Threats Archives

PowerSchool customers hit by downstream extortion threats

The large education tech vendor was hit by a cyberattack and paid a ransom in December. Now, a threat actor is attempting to extort the company’s customers…

2 days ago By Matt Kapko

Amazon, CrowdStrike, Google and Palo Alto Networks claim no change to threat intel sharing under Trump

Top security leaders at some of the largest tech and cybersecurity vendors said public-private collaborative work continues, despite budget cuts and personnel changes.

May 2, 2025 By Matt Kapko

Safe Mode

Recorded Future’s Alexander Leslie on the ‘MarkoPolo’ traffer team

Greg talks with Alexander Leslie, Threat Intelligence Analyst for Recorded Future’s Insikt Group

May 1, 2025 By CyberScoop Staff

Traffic streaks past the Department of Justice (DOJ) headquarters building late in the evening on May 18, 2024 in Washington, DC. (Photo by J. David Ake/Getty Images)

Leaders of 764, global child sextortion group, arrested and charged

The Justice Department accuses two men of running a “network of nihilistic violent extremists” who engaged in and facilitated the grooming, manipulation and extortion of minors.

May 1, 2025 By Matt Kapko

North Korean operatives have infiltrated hundreds of Fortune 500 companies

Security leaders at Mandiant and Google Cloud say nearly every major company has hired or received applications from North Korean nationals working on behalf of the country’s…

Apr 30, 2025 By Matt Kapko

Conceptual hacking background — (Suebsiri / Getty Images)

Amazon, CrowdStrike leaders say private threat intel can quickly bring cybercriminals to justice

Threat intel experts expounded on how their data does not only serve to temporarily disrupt malicious activity, but find, arrest and convict cybercriminals for their offenses.

Apr 29, 2025 By Matt Kapko

Cybersecurity vendors are themselves under attack by hackers, SentinelOne says

“It’s practically taboo” for cyber firms to talk about being targeted, but SentinelLabs said in a new report that it has observed multiple threats.

Apr 28, 2025 By Tim Starks

SAP software is used throughout the Fortune 500. The company is dealing with a critical software bug disclosed this week. (Getty Images)

SAP zero-day vulnerability under widespread active exploitation

Researchers attribute the attacks to an initial access broker who is exploiting the 10.0 critical vulnerability.

Apr 25, 2025 By Matt Kapko

Safe Mode

Verizon’s Alex Pinto on the takeaways from the 2025 DBIR

Alex Pinto, Associate Director of Threat Intelligence at Verizon Business

Apr 24, 2025 By CyberScoop Staff

The four most frequently exploited vulnerabilities were all contained in edge devices, such as VPNs, firewalls and routers. (Getty Images)

Attackers hit security device defects hard in 2024

Mandiant said exploits were the most common initial access vector last year, linking software defects to 1 in 3 attacks. The most commonly exploited vulnerabilities affected network…

Apr 23, 2025 By Matt Kapko