News

CISA says SaaS providers in firing line after Commvault zero-day Azure attack
CISA said this week that the zero-day gave attackers a way into Commvault's Azure-hosted M365 backup SaaS solution, which ...
Cyberdefense cuts could sap U.S. response to China hacks, insiders say
Some Trump administration officials want to hit back at China for its hacks on U.S. infrastructure — a risky strategy, ...
ExecutiveGov22h
CISA, FBI Release LummaC2 Malware Joint Advisory
The Cybersecurity and Infrastructure Security Agency and the FBI have unveiled a joint cybersecurity advisory highlighting ...
The Hacker News14h
CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud Misconfigs
CISA, which added CVE-2025-3928 to its Known Exploited Vulnerabilities Catalog in late April 2025, said it's continuing to ...
SecurityWeek9h
Companies Warned of Commvault Vulnerability Exploitation
CISA warns companies of a widespread campaign targeting a Commvault vulnerability to hack Azure environments. The ongoing ...
Security Info Watch23h
CISA welcomes new Deputy Director Madhu Gottumukkala
Dr. Gottumukkala will help lead CISA’s mission to understand, manage, and reduce risk to the cyber and physical ...
Trump govt official Madhu Gottumukkala trolled for his Indian origin, MAGA asks how to pronounce this name
Amid the ongoing H-1B row, MAGA activists targeted another Indian-origin official who has recently joined the Donald Trump ...
Nextgov56m
China-linked ‘Silk Typhoon’ hackers accessed Commvault cloud environments, person familiar says
The hacking unit previously infiltrated Treasury Department networks and compromised some of the agency’s most sensitive ...
The National Interest on MSN7h
States Have a TP-Link Problem
TP-Link is under U.S. investigation for security and antitrust concerns. As Congress targets federal risks, states and ...
US local governments targeted by Chinese hackers
Multiple US government agencies were targeted by Chinese hackers, Cisco Talos warns The hackers used a bug in Trimble ...
SecurityWeek10h
Cityworks Zero-Day Exploited by Chinese Hackers in US Local Government Attacks
A Chinese threat actor exploited a zero-day vulnerability in Trimble Cityworks to hack local government entities in the US.
CSO Online8h
Beijing may have breached US government systems before Cityworks plugged a critical flaw
Talos' research revealed that Chinese hackers are actively exploiting the flaw to execute code and attempt persistence on ...