#incident-response
8 articles
Government, cybersecurity, and financial services sectors were the most heavily impacted in a wave of incidents covered between April 13 and May 11, 2026, with Europe and North America among the top affected regions. The 17 articles in this archive feature a severity mix of nine high, two critical, one medium, and one informational report. The most prominent vulnerability was CVE-2025-59718, carrying a CVSS score of 9.8. Coverage spans activity across global, United States, and Venezuelan contexts.
HIGHActive Directory Password Resets Fail to Expel Attackers
Specops Software explains how cached credentials, Kerberos tickets, and ACL persistence let attackers survive password resets in AD and hybrid Entra ID environments.
HIGHTrellix Breach: Source Code Repository Compromised
Trellix confirmed attackers accessed a portion of its source code repository. The firm engaged forensic experts and notified law enforcement. No customer data impact disclosed.
HIGHEx-Incident Responders Sentenced to 4 Years for Ransomware Attacks
Two cybersecurity incident responders who abused client access to deploy ransomware were sentenced to 4 years in prison — a rare case of responders turning attackers.
HIGHCISA Details FCEB Agency Breach Response Lessons Learned
CISA's incident response at a U.S. federal agency uncovered gaps in EDR alert triage, credential hygiene, and network segmentation — three lessons for all defenders.
CRITICALFortiGate SSO Bypass CVE-2025-59718 Exploited in Active Attacks
Rapid7 IR confirms active exploitation of CVE-2025-59718 — a 9.8-CVSS FortiGate SSO bypass — enabling attackers to gain persistent admin access on unpatched appliances.
HIGHLotus Wiper Targets Venezuelan Energy Sector Before US Intervention
Lotus Wiper malware targeted Venezuela's state-owned energy firm PDVSA, destroying data by overwriting drives and deleting files before a US-led intervention in March 2026.
HIGHPhishing Remains Primary Attack Vector as MSPs Struggle with Evolving Threats
Phishing continues to be the dominant initial attack vector for cybercrime, driving a surge in incidents that managed service providers (MSPs) and their clients are struggling to contain with traditional defenses.
MEDIUMBooking.com Confirms Data Breach via Social Engineering Attack
Booking.com confirms a data breach where attackers used social engineering to compromise employee accounts and access customer travel booking information. The company states the incident has been contained.
Stay Updated
Get the latest cybersecurity news delivered to your inbox.