Latest Internet & Cybersecurity News
ISOC Foundation Launches Common Good Cyber Fund with $2M+ Grants
The Internet Society Foundation announced a new global grant program supporting cybersecurity nonprofits, awarding six pilot grants totaling over $2 million. Recipients include Access Now ($400K for digital security helpline), CyberPeace Institute ($300K for CyberPeace Builders), and ISRG ($300K to secure 1B websites with TLS certificates by 2026). An open call for $3.5M more grants opens June 2026.
US Treasury Sanctions Russian Exploit Broker Operation Zero
The US Treasury's OFAC sanctioned Sergey Zelenyuk and his firm Matrix LLC (Operation Zero) for acquiring and selling stolen US government cyber tools. They traded exploits for US software, offered bounties, and sold to foreign intelligence; also sanctioned UAE/Uzbekistan firm Advance Security Solutions.
China, Russia, Iran, North Korea Ramp Up Cyber Threats to US Infrastructure
New threats from UNC groups (e.g., UNC5792, UNC6446) target US critical infrastructure and defense via Signal, resumes, AI recon, tailored phishing. Chinese Volt Typhoon-linked actors like Voltzite persist in infiltrating energy, transport despite warnings; Iranian Pyroxene also active.
Critical Dell RecoverPoint Zero-Day Exploited by Chinese Hackers
CVE-2026-22769 in Dell RecoverPoint for VMs exploited since mid-2024 by UNC6201 using hardcoded credentials for root access and backdoors like SLAYSTYLE. Other vulns: Grandstream VoIP RCE, Microsoft 365 Copilot DLP bypass.
Conduent Data Breach Expands to Affect 25M+ People
Conduent's massive breach, one of the largest ever, now impacts at least 25 million, with 8TB stolen; Texas AG probes as potential biggest US healthcare breach. Follows pattern of ransomware like Change Healthcare's 190M-affected incident.
France FICOBA Bank Registry Breached, Exposing 1.2M Accounts
Data breach of France’s national bank account registry FICOBA via compromised government credentials exposed 1.2 million accounts. Highlights credential management risks.
Ransomware Hits Advantest, Mississippi Medical Center, Ukraine Bank Contractor
Japanese firm Advantest faced partial network encryption; University of Mississippi Medical Center disrupted to manual ops; Ukraine’s central bank contractor supply chain leak exposed customer data.
Cyberattacks Now Top Threat to SMBs, Surpassing Inflation
VikingCloud survey: 84% SMBs face AI-supercharged threats alone; 73% had Wi-Fi disruptions, 46% AI phishing. SMBs plan AI for threat detection (39%), but 34% have outdated tech.
Palo Alto PAN-OS DoS Vuln Allows Firewall Reboot Loops
Critical DoS flaw in PAN-OS ADNS feature crashed firewalls via one packet, pushing to maintenance mode; no wild exploits yet, but urgent patching advised.
Notepad++ Supply Chain Attack by Chinese State Group
Chinese-sponsored hackers hijacked Notepad++ WinGUP updates June-Dec 2025, distributing trojanized installers to select targets; update to 8.9.1 and monitor.
CrowdStrike: Attackers Use AI, Speed Up Attacks in 2025
2026 CrowdStrike report notes rising AI use by attackers targeting trust, with faster execution times.
UFP Technologies Reports Material Cybersecurity Incident
UFP detected suspicious IT activity around Feb 14, 2026, impacting systems.