cyberintel.kalymoon.com · 4645 articles · updated every 4 hours · grows forever
Welcome to the largest educational data breach in history - affecting nearly 9,000 institutions, every Ivy League university, and 30 million students mid-finals. When Canvas's parent company refused t…
Fortinet released a batch of patches across its products on Patch Tuesday, including two critical vulnerabilities that can lead to remote code execution. Fortinet flaws, both zero-day and n-day, have …
The apparent revenge deletion of US federal databases after the dismissal of twin brothers from an online hosting company is another reminder to IT and HR leaders that tough off-boarding procedures ha…
An OPSEC failure provides a window into what helped the ransomware group rise: a generous affiliate model, opportunistic TTPs, and an effective organizational structure.
Threat actors are publishing RubyGems packages that include scrapers targeting public-facing UK government servers, but with no clear objective.
Security governance needs to be more than an annual compliance exercise. New companies are emerging to address risk-management gaps in current audit tools.
A critical vulnerability affecting certain configurations of the Exim open-source mail transfer agent could be exploited by an unauthenticated remote attacker to execute arbitrary code. [...]
The Iran-linked hacking group MuddyWater (a.k.a. Seedworm, Static Kitten) launched a broad cyber-espionage campaign targeting at least nine high-profile organizations across multiple sectors and count…
West Pharmaceutical Services disclosed that it was the target of a cyberattack that resulted in data exfiltration and system encryption. [...]
BPCC Named Louisiana’s Top Cybersecurity Associate Degree Program for 2026 Bossier Press-Tribune
Hackers Constantly Break 'Confirmation of Data Destruction' Promises When a business that stores children's personal data gets hit by data-leaking extortionists, what should it do? For Instructure, wh…
Malicious npm Package Lets Attackers Capture Refreshed Tokens A researcher has mapped a five-step attack on Claude Code that intercepts the credentials giving AI agents access to Jira, GitHub and Conf…
Latest Mini Shai-Hulud Worm Steals Credentials, Includes Wiper, Now Open Source A new Shai-Hulud variant has infected multiple npm repositories and jumped to other widely used JavaScript and Python pa…
A Live Panel Discussion with CyberEdBoard and Fortinet Secure Access Service Edge is entering mainstream adoption. Enterprises are shifting from point solutions to platforms. And AI is now at the core…
Microsoft’s MDASH discovered 16 of the Patch Tuesday vulnerabilities, and Palo Alto used Mythos to find dozens of flaws. The post Microsoft, Palo Alto Networks Find Many Vulnerabilities by Using AI on…
The Nitrogen ransomware group claims to have hacked the company’s systems, stealing 8TB of data, including confidential documents. The post Foxconn Confirms North American Factories Hit by Cyberattack…
Informa TechTarget's flagship cybersecurity media brand launches a special content series to mark two decades as a trusted source for cybersecurity professionals.
A cybersecurity researcher has published proof-of-concept (PoC) exploits for two unpatched Microsoft Windows vulnerabilities named YellowKey and GreenPlasma, which are a BitLocker bypass and a privile…
Analysis: Anthropic Claude Mythos Won’t ‘Reshape Cybersecurity’ crn.com
Treasury Launches Cybersecurity Information Sharing Initiative for the Digital Asset Industry U.S. Department of the Treasury (.gov)
Australian federal budget 2026: The industry perspective Cyber Daily
Best Cybersecurity Companies in India 2026: Top 10 Industry Leaders The National Law Review
A newly disclosed Linux kernel vulnerability dubbed Fragnesia allows any local unprivileged user to escalate privileges to root without requiring a race condition, making it one of the more reliable l…