Craig Bowman, Trellix Craig Bowman’s resume has a gap he couldn’t fill in for years. What reads as an early career in defense contracting was, in reality, a recruitment into the clandestine service. That background — learning to map influence networks, reduce risk and move in zero-fail environments — turned out to be surprisingly good...Read More

Apple iPhone hack warning: Apple is warning iPhone users to update their devices as new cybersecurity research reveals that powerful hacking tools are being used to target phones running older versions of iOS. iPhone Security Alert: Why Apple Is Urging Immediate Updates According to findings from Google and cybersecurity firms iVerify and Lookout, two exploit...Read More

The Warlock ransomware first appeared in June 2025 and made an impact weeks later, after attackers deploying it were discovered exploiting the ToolShell zero-day vulnerability in Microsoft SharePoint (CVE-2025-53770) on July 19, 2025.  Warlock is an unusual threat. Unlike many ransomware operations, which are headquartered in Russia or other countries in the Commonwealth of Independent...Read More

Apple is encouraging customers to update their phones to the latest operating system. It comes in response to new cybersecurity research that suggests hackers from Russia and China have been taking over phones running older versions of iOS. Tools called exploit kits can give hackers deep remote access to victims’ phones, but Apple’s latest operating...Read More

Chaos. Cancellations. Reputational harm. Financial loss. All of these hit Heathrow, Brussels, and Berlin airports in September after a ransomware attack crippled a critical passenger system, Collins Aerospace’s Multi User System Environment (MUSE). The result was a cascade of massive delays, at least 217 canceled flights, thousands of affected passengers, and likely millions of euros...Read More

Unknown baddies are abusing yet another critical Microsoft SharePoint bug to compromise victims’ SharePoint servers, the US government warned. CVE-2026-20963 is a critical deserialization flaw in SharePoint that allows unauthenticated attackers to remotely execute code on the server without any user interaction, and Redmond fixed the issue as part of its January Patch Tuesday. At...Read More

Ransomware actors are extorting bigger payments from a smaller number of victims, as the number of those victims surges but overall revenues fall, according to Chainalysis. The blockchain analytics firm revealed in its analysis of cryptocurrency payments to threat actors that the overall figure tumbled 8% year-on-year (YoY) to $820m in 2025. Although the figure...Read More

A new analysis of endpoint detection and response (EDR) killers has revealed that 54 of them leverage a technique known as bring your own vulnerable driver (BYOVD) by abusing a total of 34 vulnerable drivers. EDR killer programs have been a common presence in ransomware intrusions as they offer a way for affiliates to neutralize...Read More

The FBI has seized two sites belonging to the pro-Iranian hacking group behind the data-wiping cyberattack on US medical equipment provider Stryker.  The two sites for the hacking group Handala have been spotted displaying seizure notices that say the FBI received a court warrant to take over the domains.  “​This seizure is part of a...Read More

The FBI has seized two sites belonging to the pro-Iranian hacking group behind the data-wiping cyberattack on US medical equipment provider Stryker.  The two sites for the hacking group Handala have been spotted displaying seizure notices that say the FBI received a court warrant to take over the domains.  “​This seizure is part of a...Read More