News

Nextgov9h
China-linked ‘Silk Typhoon’ hackers accessed Commvault cloud environments, person familiar says
The hacking unit previously infiltrated Treasury Department networks and compromised some of the agency’s most sensitive ...
Cyberdefense cuts could sap U.S. response to China hacks, insiders say
Some Trump administration officials want to hit back at China for its hacks on U.S. infrastructure — a risky strategy, ...
CISA says SaaS providers in firing line after Commvault zero-day Azure attack
CISA said this week that the zero-day gave attackers a way into Commvault's Azure-hosted M365 backup SaaS solution, which ...
WinBuzzer12h
184M Logins Leaked of Social Media, Financial, Gov Accounts: Infostealer Breach Hits Global Users
A massive database of 184M login credentials, likely from infostealer malware, has been found exposed online, impacting ...
Trump govt official Madhu Gottumukkala trolled for his Indian origin, MAGA asks how to pronounce this name
Amid the ongoing H-1B row, MAGA activists targeted another Indian-origin official who has recently joined the Donald Trump ...
US local governments targeted by Chinese hackers
Multiple US government agencies were targeted by Chinese hackers, Cisco Talos warns The hackers used a bug in Trimble ...
CSO Online17h
Beijing may have breached US government systems before Cityworks plugged a critical flaw
Talos' research revealed that Chinese hackers are actively exploiting the flaw to execute code and attempt persistence on ...
SecurityWeek18h
Companies Warned of Commvault Vulnerability Exploitation
CISA warns companies of a widespread campaign targeting a Commvault vulnerability to hack Azure environments. The ongoing ...
SecurityWeek19h
Cityworks Zero-Day Exploited by Chinese Hackers in US Local Government Attacks
A Chinese threat actor exploited a zero-day vulnerability in Trimble Cityworks to hack local government entities in the US.
The Hacker News23h
CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud Misconfigs
CISA, which added CVE-2025-3928 to its Known Exploited Vulnerabilities Catalog in late April 2025, said it's continuing to ...