Clorox sues IT service provider Cognizant for causing their 2023 cyberattack (but hey, that’s what happens when you treat cybersecurity as someone else’s job).
Posted inCybersecurity News

Clorox sues IT service provider Cognizant for causing their 2023 cyberattack (but hey, that’s what happens when you treat cybersecurity as someone else’s job).

The Clorox Company has filed a lawsuit against Cognizant Technology Solutions, alleging that the IT services company’s lax security practices directly enabled a major cyberattack that crippled Clorox’s operations in 2023, resulting in estimated damages of $380 million.
Lumma infostealer malware returns after disruption by law enforcement earlier this year.
Posted inCybersecurity News

Lumma infostealer malware returns after disruption by law enforcement earlier this year.

The notorious Lumma Stealer malware, disrupted earlier this year by a major international cybersecurity crackdown, has returned to active operations. Despite a coordinated law enforcement effort that dismantled key elements of Lumma's infrastructure, threat actors behind the info-stealing malware have rebuilt their network and resumed widespread distribution, employing new and increasingly stealthy techniques.
Arch Linux users urged to Firefox browser packages after discovery of malware in the Arch User Repository.
Posted inCybersecurity News

Arch Linux users urged to Firefox browser packages after discovery of malware in the Arch User Repository.

Arch Linux users have been urged to delete several community-maintained Firefox-based browser packages following the discovery of malware in the Arch User Repository (AUR). Security researchers and Arch maintainers identified multiple packages that were distributing a Remote Access Trojan (RAT), prompting swift action to mitigate the threat.
France says they have arrested the administrator of XSS.is, one of the longest-running Russian cybercrime forums on the dark web.
Posted inCybersecurity News

France says they have arrested the administrator of XSS.is, one of the longest-running Russian cybercrime forums on the dark web.

French authorities have confirmed the arrest of a suspected administrator of XSS.is, one of the longest-running Russian-language cybercrime forums on the dark web. The arrest was carried out in Ukraine on July 22, 2025, through a coordinated international operation involving French law enforcement, Ukrainian authorities, and Europol.
CISA adds four known exploited vulnerabilities to the KEV catalog.
Posted inCybersecurity News

CISA adds four known exploited vulnerabilities to the KEV catalog.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added four additional security vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, following evidence of active exploitation in the wild. The inclusion of these vulnerabilities underscores the urgent need for all organizations—particularly federal agencies—to assess exposure and apply necessary mitigations or patches.
New Coyote banking trojan becomes first known instance of a threat actor weaponizing Windows accessibility features.
Posted inCybersecurity News

New Coyote banking trojan becomes first known instance of a threat actor weaponizing Windows accessibility features.

A new strain of the banking trojan known as Coyote is making headlines for exploiting a little-watched but powerful feature within the Windows operating system. Cybersecurity researchers have discovered that this malware is leveraging Microsoft’s UI Automation (UIA) framework, a tool originally designed to assist users with disabilities, to covertly harvest sensitive information and user credentials.
UK sanctions Russia military units, the GRU, and 18 operatives for malicious cyber activity, espionage, and attempted assassinations.
Posted inCybersecurity News

UK sanctions Russia military units, the GRU, and 18 operatives for malicious cyber activity, espionage, and attempted assassinations.

The United Kingdom has announced a new round of sanctions targeting three units of Russia’s military intelligence agency, the GRU, along with 18 of their operatives, in response to a pattern of malicious cyber activity, espionage, and attempted assassinations directed at the UK, Ukraine, and other European allies.