Kirsten Doyle

Between August and October 2025, a tightly targeted phishing campaign tricked Colombian and other Spanish-speaking users into opening what looked like official court notices, Cyber Security News reports. The lure in this instance, is lawsuits and labor-court paperwork. The bait was believable, and the fallout was full system access. Victims received emails that masqueraded as messages from Colombia’s Attorney General’s office. Each message carried an SVG attachment. That file pointed to a Google Drive preview.   Click the preview and a download begins. The download is a password-protected ZIP. Inside sits an executable with a judiciary-themed name. It looks official, but…

US pharmacy benefit manager MedImpact confirmed that a ransomware attack was behind recent system outages, after the Qilin gang claimed responsibility and said it had exfiltrated company data.  The San Diego–based firm, which serves more than 50 million members and processes over a million healthcare claims each day, said it had identified “ransomware on certain systems” and immediately began “implementing containment and mitigation measures.” “MedImpact is currently working to restore impacted systems in a new environment that is segregated from the prior infrastructure and protected by multiple layers of defense,” the company said. It added that pharmacy claims for all…

Cybercriminals have posted data online allegedly containing the personal and financial details of HSBC USA customers, including bank account numbers, transaction records, and Social Security numbers. Researchers at Cybernews say early indicators suggest the leak may be legitimate, HSBC insists its systems remain uncompromised. The attackers published the data on a well-known leak forum commonly used to trade or publicize stolen information. They claimed the database was obtained through a “coordinated effort.” The post includes a sample dataset that apparently lists customer names, addresses, birthdates, phone numbers, emails, stock orders, and account details. In response to the threat actor’s claims,…

X is warning users to re-enroll their hardware security keys or passkeys before 10 November, or risk being locked out of their accounts. In a series of posts on the platform, X said the change affects only users who use hardware-based security keys, such as YubiKeys, or passkeys, both considered among the most secure forms of two-factor authentication (2FA).  “By November 10, we’re asking all accounts that use a security key as their two factor authentication (2FA) method to re-enroll their key to continue accessing X. You can re-enroll your existing security key, or enroll a new one,” the company…

Multiple contractors say they haven’t been paid by Nova Scotia Power in months (with some owed hundreds of thousands of dollars)  after a cyberattack crippled the utility’s systems earlier this year.  This was reported by CBC News. One CEO says his company is owed around $60,000 to $70,000. “We’re being told it was the data breach,” he told CBC. “It’s important that they’re held accountable and that they pay their contractors on time, because we all pay our power bills on time.” He said he can weather the delay but worries about smaller firms. “They’re going to get their money,”…

A new security report by NeuralTrust has revealed a critical vulnerability in OpenAI’s Atlas, one that blurs the line between trusted user intent and untrusted web content. The flaw allows malefactors to disguise malicious instructions as URL-like text, effectively turning the omnibox (Atlas’s combined search and address bar) into a prompt injection vector capable of executing harmful commands.  The discovery shines a light on a growing challenge in “agentic browsing,” where AI systems act on natural-language input and perform real actions on behalf of users. When the AI can’t clearly distinguish between what the user wants and what the web…

Several U.S. municipalities reported cyber incidents this week, disrupting key public services. In Texas, Kaufman County (just outside Dallas) said a cyberattack discovered Monday took down multiple county systems. A local news outlet reported that courthouse computers were among those affected. In La Vergne, Tennessee, officials are investigating a network intrusion that shut down city operations. Since the attack was detected on Friday, government offices have remained closed, online payment systems for water bills and property taxes have been taken offline, and court hearings have been postponed. And in Indiana, Dekalb County disclosed last month that a cyber incident left…

IBM says it has reached a major step forward in making quantum computing more practical and affordable. In a research paper set for release today, the company told Reuters that one of its core quantum algorithms can now run in real time on chips made by Advanced Micro Devices (AMD). The algorithm is designed to tackle one of quantum computing’s biggest challenges: high error rates that can overwhelm calculations before they produce meaningful results. By running the algorithm on a widely available AMD field-programmable gate array (FPGA) rather than a costly, custom-built chip, IBM says it’s paving the way for…

When we shared the first article in this series, the response was overwhelming. From security professionals to everyday users, one message came through: people want practical, real-world ways to stay safe online. So, as the month draws to a close, we decided to do a second edition, one that looks at other questions, challenges, and ideas. Cybersecurity awareness doesn’t end with a single campaign or a list of best practices. It’s an evolving mindset. The threats and tools change, and so must our approach. In this follow-up, we look at how the experts move beyond awareness toward lasting digital resilience. …

A sophisticated one-day spearphishing operation has targeted humanitarian organizations and regional government bodies in Ukraine. The campaign, tracked as PhantomCaptcha, was uncovered by SentinelLabs in collaboration with the Digital Security Lab of Ukraine. Bad actors masquerading as the Ukrainian President’s Office sent weaponized PDF attachments to members of the International Red Cross, Norwegian Refugee Council, UNICEF, and Ukrainian regional administrations.   Opening the PDF led to a fake Cloudflare captcha page, part of a carefully staged infection chain that deliverd a WebSocket-based RAT hosted on Russian-owned infrastructure. Despite what must have been months of preparation, the operation was active for only…