countries…
-
What to Know About CyberAv3ngers: The IRGC-Linked Group Targeting Critical Infrastructure
Tags: access, advisory, ai, attack, authentication, automation, backup, cctv, chatgpt, cisa, communications, compliance, control, credentials, crypto, cve, cyber, cybersecurity, data, data-breach, defense, detection, dns, email, exploit, finance, firewall, flaw, government, group, healthcare, infrastructure, intelligence, international, Internet, iot, iran, kev, leak, linux, malicious, malware, mitigation, mitre, monitoring, network, office, openai, password, radius, resilience, risk, router, service, siem, software, strategy, switch, technology, threat, tool, update, vpn, vulnerability, vulnerability-managementAn Iran-affiliated threat group has evolved from defacing water utility displays to deploying custom ICS malware and exploiting Rockwell Automation PLCs across multiple U.S. critical infrastructure sectors. Key takeaways: CyberAv3ngers is a state-directed threat group operating under Iran’s IRGC Cyber-Electronic Command. The U.S. Treasury sanctioned six named officials in February 2024 and the State Department…
-
Iranian attacks on US critical infrastructure puts 3,900 devices in crosshairs
Censys researchers warned that thousands of devices are exposed to the Iranian government’s campaign targeting energy, water, and U.S. government services and facilities. First seen on cyberscoop.com Jump to article: cyberscoop.com/iran-attackers-industrial-ot-government-energy-water-censys/
-
Cloudflare ‘actively adjusting’ quantum priorities in wake of Google warning
Tags: android, attack, awareness, browser, chrome, ciso, communications, compliance, computer, computing, crypto, cryptography, cybersecurity, data, encryption, google, government, group, Hardware, infrastructure, Internet, ml, mobile, regulation, risk, service, strategy, technology, threat, vulnerabilityNational Institute of Standards and Technology (NIST) has set a 2030 deadline for depreciating legacy encryption algorithms ahead of their planned retirement in 2035.Late last month Google brought forward its own post-quantum cryptography (PQC) deadline a year to 2029 because advances in quantum computers mean that legacy encryption and digital signature systems are at greater…
-
On Microsoft’s Lousy Cloud Security
ProPublica has a scoop: In late 2024, the federal government’s cybersecurity evaluators rendered a troubling verdict on one of Microsoft’s biggest cloud computing offerings. The tech giant’s “lack of proper detailed security documentation” left reviewers with a “lack of confidence in assessing the system’s overall security posture,” according to an internal government report reviewed by…