May 23, 2026

Anthropic’s AI Finds Thousands of Security Flaws in Major Software Systems

Anthropic made headlines after introducing Claude Mythos Preview, a new AI model designed to assist security researchers in finding previously unknown software vulnerabilities. Unlike traditional security tools, the model can analyze large amounts of code, identify potential weaknesses, and help researchers understand how those flaws might be exploited.At the same time, Anthropic launched Project Glasswing, a cybersecurity initiative that brought […]
April 30, 2026

UK Launches New Cyber Resilience Push at CYBERUK Conference

The UK government used the CYBERUK 2026 conference in Glasgow to outline its vision for strengthening national cyber resilience over the coming decade. Held from 21 to 23 April at the Scottish Event Campus, the event brought together more than 3,000 cybersecurity professionals, government officials, academics, and industry leaders to discuss the evolving threat landscape and the future of cyber […]
March 10, 2026

APT28 (FancyBear) OPSEC Failure Exposes Espionage Pipeline

In an unusual turn of events, a cyber espionage campaign linked to Russia’s notorious hacking group FancyBear (also known as APT28) was exposed because of a simple security mistake made by the attackers themselves.Researchers at Hunt.io discovered that the group had left one of its servers publicly accessible on the internet for more than 500 days. The exposed server contained […]
February 25, 2026

European Commission & Dutch Authorities Hacked via Ivanti Zero-Day Vulnerabilities

In one of the most significant cybersecurity incidents of February 2026, several high-profile European organizations confirmed that their systems had been compromised after hackers exploited previously unknown vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM).Among the affected organizations were the European Commission, the Dutch Data Protection Authority (AP), and the Dutch Council for the Judiciary. The attacks were linked to two […]
January 29, 2026

January’s biggest data breaches exposed

January 2026 started with two major cybersecurity concerns that quickly gained attention across the security community. One involved a large-scale data breach affecting Match Group, while the other centered on a critical vulnerability discovered in the SmarterMail email platform.On January 28, the threat actor group known as ShinyHunters claimed responsibility for a breach involving Match Group services, including Hinge, Match.com, […]
December 20, 2025

Cisco Email Security Products Under Active Attack

Cisco Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) appliances are currently being actively exploited by a China-linked advanced persistent threat (APT) group tracked as UAT-9686, with known associations to APT41 and UNC5174. Cisco’s Product Security Incident Response Team (PSIRT) identified the activity during a Technical Assistance Center (TAC) support investigation, with evidence indicating the campaign had […]
November 10, 2025

Critical vulnerability found in 7-Zip archiving tool

A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-11001 (CVSS 7.0), was disclosed in the popular open-source 7-Zip archiving tool, affecting all versions before 25.00 released in July 2025. The flaw stems from improper handling of symbolic links in ZIP archives, enabling attackers to craft malicious files that allow directory traversal outside the intended extraction folder. When a user […]
October 16, 2025

US Air Force warns of SharePoint data breach

The U.S. Air Force publicly acknowledged a significant data breach involving Microsoft SharePoint, which potentially exposed sensitive personal and health information of service members. According to an official notification circulated by the Air Force Personnel Center, the breach stemmed from misconfigured SharePoint permissions, resulting in the unauthorized access to Personally Identifiable Information (PII) and Protected Health Information (PHI). To mitigate […]
July 2, 2025

Louis Vuitton Extortion Data Breach

Luxury fashion house Louis Vuitton, part of the LVMH Group, experienced a significant data breach involving extortion, affecting customers across multiple countries, including the United Kingdom, South Korea, Turkey, Italy, Sweden, and Hong Kong. The incident was detected on July 2, 2025, when unauthorized access was identified within a database operated by a third-party service provider. Investigations revealed that attackers […]
1234
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.