Jonathan Greig reports: More than 70 countries signed the landmark UN Convention against Cybercrime in Hanoi this weekend, a significant step in the yearslong effort to create a global mechanism to counteract digital crime. The U.K. and European Union joined China, Russia, Brazil, Nigeria and dozens of other nations in signing the convention, which lays out new…
Another plastic surgery practice fell prey to a cyberattack that acquired patient photos and info
Another plastic surgeon has become the victim of a cyberattack that involved patient information and photographs. On October 23, Michael R. Schwartz, MD, FACS, notified the California Attorney General’s Office that, on August 25, they became aware of remote, unauthorized access to one of their computers. Investigators found that an unauthorized party had accessed patient…
How a hacking gang held Italy’s political elites to ransom
Antoneta Roussi and Hannah Roberts report: Nothing about the sand-colored façade of the palazzo tucked behind Milan’s Duomo cathedral suggested that inside it a team of computer engineers were building a database to gather private and damaging information about Italy’s political elite — and use it to try to control them. The platform, called Beyond,…
Uncovering Qilin attack methods exposed through multiple cases
Takahiro Takeda, Jordyn Dunk, James Nutland, Michael Szeliga of Talos write: In the second half of 2025, the ransomware group Qilin has continued to publish victim information on its leak site at a pace of more than 40 cases per month, making it one of the most impactful ransomware groups worldwide. The manufacturing sector has…
Predatory Sparrow Strikes: Coordinated Cyberattacks Seek to Cripple Iran’s Critical Infrastructure
Mayura Kathir reports: A sophisticated cyber-sabotage group known as Predatory Sparrow has emerged as one of the most destructive threat actors targeting Iranian critical infrastructure over the past several years. Unlike traditional cybercriminal operations focused on financial gain, this group executes highly disruptive campaigns designed to cripple essential services, destroy sensitive data, and send provocative…
Ex-CISA head thinks AI might fix code so fast we won’t need security teams
Joe Fay reports: Ex-CISA head Jen Easterly claims AI could spell the end of the cybersecurity industry, as the sloppy software and vulnerabilities that criminals rely on will be tracked down faster than ever. Speaking at AuditBoard’s user conference in San Diego, Easterly said the threat landscape has never stopped evolving. The proliferation of data,…