County Government Reportedly Paid $1 Million to Cyber Extortion Group

County Government Reportedly Paid $1 Million to Cyber Extortion Group

The alleged victim, believed to be a small Ohio county, reportedly paid the extortion group to prevent the public release of sensitive stolen data. The post County Government Reportedly Paid $1 Million to Cyber Extortion Group appeared first on SecurityWeek.

Critical Gitea Flaw Under Active Exploitation, Researchers Warn

Critical Gitea Flaw Under Active Exploitation, Researchers Warn

Attackers are exploiting the critical Gitea vulnerability CVE-2026-20896 to bypass authentication with a single HTTP header and access vulnerable repositories and secrets. The post Critical Gitea Flaw Under Active Exploitation, Researchers Warn appeared first on SecurityWeek.

CISA Reportedly Using Anthropic’s Mythos to Scan Government Software for Flaws

CISA Reportedly Using Anthropic’s Mythos to Scan Government Software for Flaws

The audits are reportedly being spearheaded by CISA’s Attack Surface Evaluation team, a specialized unit tasked with conducting digital defense assessments and simulated hacking exercises. The post CISA Reportedly Using Anthropic’s Mythos to Scan Government Software for Flaws appeared first on SecurityWeek.

Critical Adobe ColdFusion Vulnerability Exploited in Attacks

Critical Adobe ColdFusion Vulnerability Exploited in Attacks

Hackers are exploiting a recently patched critical vulnerability (CVE-2026-48282) in Adobe ColdFusion that carries a CVSS score of 10/10. The post Critical Adobe ColdFusion Vulnerability Exploited in Attacks appeared first on SecurityWeek.

Iran-Linked Hackers Using Modular C&C Framework in Cyberattacks

Iran-Linked Hackers Using Modular C&C Framework in Cyberattacks

Researchers say the Iran-linked threat actor used an adaptable modular malware framework and compromised IT service providers to reach high-value targets in Israel. The post Iran-Linked Hackers Using Modular C&C Framework in Cyberattacks appeared first on SecurityWeek.