Extradited Armenian Tied to Ryuk Ransomware Faces US Trial

Mathew J. Schwartz • July 17, 2025

A 33-year-old Armenian man, Karen Vardanyan, accused of facilitating Ryuk ransomware attacks against numerous organizations, is due to stand trial in the U.S. in August. The FBI said the Ryuk operation earned at least $15 million in cryptocurrency ransom payments from victims.

Cybercrime

Attackers Now 'Scanning Extensively' for Citrix Bleed 2

Latest

Anti-Phishing, DMARC

China-Backed Hackers Intensify Attacks on Taiwan Chipmakers

Prajeet Nair • July 17, 2025

Chinese state-aligned hackers have ramped up espionage efforts against Taiwan's semiconductor ecosystem through spear-phishing campaigns. Three distinct threat actors targeted chipmakers, packaging and testing firms, equipment suppliers and financial analysts.

Active Directory

Golden dMSA Flaw Exposes Firms to Major Credential Theft

Prajeet Nair • July 17, 2025

A critical cryptographic flaw in Windows Server 2025's delegated Managed Service Accounts, or dMSAs, allows attackers to generate passwords for every managed service account across an Active Directory forest and create a backdoor, Semperis researchers found.

Cyberwarfare / Nation-State Attacks

Salt Typhoon Hit National Guard Network in 'Extensive' Hack

Chris Riotta • July 17, 2025

A newly released Department of Homeland Security memo revealed the Chinese cyberespionage group Salt Typhoon infiltrated a state Army National Guard network for nine months in 2024, stealing sensitive military data that could support future targeting of Guard units and cyber defense personnel.

Security Operations

Coro's New CEO Prioritizes Channel-Driven Global Expansion

Michael Novinson • July 17, 2025

As Coro's new CEO, Joe Sykora is steering the SMB cybersecurity platform provider toward rapid international growth with a 100% partner-focused strategy, revamped operations and new tools for MSPs in an effort to dominate the underserved small and midsize business cybersecurity market.

Data Breach Notification

Dermatology, Imaging Hacks Expose 3.3 Million Patients' PHI

Marianne Kolbasuk McGee • July 17, 2025

A Maryland dermatology practice and a Virginia radiology organization have each reported to regulators separate hacking incidents that in total affected the information of more than 3.3 million patients. The incidents rank among the five largest health data breaches reported in 2025 so far.

Cloud Security

Wiz Deal Highlights Google's Multi-Cloud Security Strategy

Michael Novinson • July 17, 2025

COO Francis deSouza shares insights into Google Cloud’s security priorities as it pursues the $32 billion acquisition of Wiz. He explains the need for seamless multi-cloud protection, the value of Mandiant's threat intelligence, and how AI is changing threat detection and response at scale.

Cryptocurrency Fraud

Cryptohack Roundup: Abacus Market's Suspected Exit Scam

Rashmi Ramesh • July 17, 2025

Abacus Market's suspected exit scam, crypto scammer gets 12 years for dodging restitution, GMX exploiter returns funds, BigOne's $27M hack, Arcadia Finance's $3.5M theft, NZ woman's trial for alleged murder and a DOJ crypto fraud filing's potential unmasking of MoonPay victims.

Cyberwarfare / Nation-State Attacks

It's Time to Include Geopolitical Risk in Defense Planning

Anna Delaney • July 17, 2025

Geopolitical tensions are no longer limited to headlines or high-level diplomacy. They drive cyber risk, supply chain disruption and regulatory fragmentation. CyXcel's Megha Kumar makes the case for why companies need to take notice and embed geopolitical risks in ongoing security planning.

Governance & Risk Management

Lansweeper Purchases Redjack to Strengthen Asset Discovery

Michael Novinson • July 17, 2025

Lansweeper has acquired Redjack to combine detailed scanning with passive discovery, offering real-time asset inventories that fuel zero trust, business continuity and attack surface management. The combined offering enhances support for cybersecurity through automation and real-time data.

Application Security

UK NCSC Announces Software Vulnerability Initiative

Akshaya Asokan • July 16, 2025

The U.K. NCSC will collaborate with industry experts for vulnerability detection and mitigation as part of its latest Vulnerability Research Initiative. The announcement comes on the heels of funding concerns for the U.S. government-based Common Vulnerabilities and Exposures program.

3rd Party Risk Management

North Korea Floods NPM Registry with Malware

Prajeet Nair • July 16, 2025

North Korean threat actors escalated their software supply chain attacks by uploading 67 new malicious packages to the npm Registry as part of the ongoing Contagious Interview campaign. The malware targets open-source JavaScript developers with malware loaders.

Geo Focus: Asia

Overcoming the Myths About 5G and OT Security

Suparna Goswami • July 16, 2025

Digital transformation - which now includes a convergence of cloud-based applications, AI and OT systems - introduces new threat vectors particularly as legacy systems struggle to adapt. Speakers at the 5G OT Security Summit discussed cyber defenses and policies and for securing OT systems.