Researchers at the OpenJS Foundation said Monday that they “received a suspicious series of emails with similar messages, bearing different names and overlapping GitHub-associated emails.”

The gang, which researchers at the Moscow-based cybersecurity company F.A.C.C.T. have dubbed “Muliaka," or Muddy Water in English, has left minimal traces from its attacks but has likely been active since at least December 2023.

The U.S. Chamber of Commerce and multiple industry leaders are calling for a month-long extension of the 60-day comment period for a new incident reporting rule being issued by the top cybersecurity agency in the U.S.

The Federal Communications Commission (FCC) says it is taking action to address significant weaknesses in telecommunications networks that can enable cybercrime and spying.

A classic type of fraud — when a crook impersonates a business or a government agency — appears to be bigger than ever, according to federal statistics, and it’s now most likely to begin via text message or email instead of a phone call.

The National Institute of Standards and Technology (NIST) blamed increases in the volume of software and “a change in interagency support” for the recent backlog of vulnerabilities analyzed in the organization’s National Vulnerability Database (NVD).

“Through the investigation, we learned that the unauthorized third party gained access to our network on February 4, 2024, and removed a small percentage of personal information from our systems,” the breach notification letters said.

On Saturday, India’s Ministry of External Affairs responded to local media reports about Indians trapped in Cambodia, saying they are closely collaborating with Cambodian authorities to rescue them.

The UK's independent nuclear safety regulator has announced that it will be prosecuting the company managing the Sellafield nuclear site over “alleged information technology security offenses during a four year period between 2019 and early 2023.”

The strategy, which covers fiscal years 2024 through 2027, lays out four topline goals, such as improving best practices within the industrial base. Each goal contains a subset of objectives, such as being able to recover from a cyberattack.