Collecting Cyber-News from over 60 sources

Tag: government

Iranian hackers blamed for breach of Los Angeles transit system that took weeks to recover

May 26, 2026 6:00 PM

Tags: breach, cybersecurity, data, government, hacker, iran

An Israeli cybersecurity firm said Iran’s government is behind Ababil of Minab, a fake hacktivist persona that has claimed a series of data breaches after the start of the war in Iran. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/26/iranian-hackers-blamed-for-breach-of-los-angeles-transit-system-that-took-weeks-to-recover/
7-Eleven data breach affects over 185,000 people’s personal data

May 26, 2026 4:00 PM

Tags: breach, data, data-breach, government

The data breach included names, dates-of-birth, postal addresses, and Social Security numbers, according to a state government listing. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/26/7-eleven-data-breach-affects-over-185000-peoples-personal-data/
CISA orders feds to patch actively exploited Drupal vulnerability

May 26, 2026 12:00 PM

Tags: cisa, exploit, government, injection, sql, update, vulnerability

CISA has given U.S. government agencies until Wednesday evening to secure their servers against an SQL injection vulnerability in the Drupal content management system (CMS) that it flagged as actively exploited. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-actively-exploited-drupal-vulnerability/
CISA orders feds to patch actively exploited Drupal vulnerability

May 26, 2026 12:00 PM

Tags: cisa, exploit, government, injection, sql, update, vulnerability

CISA has given U.S. government agencies until Wednesday evening to secure their servers against an SQL injection vulnerability in the Drupal content management system (CMS) that it flagged as actively exploited. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-actively-exploited-drupal-vulnerability/
CISA orders feds to patch actively exploited Drupal vulnerability

May 26, 2026 12:00 PM

Tags: cisa, exploit, government, injection, sql, update, vulnerability

CISA has given U.S. government agencies until Wednesday evening to secure their servers against an SQL injection vulnerability in the Drupal content management system (CMS) that it flagged as actively exploited. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-actively-exploited-drupal-vulnerability/
APT Group Patches termsrv.dll to Enable Multiple RDP Sessions

May 25, 2026 3:00 PM

Tags: apt, cloud, cyber, espionage, government, group, russia, threat, windows

A sustained cyber espionage campaign attributed to the Cloud Atlas advanced persistent threat (APT) group has introduced a stealthy technique that modifies the Windows termsrv.dll library to enable multiple Remote Desktop Protocol (RDP) sessions on compromised systems. Observed throughout 2025 and continuing into 2026, the activity primarily targets government and commercial entities in Russia and…
US states step up cyber defenses to protect local communities

May 25, 2026 2:00 PM

Tags: cyber, cybersecurity, defense, government

U.S. state governments are taking on a larger role in cybersecurity to help protect local communities and essential services. Many states are building state-led cyber defense … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/25/cltc-building-community-cyber-defense-programs/
Taiwan Flags Five Major Cyber Risks After 726 Security Incidents in 2025

May 25, 2026 12:00 PM

Tags: country, cyber, cybersecurity, government, ransomware, risk, security-incident, social-engineering, software, supply-chain

Taiwan’s digital security authorities have identified five major areas of concern following hundreds of reported cybersecurity incidents involving government agencies in 2025. According to Taiwan’s Ministry of Digital Affairs, the country recorded 726 cybersecurity incidents this year, highlighting ongoing Taiwan cyber risk challenges tied to ransomware, fake software, supply chain weaknesses, and social engineering attacks. First seen…
AI safety cannot wait for a ‘Chernobyl moment’, experts warn

May 25, 2026 12:00 PM

Tags: ai, government

As AI becomes increasingly capable, tech leaders at Singapore’s ATxSummit urge governments and industry to build safety and accountability into AI systems before a major disaster strikes First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366643439/AI-safety-cannot-wait-for-a-Chernobyl-moment-experts-warn
Kazuar Malware Becomes Modular Spyware for Secret Blizzard Ops

May 25, 2026 9:00 AM

Tags: blizzard, cyber, defense, espionage, government, group, malware, russia, spyware, threat, tool

A major evolution in the Kazuar malware family, a long-standing cyber espionage tool linked to the Russian state-sponsored threat group Secret Blizzard, also known as Turla and Venomous Bear. Kazuar historically supported espionage campaigns targeting government, diplomatic, and defense sectors. Its latest iteration introduces a modular architecture composed of three key components: Kernel, Bridge, and…
Ghostwriter Is Back, Using a Ukrainian Learning Platform as Bait to Hit Government Targets

May 23, 2026 1:00 PM

Tags: apt, email, government, group, malware, phishing, ukraine

Ghostwriter targeted Ukrainian government agencies with phishing emails delivering malware and Cobalt Strike payloads. The Belarus-nexus APT group Ghostwriter (also tracked as UAC-0057 and UNC1151) has resurfaced with a new phishing campaign targeting Ukrainian government organizations. This time the lure is Prometheus, a legitimate Ukrainian online learning platform that many government employees actually use. Using…
FBI Director’s Former Apparel Brand Hit by Malware

May 23, 2026 5:00 AM

Tags: cyber, email, government, hacker, incident, iran, macOS, malicious, malware

Malware Targeted macOS Users Visiting Patel Foundation Merchandise Page. Two months after Iran-linked hackers exfiltrated FBI Director Kash Patel’s personal email, the government official’s name is tangled up in another cyber incident, this time through a MAGA swag shop he co-founded. ClickFix malware on the site tried to trick shoppers into running a malicious command.…
Iranian Hackers Using Fake Job Sites to Breach Defense Firms

May 23, 2026 1:00 AM

Tags: breach, communications, defense, government, hacker, iran, jobs, malware, network

Unit 42 Says Iranian Operators Target Aerospace and Government Staff. Palo Alto Networks’ Unit 42 said Iran-linked operators tied to Screening Serpens are using fake recruiting campaigns, cloned aerospace hiring portals and malware-laced job materials to infiltrate defense, satellite communications and government networks. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/iranian-hackers-using-fake-job-sites-to-breach-defense-firms-a-31762
CISA contractor’s public GitHub repo exposed sensitive government credentials

May 22, 2026 10:00 PM

Tags: cisa, credentials, data-breach, github, government

First seen on scworld.com Jump to article: www.scworld.com/brief/cisa-contractors-public-github-repo-exposed-sensitive-government-credentials
Water, the Soft Underbelly of Critical Infrastructure

May 22, 2026 8:00 PM

Tags: cyber, cybersecurity, governance, government, infrastructure, service, threat, usa, vulnerability

Fragmented Governance and Scarce Resources Make America’s Water Sector Vulnerable. America’s water utilities are the nation’s most cyber-vulnerable critical service sector, but their cybersecurity is overseen and supported by an ill-fitting patchwork of government agencies and most lack the resources to meet the threat they face. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/water-soft-underbelly-critical-infrastructure-a-31758
Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware

May 22, 2026 8:00 PM

Tags: computer, defense, email, government, malware, phishing, threat, ukraine

The Belarus-aligned threat actor known as Ghostwriter (aka UAC-0057 and UNC1151Ukraine’s National Security and Defense Council) has been observed using lures related to Prometheus, a Ukrainian online learning platform, to target government organizations in the country.The activity, per the Computer Emergency Response Team of Ukraine (CERT-UA), involves sending phishing emails to government First seen on…
China’s Webworm Uses Discord, Microsoft Graphs to Hack EU Governments

May 22, 2026 4:00 PM

Tags: china, government, group, microsoft, threat, tool, vpn

The advanced persistent threat group also relied on SOCKS proxies like SoftEther VPN, tunneling tools that act as a middleman between victim and attacker. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/chinas-webworm-discord-microsoft-graphs
Belarus-linked hackers use fake training certificates to target Ukrainian officials

May 22, 2026 3:00 PM

Tags: email, espionage, government, group, hacker, hacking, training, ukraine

A Belarus-linked hacking group known as GhostWriter has launched a new espionage campaign against Ukrainian government officials using fake emails disguised as messages from a popular online learning platform to deliver malware. First seen on therecord.media Jump to article: therecord.media/oysterfresh-belarus-linked-campaign-targets-ukraine
Russian Hackers Exploit RDP, VPNs, Supply Chains for Initial Access

May 22, 2026 3:00 PM

Tags: access, cyber, defense, exploit, government, group, hacker, infrastructure, network, russia, social-engineering, supply-chain, threat, vpn

Russian state-sponsored and aligned threat groups are increasingly combining Remote Desktop Protocol (RDP), Virtual Private Networks (VPNs), supply chain compromise, and sophisticated social engineering to gain initial access to targeted networks across government, critical infrastructure, and commercial sectors. This multi-vector approach allows them to bypass perimeter defenses, blend in with legitimate traffic, and maintain long-term…
Operation Dragon Whistle Targets Changzhou University with Malicious LNK Files

May 22, 2026 10:00 AM

Tags: cloud, cyber, cyberattack, government, malicious, phishing, service, tactics, threat, tool

A recent phishing campaign dubbed “Operation Dragon Whistle” highlights an evolving trend in cyberattacks: threat actors abusing legitimate developer tools and cloud services to maintain stealth and persistence. Although initially linked to targeting academic environments such as Changzhou University, new analysis reveals overlapping tactics used in a broader campaign aimed at government-linked organizations, including Pakistan’s…
Processes & Culture Top Reasons Behind Data Breaches

May 22, 2026 10:00 AM

Tags: breach, cyber, data, government, law

Government leaders revealed that, in spite of state laws meant to improve cyber hygiene, an analysis of incidents showed issues persist and visibility falls short. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/processes-and-culture-top-reasons-behind-data-breaches
State Officials Urge Congress to Renew Cyber Grant Program

May 22, 2026 5:00 AM

Tags: ai, china, cyber, cybersecurity, defense, government, intelligence

Officials Warn Local Governments Lack Resources to Counter Advanced Threats. State cybersecurity officials warned Congress that Chinese-linked intrusions and rapidly advancing artificial intelligence systems are overwhelming local defenses as states push lawmakers to expand long-term federal cyber grant funding and preserve federal coordination efforts. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/state-officials-urge-congress-to-renew-cyber-grant-program-a-31748
OnDemand | What we got wrong about AI in the public sector

May 21, 2026 10:00 PM

Tags: ai, government

A fireside chat with Elastic and IDC. Join IDC and Elastic for a fireside chat about the assumptions, missteps, and surprises that have shaped AI adoption in government and public sector organizations. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ondemand-what-we-got-wrong-about-ai-in-public-sector-a-31744
Processes and Culture Top Reasons Behind Data Breaches

May 20, 2026 11:02 PM

Tags: breach, cyber, data, government, law

Government leaders revealed that, in spite of state laws meant to improve cyber hygiene, an analysis of incidents showed issues persist and visibility falls short. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/processes-and-culture-top-reasons-behind-data-breaches
Bulgaria fires up Google Cloud for national cyber security

May 20, 2026 8:00 PM

Tags: cloud, cyber, google, government, service, soc

The Bulgarian national systems integrator, BIS, has deployed Google Cloud’s Cybershield government security service as part of a national federated SOC deployment. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366643458/Bulgaria-fires-up-Google-Cloud-for-national-cyber-security
EUDI-Wallet: Regierung bringt Gesetz für digitale Brieftasche auf den Weg

May 20, 2026 7:00 PM

Tags: governance, government

Anfang 2027 soll der Personalausweis aufs Handy kommen. Das ermöglicht ein neues Sicherheitsniveau auf mobilen Endgeräten. First seen on golem.de Jump to article: www.golem.de/news/eudi-wallet-regierung-bringt-gesetz-fuer-digitale-brieftasche-auf-den-weg-2605-208890.html
EUDI-Wallet: Regierung bringt Gesetz für digitale Brieftasche auf den Weg

May 20, 2026 7:00 PM

Tags: governance, government

Anfang 2027 soll der Personalausweis aufs Handy kommen. Das ermöglicht ein neues Sicherheitsniveau auf mobilen Endgeräten. First seen on golem.de Jump to article: www.golem.de/news/eudi-wallet-regierung-bringt-gesetz-fuer-digitale-brieftasche-auf-den-weg-2605-208890.html
Webworm APT targets European government organizations with new backdoors

May 20, 2026 5:00 PM

Tags: apt, backdoor, china, government, group

ESET has released an analysis of the 2025 activity of Webworm, a China-aligned APT group tracked as Space Pirates and UAT-8302. Active since at least 2022, the group initially … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/20/webworm-apt-campaign-targets-europe/
Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API

May 20, 2026 4:00 PM

Tags: api, backdoor, china, control, cybersecurity, government, microsoft, threat

Cybersecurity researchers have flagged fresh activity from a China-aligned threat actor known as Webworm in 2025, deploying custom backdoors that employ Discord and Microsoft Graph API for command-and-control (C2 or C&C) communications.Webworm, first publicly documented by Broadcom-owned Symantec in September 2022, is assessed to be active since at least 2022, targeting government agencies First seen…
Senator presses CISA for answers about alleged GitHub repository leak

May 20, 2026 3:00 PM

Tags: breach, cisa, cybersecurity, github, government, infrastructure, leak

U.S. Senator Maggie Hassan (D-NH) sent a letter to the acting director of the Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday demanding answers about an alleged breach uncovered by cybersecurity reporter Brian Krebs involving government contractor Nightwing. First seen on therecord.media Jump to article: therecord.media/hassan-presses-cisa-github-leak