<!DOCTYPE html><html lang="en"><head><meta charSet="utf-8"/><meta name="viewport" content="width=device-width"/><title>Cyber Security News | The Record from Recorded Future News</title><meta property="og:site_name" content="The Record from Recorded Future"/><meta property="og:title" content="Cyber Security News | The Record from Recorded Future News"/><meta property="og:type" content="website"/><meta property="og:description" content="Stay updated on the latest cyber security news. The Record from Recorded Future News gives exclusive access to leaders, policymakers, and the cyber underground."/><meta name="description" content="Stay updated on the latest cyber security news. The Record from Recorded Future News gives exclusive access to leaders, policymakers, and the cyber underground."/><meta property="og:image" content="https://cms.therecord.media/uploads/primary_logo_rgb_carrot_d6e486d746.svg"/><meta name="twitter:title" content="Cyber Security News | The Record from Recorded Future News"/><meta name="twitter:image" content="https://cms.therecord.media/uploads/primary_logo_rgb_carrot_d6e486d746.svg"/><meta name="twitter:description" content="Stay updated on the latest cyber security news. The Record from Recorded Future News gives exclusive access to leaders, policymakers, and the cyber underground."/><meta name="twitter:card" content="summary_large_image"/><link rel="icon" href="/favicon.ico"/><link rel="alternate" hrefLang="x-default" href="https://therecord.media/"/><link rel="icon" sizes="16x16 32x32 64x64" href="/favicon.ico"/><link rel="icon" type="image/png" sizes="196x196" href="/favicon-192.png"/><link rel="icon" type="image/png" sizes="32x32" href="/favicon-32.png"/><link rel="icon" type="image/png" sizes="16x16" href="/favicon-16.png"/><link rel="apple-touch-icon" sizes="180x180" href="/favicon-180.png"/><script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0], j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src= 'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f); })(window,document,'script','dataLayer','GTM-PVJ5W86');</script><script>var _paq = window._paq = window._paq || []; /* tracker methods like "setCustomDimension" should be called before "trackPageView" */ _paq.push(["setDocumentTitle", document.domain + "/" + document.title]); _paq.push(["setCookieDomain", "*.therecord.media"]); _paq.push(['trackPageView']); _paq.push(['enableLinkTracking']); (function() { var u="https://recordedfuture.matomo.cloud/"; _paq.push(['setTrackerUrl', u+'matomo.php']); _paq.push(['setSiteId', '2']); var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0]; g.type='text/javascript'; g.async=true; g.src='//cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js'; s.parentNode.insertBefore(g,s); })();</script><script>var _mtm = window._mtm = window._mtm || []; _mtm.push({'mtm.startTime': (new Date().getTime()), 'event': 'mtm.Start'}); var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0]; g.type='text/javascript'; g.async=true; g.src='https://cdn.matomo.cloud/recordedfuture.matomo.cloud/container_41sBJe2I.js'; s.parentNode.insertBefore(g,s);</script><link rel="preload" href="https://cms.therecord.media/uploads/The_Record_Centered_9b27d79125.svg" as="image" fetchpriority="high"/><link rel="preload" href="https://cms.therecord.media/uploads/format_webp/small_haugh_senate_hearing_20250325_2d6518fdcb.png" as="image" fetchpriority="high"/><link rel="preload" href="https://cms.therecord.media/uploads/format_webp/small_adrien_D5k_Dc_F1_Jv_EM_unsplash_25b82e6793.jpg" as="image" fetchpriority="high"/><link rel="preload" href="https://cms.therecord.media/uploads/format_webp/small_seattle_airport_c3cbeae865.jpg" as="image" fetchpriority="high"/><link rel="preload" href="https://cms.therecord.media/uploads/format_webp/small_michael_dziedzic_O99b_Ww_DM_Ba8_unsplash_a9f4479abf.jpg" as="image" fetchpriority="high"/><link rel="preload" href="https://cms.therecord.media/uploads/format_webp/small_Aussiedollars_336351082c.jpg" as="image" fetchpriority="high"/><link rel="preload" href="https://cms.therecord.media/uploads/format_webp/small_jail_prison_6a0cef6881.jpg" as="image" fetchpriority="high"/><meta name="next-head-count" content="29"/><link rel="preload" href="/_next/static/media/a34f9d1faa5f3315-s.p.woff2" as="font" type="font/woff2" crossorigin="anonymous" data-next-font="size-adjust"/><link rel="preload" href="/_next/static/css/03ebbbf8df5e4f21.css" as="style"/><link rel="stylesheet" href="/_next/static/css/03ebbbf8df5e4f21.css" data-n-g=""/><link rel="preload" href="/_next/static/css/ef46db3751d8e999.css" as="style"/><link rel="stylesheet" href="/_next/static/css/ef46db3751d8e999.css" data-n-p=""/><noscript data-n-css=""></noscript><script defer="" nomodule="" src="/_next/static/chunks/polyfills-42372ed130431b0a.js"></script><script src="/_next/static/chunks/webpack-6ef43a8d4a395f49.js" defer=""></script><script src="/_next/static/chunks/framework-64ad27b21261a9ce.js" defer=""></script><script src="/_next/static/chunks/main-be7cba59a887cc81.js" defer=""></script><script src="/_next/static/chunks/pages/_app-2b1ef596989b668c.js" defer=""></script><script src="/_next/static/chunks/61-d5fc4e6ac9a5e0d2.js" defer=""></script><script src="/_next/static/chunks/432-a989985b2b7ae427.js" defer=""></script><script src="/_next/static/chunks/pages/%5B%5B...slug%5D%5D-ef255838b2869994.js" defer=""></script><script src="/_next/static/7zZRTogRkYCZIPydVQ19Y/_buildManifest.js" defer=""></script><script src="/_next/static/7zZRTogRkYCZIPydVQ19Y/_ssgManifest.js" defer=""></script></head><body><div id="__next"><div class=""><main class="__variable_d65c78 font-sans"><section class="flex flex-col min-h-screen"><noscript><p><img alt="" src="https://recordedfuture.matomo.cloud/matomo.php?idsite=2&amp;rec=1" style="border:0"/></p></noscript><noscript><iframe height="0" src="https://www.googletagmanager.com/ns.html?id=GTM-PVJ5W86" style="display:none;visibility:hidden" title="Google Tag Manager" width="0"></iframe></noscript><header class="header z-30 bg-white"><div class="mx-auto px-5 md:px-8 lg:px-12 xl:px-20 2xl:px-40 max-w-layout w-full"><div class="flex flex-wrap items-center z-100"><h1 class="header__logo"><a href="/"><img alt="Cyber Security News | The Record" fetchpriority="high" decoding="async" data-nimg="fill" style="position:absolute;height:100%;width:100%;left:0;top:0;right:0;bottom:0;object-fit:contain;color:transparent" src="https://cms.therecord.media/uploads/The_Record_Centered_9b27d79125.svg"/></a></h1><button class="header__nav-btn lg:hidden" id="nav-btn-mobile" role="button" aria-label="Toggle navigation menu"><span class="text-orange text-lg icon-menu"></span></button><div class="header__menu "><ul class="header__nav header__nav--primary"><li class="hover:text-[#E06B2C] transition delay-150 duration-300 ease-in-out"><a href="/news/leadership"><span class="wysiwyg-parsed-content"><p>Leadership</p></span></a></li><li class="hover:text-[#E06B2C] transition delay-150 duration-300 ease-in-out"><a href="/news/cybercrime"><span class="wysiwyg-parsed-content"><p>Cybercrime</p></span></a></li><li class="hover:text-[#E06B2C] transition delay-150 duration-300 ease-in-out"><a href="/news/nation-state"><span class="wysiwyg-parsed-content"><p>Nation-state</p></span></a></li><li class="hover:text-[#E06B2C] transition delay-150 duration-300 ease-in-out"><a href="/news/elections"><span class="wysiwyg-parsed-content"><p>Elections</p></span></a></li><li class="hover:text-[#E06B2C] transition delay-150 duration-300 ease-in-out"><a href="/news/technology"><span class="wysiwyg-parsed-content"><p>Technology</p></span></a></li></ul><ul class="header__nav header__nav--secondary"><li><a href="https://therecord.media/subscribe"><span class="wysiwyg-parsed-content"><p>Cyber Daily®</p></span></a></li><li><a href="/podcast"><span class="wysiwyg-parsed-content"><p>Click Here Podcast</p></span></a></li></ul><div class="header__search lg:hidden"><div class="search-bar search-bar--header"><form><span class="text-black text-sm icon-search"></span><input name="s" placeholder="Search…" type="text" value=""/><button type="submit">Go</button></form></div></div><div class="lg:hidden header__newsletter"><button class="flex items-center"><svg class="inline-block mr-[5px]" width="27px" height="27px" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" clip-rule="evenodd" d="M3.75 5.25L3 6V18L3.75 18.75H20.25L21 18V6L20.25 5.25H3.75ZM4.5 7.6955V17.25H19.5V7.69525L11.9999 14.5136L4.5 7.6955ZM18.3099 6.75H5.68986L11.9999 12.4864L18.3099 6.75Z" fill="#000000"></path></svg>Subscribe to The Record</button></div><button class="hidden lg:block header__search-btn " id="search-btn" role="button" aria-label="Open search input"><span class="text-black text-md icon-search"></span></button><a class="header__cta hidden lg:block !leading-[140%] hover:bg-black hover:border-black transition delay-150 duration-200 ease-in-out" href="/subscribe"><span class="text-[16px] font-bold flex items-center justify-center"><span class="wysiwyg-parsed-content"><p>✉️ Free Newsletter</p></span></span></a></div></div></div></header><div class="-mt-[20px] mb-[20px] mx-auto px-5 md:px-8 lg:px-12 xl:px-20 2xl:px-40 max-w-layout w-full"><div class="news-ticker__wrap"><div class="news-ticker__popup" tabindex="-1"></div></div></div><div class="flex-auto mx-auto px-5 md:px-8 lg:px-12 xl:px-20 2xl:px-40 max-w-layout w-full"><main class="page-main transition duration-500" style="filter:blur(0px)"><div class="featured-articles"><a class="featured-articles__article" href="/gen-timothy-haugh-fired-nsa-cyber-command-trump"><div class="featured-articles__img"><img alt="Gen. Timothy Haugh" fetchpriority="high" decoding="async" data-nimg="fill" style="position:absolute;height:100%;width:100%;left:0;top:0;right:0;bottom:0;object-fit:cover;color:transparent" src="https://cms.therecord.media/uploads/format_webp/small_haugh_senate_hearing_20250325_2d6518fdcb.png"/></div><div class="featured-articles__details"><h2>Haugh fired from leadership of NSA, Cyber Command</h2></div></a><a class="featured-articles__article" href="/maryland-pharmacist-keylogger-spying-lawsuit"><div class="featured-articles__img"><img alt="keyboard" fetchpriority="high" decoding="async" data-nimg="fill" style="position:absolute;height:100%;width:100%;left:0;top:0;right:0;bottom:0;object-fit:cover;color:transparent" src="https://cms.therecord.media/uploads/format_webp/small_adrien_D5k_Dc_F1_Jv_EM_unsplash_25b82e6793.jpg"/></div><div class="featured-articles__details"><h2>Maryland pharmacist used keyloggers to spy on coworkers for a decade, victim alleges</h2></div></a><a class="featured-articles__article" href="/port-of-seattle-says-90000-impacted-in-2024-ransomware-attack"><div class="featured-articles__img"><img alt="seattle airport" fetchpriority="high" decoding="async" data-nimg="fill" style="position:absolute;height:100%;width:100%;left:0;top:0;right:0;bottom:0;object-fit:cover;color:transparent" src="https://cms.therecord.media/uploads/format_webp/small_seattle_airport_c3cbeae865.jpg"/></div><div class="featured-articles__details"><h2>Port of Seattle says 90,000 people impacted in 2024 ransomware attack</h2></div></a></div><section class="my-10 lg:my-12 first-of-type:mt-0"><div class="latest-articles"><h2 class="latest-articles__heading">Latest Cyber Security News</h2><div class="latest-articles__list"><a class="flex flex-wrap flex-col" href="/cisa-ivanti-firewall-bug-exploitation"><div class="w-full mb-2"><div class="w-full pt-[58%] relative"><img alt="Ivanti" fetchpriority="high" width="300" height="290" decoding="async" data-nimg="1" class="w-full h-full absolute inset-0" style="color:transparent;object-fit:cover" src="https://cms.therecord.media/uploads/format_webp/small_michael_dziedzic_O99b_Ww_DM_Ba8_unsplash_a9f4479abf.jpg"/></div></div><div class="flex-1"><h2 class="text-lg mb-2 leading-7 md:leading-6 font-bold">CISA warns of latest Ivanti firewall bug being exploited by suspected Chinese hackers</h2><div class="divide-x gap-2"><span class="text-xs pr-2"><span class="article-tile__meta__editor">Jonathan Greig</span></span><span class="text-xs border-none -ml-1">| April 4th, 2025</span></div></div></a><a class="flex flex-wrap flex-col" href="/cybercriminals-australia-hacking-campaign-pension"><div class="w-full mb-2"><div class="w-full pt-[58%] relative"><img alt="Australia dollar" fetchpriority="high" width="300" height="290" decoding="async" data-nimg="1" class="w-full h-full absolute inset-0" style="color:transparent;object-fit:cover" src="https://cms.therecord.media/uploads/format_webp/small_Aussiedollars_336351082c.jpg"/></div></div><div class="flex-1"><h2 class="text-lg mb-2 leading-7 md:leading-6 font-bold">Cybercriminals are trying to loot Australian pension accounts in new campaign</h2><div class="divide-x gap-2"><span class="text-xs pr-2"><span class="article-tile__meta__editor">Alexander Martin</span></span><span class="text-xs border-none -ml-1">| April 4th, 2025</span></div></div></a><a class="flex flex-wrap flex-col" href="/russia-jails-hacker-over-cyberattack-on-tech-firm"><div class="w-full mb-2"><div class="w-full pt-[58%] relative"><img alt="prison" fetchpriority="high" width="300" height="290" decoding="async" data-nimg="1" class="w-full h-full absolute inset-0" style="color:transparent;object-fit:cover" src="https://cms.therecord.media/uploads/format_webp/small_jail_prison_6a0cef6881.jpg"/></div></div><div class="flex-1"><h2 class="text-lg mb-2 leading-7 md:leading-6 font-bold">Russia jails hacker for two years over cyberattack on local tech company</h2><div class="divide-x gap-2"><span class="text-xs pr-2"><span class="article-tile__meta__editor">Daryna Antoniuk</span></span><span class="text-xs border-none -ml-1">| April 4th, 2025</span></div></div></a><a class="flex flex-wrap flex-col" href="/lawmakers-seek-to-close-secret-service-cyber-money-laundering-loophole"><div class="w-full mb-2"><div class="w-full pt-[58%] relative"><img alt="money" fetchpriority="auto" loading="lazy" width="300" height="290" decoding="async" data-nimg="1" class="w-full h-full absolute inset-0" style="color:transparent;object-fit:cover" src="https://cms.therecord.media/uploads/format_webp/small_aidan_bartos_v9r_Z3_Yz6f_Sg_unsplash_a725b3172a.jpg"/></div></div><div class="flex-1"><h2 class="text-lg mb-2 leading-7 md:leading-6 font-bold">Lawmakers seek to close loophole limiting Secret Service investigations into cyber laundering</h2><div class="divide-x gap-2"><span class="text-xs pr-2"><span class="article-tile__meta__editor">Jonathan Greig</span></span><span class="text-xs border-none -ml-1">| April 4th, 2025</span></div></div></a><a class="flex flex-wrap flex-col" href="/texas-city-warns-thousands-of-utility-site-breach"><div class="w-full mb-2"><div class="w-full pt-[58%] relative"><img alt="texas flags" fetchpriority="auto" loading="lazy" width="300" height="290" decoding="async" data-nimg="1" class="w-full h-full absolute inset-0" style="color:transparent;object-fit:cover" src="https://cms.therecord.media/uploads/format_webp/small_texas_flags_de81b6491f.jpg"/></div></div><div class="flex-1"><h2 class="text-lg mb-2 leading-7 md:leading-6 font-bold">Texas city warns thousands of utility payment site breach</h2><div class="divide-x gap-2"><span class="text-xs pr-2"><span class="article-tile__meta__editor">Jonathan Greig</span></span><span class="text-xs border-none -ml-1">| April 3rd, 2025</span></div></div></a><a class="flex flex-wrap flex-col" href="/us-australia-canada-warn-of-fast-flux-ransomware-rusia"><div class="w-full mb-2"><div class="w-full pt-[58%] relative"><img alt="digital" fetchpriority="auto" loading="lazy" width="300" height="290" decoding="async" data-nimg="1" class="w-full h-full absolute inset-0" style="color:transparent;object-fit:cover" src="https://cms.therecord.media/uploads/format_webp/small_red_digital_f1b63748b1.jpg"/></div></div><div class="flex-1"><h2 class="text-lg mb-2 leading-7 md:leading-6 font-bold">US, Australia, Canada warn of ‘fast flux’ scheme used by ransomware gangs</h2><div class="divide-x gap-2"><span class="text-xs pr-2"><span class="article-tile__meta__editor">Jonathan Greig</span></span><span class="text-xs border-none -ml-1">| April 3rd, 2025</span></div></div></a><a class="flex flex-wrap flex-col" href="/poland-prime-minister-cyber-targeted"><div class="w-full mb-2"><div class="w-full pt-[58%] relative"><img alt="Poland Donald Tusk" fetchpriority="auto" loading="lazy" width="300" height="290" decoding="async" data-nimg="1" class="w-full h-full absolute inset-0" style="color:transparent;object-fit:cover" src="https://cms.therecord.media/uploads/format_webp/small_Donald_Tusk_3383fabb2f.jpg"/></div></div><div class="flex-1"><h2 class="text-lg mb-2 leading-7 md:leading-6 font-bold">Poland’s prime minister says cyberattack targeted his party as election nears</h2><div class="divide-x gap-2"><span class="text-xs pr-2"><span class="article-tile__meta__editor">Daryna Antoniuk</span></span><span class="text-xs border-none -ml-1">| April 3rd, 2025</span></div></div></a><a class="flex flex-wrap flex-col" href="/hackers-ukraine-critical-infrastructure-malware"><div class="w-full mb-2"><div class="w-full pt-[58%] relative"><img alt="Ukraine MFA" fetchpriority="auto" loading="lazy" width="300" height="290" decoding="async" data-nimg="1" class="w-full h-full absolute inset-0" style="color:transparent;object-fit:cover" src="https://cms.therecord.media/uploads/format_webp/small_Ukraine_MFA_8a69358ef9.jpg"/></div></div><div class="flex-1"><h2 class="text-lg mb-2 leading-7 md:leading-6 font-bold">Hackers hit Ukrainian state agencies, critical infrastructure with new ‘Wrecksteel’ malware</h2><div class="divide-x gap-2"><span class="text-xs pr-2"><span class="article-tile__meta__editor">Daryna Antoniuk</span></span><span class="text-xs border-none -ml-1">| April 3rd, 2025</span></div></div></a><a class="flex flex-wrap flex-col" href="/native-minnesota-tribe-says-cyber-incident-disrupted-healthcare-casino"><div class="w-full mb-2"><div class="w-full pt-[58%] relative"><img alt="casino" fetchpriority="auto" loading="lazy" width="300" height="290" decoding="async" data-nimg="1" class="w-full h-full absolute inset-0" style="color:transparent;object-fit:cover" src="https://cms.therecord.media/uploads/format_webp/small_gambling_casino_slot_a18d50f80c.jpg"/></div></div><div class="flex-1"><h2 class="text-lg mb-2 leading-7 md:leading-6 font-bold">Native tribe in Minnesota says cyber incident knocked out healthcare, casino systems</h2><div class="divide-x gap-2"><span class="text-xs pr-2"><span class="article-tile__meta__editor">Jonathan Greig</span></span><span class="text-xs border-none -ml-1">| April 2nd, 2025</span></div></div></a></div><div class="latest-articles__cta"><a class="border-b-[2px] border-[#e06b2c] pb-[5px]" href="/news">More in Latest News &gt;</a></div></div></section><div class="briefs"><div class="briefs__heading lg:flex justify-start items-center"><h2>Briefs</h2></div><ul class="briefs__list"><li class="hover:text-[#E06B2C] transition delay-150 duration-300 ease-in-out"><a href="/port-of-seattle-says-90000-impacted-in-2024-ransomware-attack">Port of Seattle says 90,000 people impacted in 2024 ransomware attack<span>April 4th, 2025</span></a></li><li class="hover:text-[#E06B2C] transition delay-150 duration-300 ease-in-out"><a href="/russia-jails-hacker-over-cyberattack-on-tech-firm">Russia jails hacker for two years over cyberattack on local tech company<span>April 4th, 2025</span></a></li><li class="hover:text-[#E06B2C] transition delay-150 duration-300 ease-in-out"><a href="/lawmakers-seek-to-close-secret-service-cyber-money-laundering-loophole">Lawmakers seek to close loophole limiting Secret Service investigations into cyber laundering<span>April 4th, 2025</span></a></li><li class="hover:text-[#E06B2C] transition delay-150 duration-300 ease-in-out"><a href="/texas-city-warns-thousands-of-utility-site-breach">Texas city warns thousands of utility payment site breach<span>April 3rd, 2025</span></a></li><li class="hover:text-[#E06B2C] transition delay-150 duration-300 ease-in-out"><a href="/hackers-ukraine-critical-infrastructure-malware">Hackers hit Ukrainian state agencies, critical infrastructure with new ‘Wrecksteel’ malware<span>April 3rd, 2025</span></a></li><li class="hover:text-[#E06B2C] transition delay-150 duration-300 ease-in-out"><a href="/csam-platform-kidflix-shut-down-europol">CSAM platform Kidflix shut down by international operation<span>April 2nd, 2025</span></a></li><li class="hover:text-[#E06B2C] transition delay-150 duration-300 ease-in-out"><a href="/russia-tightens-cyber-measures-as-fraud-hits-record-high">Russia tightens cybersecurity measures as financial fraud hits record high<span>April 1st, 2025</span></a></li><li class="hover:text-[#E06B2C] transition delay-150 duration-300 ease-in-out"><a href="/russia-state-railway-rzd-ddos-website-app">Digital disruptions continue for Russian transportation, this time at state railway<span>April 1st, 2025</span></a></li><li class="hover:text-[#E06B2C] transition delay-150 duration-300 ease-in-out"><a href="/canadian-hacker-arrested-texas-gop">Canadian hacker arrested for allegedly stealing data from Texas Republican Party<span>March 31st, 2025</span></a></li></ul></div><section class="my-10 lg:my-12 first-of-type:mt-0"><div><a rel="me" aria-label="Mastodon social link" href="https://mastodon.social/@therecord_media"> </a></div></section></main></div><div class="mx-auto px-5 md:px-8 lg:px-12 xl:px-20 2xl:px-40 max-w-layout w-full"><div class="transition duration-500" style="filter:blur(0px)"><footer class="footer"><div class="flex flex-wrap items-center justify-between"><div class="footer__column-left"><div class="footer__logo"><a href="/"><img alt="The Record from Recorded Future News" fetchpriority="auto" loading="lazy" width="171" height="39" decoding="async" data-nimg="1" style="color:transparent" src="https://cms.therecord.media/uploads/The_Record_Centered_9b27d79125.svg"/></a></div><div class="footer__socials"><ul><li><a aria-label="Twitter social link" target="_blank" rel="noopener noreferrer" href="https://twitter.com/TheRecord_Media"><span class="text-black text-sm icon-twitter"></span></a></li><li><a aria-label="LinkedIn social link" target="_blank" rel="noopener noreferrer" href="https://www.linkedin.com/company/the-record-by-recorded-future"><span class="text-black text-sm icon-linkedin"></span></a></li><li><a aria-label="Instagram social link" target="_blank" rel="noopener noreferrer" href="https://www.instagram.com/therecord_media/"><span class="text-black text-sm icon-instagram"></span></a></li><li><a aria-label="Mastodon social link" target="_self" rel="noopener noreferrer" href="https://mastodon.social/@therecord_media"><span class="text-black text-sm icon-mastodon"></span></a></li><li><a aria-label="Bluesky social link" target="_blank" rel="noopener noreferrer" href="https://bsky.app/profile/therecordmedia.bsky.social"><span class="text-black text-sm icon-bluesky"></span></a></li><li><a aria-label="RSS Feed link" target="_blank" rel="noopener noreferrer" href="https://therecord.media/feed/"><span class="text-black text-sm icon-rss"></span></a></li></ul></div></div><div class="footer__column-right"><div class="footer__menu"><ul><li><a href="https://www.recordedfuture.com/privacy-policy"><span class="wysiwyg-parsed-content"><p>Privacy</p></span></a></li><li><a href="/about"><span class="wysiwyg-parsed-content"><p>About</p></span></a></li><li><a href="/contact"><span class="wysiwyg-parsed-content"><p>Contact Us</p></span></a></li></ul></div></div><div class="footer__column-middle"><div class="footer__copyright"><span class="wysiwyg-parsed-content"><p>© Copyright 2025 | The Record from Recorded Future News</p></span></div></div></div></footer></div></div></section></main></div></div><script id="__NEXT_DATA__" type="application/json">{"props":{"pageProps":{"analyticData":{"data":{"id":1,"attributes":{"facebookPixelCodeToken":"781647205981775","googleTagManagerToken":"GTM-PVJ5W86","createdAt":"2022-11-24T10:22:59.243Z","updatedAt":"2023-03-14T15:49:13.743Z","publishedAt":"2022-11-24T10:22:59.986Z"}},"meta":{}},"header":{"data":{"id":1,"attributes":{"createdAt":"2022-03-30T16:06:58.729Z","updatedAt":"2024-04-12T18:45:58.356Z","publishedAt":"2022-03-30T16:07:01.120Z","locale":"en","primaryCta":{"id":27,"target":"_self","externalUrl":"","label":"✉️ Free Newsletter","page":{"data":{"id":5,"attributes":{"title":"Subscribe to Cyber Daily®","slug":"/subscribe","createdAt":"2022-03-31T13:45:06.824Z","updatedAt":"2024-05-02T16:28:44.627Z","publishedAt":"2022-03-31T13:45:08.513Z","locale":"en","showTitle":true,"customArticleSidebar":null}}}},"ctas":[{"id":154,"target":"_blank","externalUrl":"https://therecord.media/subscribe","label":"Cyber Daily®","page":{"data":null}},{"id":3,"target":"_self","externalUrl":null,"label":"Click Here Podcast","page":{"data":{"id":8769,"attributes":{"title":"Click Here Podcasts","slug":"/podcast","createdAt":"2024-02-22T15:33:00.084Z","updatedAt":"2025-03-07T15:39:27.952Z","publishedAt":"2024-02-22T15:33:03.995Z","locale":"en","showTitle":false,"customArticleSidebar":null}}}}],"logo":{"id":16,"alt":"Cyber Security News | The Record","caption":null,"tablet":{"data":null},"mobile":{"data":null},"desktop":{"data":{"id":4355,"attributes":{"name":"The Record-Centered.svg","alternativeText":"The Record-Centered.svg","caption":"The Record-Centered.svg","width":null,"height":null,"formats":null,"hash":"The_Record_Centered_9b27d79125","ext":".svg","mime":"image/svg+xml","size":7.26,"url":"/uploads/The_Record_Centered_9b27d79125.svg","previewUrl":null,"provider":"local","provider_metadata":null,"createdAt":"2023-01-12T17:06:51.335Z","updatedAt":"2024-04-15T13:35:29.457Z"}}}},"logoLink":{"id":10,"target":"_self","externalUrl":null,"label":"Go to homepage","page":{"data":{"id":4,"attributes":{"title":"Home","slug":"/","createdAt":"2022-03-31T13:42:22.553Z","updatedAt":"2025-04-05T01:19:24.392Z","publishedAt":"2022-03-31T13:42:26.218Z","locale":"en","showTitle":true,"customArticleSidebar":null}}}},"categories":[{"id":6,"target":"_self","externalUrl":"","label":"Leadership","page":{"data":{"id":30,"attributes":{"title":"Leadership News","slug":"/news/leadership","createdAt":"2022-07-18T10:45:47.247Z","updatedAt":"2025-02-07T19:04:54.815Z","publishedAt":"2022-07-18T10:46:18.049Z","locale":"en","showTitle":false,"customArticleSidebar":null}}}},{"id":4,"target":"_self","externalUrl":null,"label":"Cybercrime","page":{"data":{"id":33,"attributes":{"title":"Cybercrime News","slug":"/news/cybercrime","createdAt":"2022-10-04T13:41:45.475Z","updatedAt":"2025-02-07T19:03:47.119Z","publishedAt":"2022-10-04T13:42:16.623Z","locale":"en","showTitle":false,"customArticleSidebar":true}}}},{"id":5,"target":"_self","externalUrl":null,"label":"Nation-state","page":{"data":{"id":34,"attributes":{"title":"Nation-State News","slug":"/news/nation-state","createdAt":"2022-10-04T13:42:39.663Z","updatedAt":"2025-02-07T19:05:31.804Z","publishedAt":"2022-10-04T13:42:43.179Z","locale":"en","showTitle":false,"customArticleSidebar":null}}}},{"id":7,"target":"_self","externalUrl":null,"label":"Elections","page":{"data":{"id":8308,"attributes":{"title":"Elections News","slug":"/news/elections","createdAt":"2023-11-30T18:05:06.228Z","updatedAt":"2025-02-07T19:04:08.753Z","publishedAt":"2023-11-30T18:15:26.552Z","locale":"en","showTitle":false,"customArticleSidebar":null}}}},{"id":8,"target":"_self","externalUrl":null,"label":"Technology","page":{"data":{"id":36,"attributes":{"title":"Technology News","slug":"/news/technology","createdAt":"2022-10-04T13:43:48.898Z","updatedAt":"2025-02-07T19:07:25.938Z","publishedAt":"2022-10-04T13:43:50.140Z","locale":"en","showTitle":false,"customArticleSidebar":null}}}}]}},"meta":{}},"footer":{"data":{"id":1,"attributes":{"legalText":"© Copyright 2025 | The Record from Recorded Future News","createdAt":"2022-03-30T16:08:52.148Z","updatedAt":"2025-03-11T15:19:14.139Z","publishedAt":"2022-03-30T16:08:54.448Z","locale":"en","ctas":[{"id":16,"target":"_self","externalUrl":"https://www.recordedfuture.com/privacy-policy","label":"Privacy","page":{"data":null}},{"id":189,"target":"_self","externalUrl":null,"label":"About","page":{"data":{"id":1,"attributes":{"title":"About Us","slug":"/about","createdAt":"2022-03-28T10:14:39.247Z","updatedAt":"2024-01-03T14:49:08.232Z","publishedAt":"2022-11-24T10:26:17.561Z","locale":"en","showTitle":true,"customArticleSidebar":null}}}},{"id":190,"target":"_self","externalUrl":null,"label":"Contact Us","page":{"data":{"id":3,"attributes":{"title":"Contact Us","slug":"/contact","createdAt":"2022-03-31T13:40:52.362Z","updatedAt":"2024-05-10T13:32:27.715Z","publishedAt":"2022-03-31T13:40:54.206Z","locale":"en","showTitle":true,"customArticleSidebar":null}}}}],"logo":{"id":17,"alt":"The Record from Recorded Future News","caption":null,"tablet":{"data":null},"mobile":{"data":null},"desktop":{"data":{"id":4355,"attributes":{"name":"The Record-Centered.svg","alternativeText":"The Record-Centered.svg","caption":"The Record-Centered.svg","width":null,"height":null,"formats":null,"hash":"The_Record_Centered_9b27d79125","ext":".svg","mime":"image/svg+xml","size":7.26,"url":"/uploads/The_Record_Centered_9b27d79125.svg","previewUrl":null,"provider":"local","provider_metadata":null,"createdAt":"2023-01-12T17:06:51.335Z","updatedAt":"2024-04-15T13:35:29.457Z"}}}},"socialMediaLinks":{"id":1,"blueskyLink":{"id":397,"target":"_blank","externalUrl":"https://bsky.app/profile/therecordmedia.bsky.social","label":"{\"time\":1732006179141,\"blocks\":[{\"id\":\"5xOnvzlFkL\",\"type\":\"paragraph\",\"data\":{\"text\":\"Bluesky\"}}],\"version\":\"2.29.0\"}"},"mastodonLink":{"id":333,"target":"_self","externalUrl":"https://mastodon.social/@therecord_media","label":"{\"time\":1713433528668,\"blocks\":[{\"id\":\"9lGq_NEt1X\",\"type\":\"paragraph\",\"data\":{\"text\":\"Mastodon\"}}],\"version\":\"2.29.0\"}"},"twitterLink":{"id":13,"target":"_blank","externalUrl":"https://twitter.com/TheRecord_Media","label":"Twitter"},"rssLink":{"id":12,"target":"_blank","externalUrl":"https://therecord.media/feed/","label":"RSS feed"},"instagramLink":{"id":11,"target":"_blank","externalUrl":"https://www.instagram.com/therecord_media/","label":"Instagram"},"linkedInLink":{"id":14,"target":"_blank","externalUrl":"https://www.linkedin.com/company/the-record-by-recorded-future","label":"LinkedIn"}}}},"meta":{}},"page":{"data":[{"id":4,"attributes":{"title":"Home","slug":"/","createdAt":"2022-03-31T13:42:22.553Z","updatedAt":"2025-04-05T01:19:24.392Z","publishedAt":"2022-03-31T13:42:26.218Z","locale":"en","showTitle":true,"customArticleSidebar":null,"article":{"data":null},"category":{"data":null},"editor":{"data":null},"main":[{"id":1,"__component":"blocks.featured-articles-block","articles":{"data":[{"id":6341,"attributes":{"title":"Haugh fired from leadership of NSA, Cyber Command","date":"2025-04-04T03:06:50.774Z","body":"{\"time\":1743773608695,\"blocks\":[{\"id\":\"K85VPVRYDy\",\"type\":\"paragraph\",\"data\":{\"text\":\"President Donald Trump on Thursday fired Air Force Gen. Timothy Haugh as the head of U.S. Cyber Command and the National Security Agency, a move that could have lasting consequences for national security.\"}},{\"id\":\"TM-c0ocKJJ\",\"type\":\"paragraph\",\"data\":{\"text\":\"The ouster of Haugh, who was only a little over a year into what is traditionally a three-year term, could be the start of even greater changes to the military’s top digital warfighting organization and the world’s largest spy agency.\"}},{\"id\":\"ymf0X-JSTR\",\"type\":\"paragraph\",\"data\":{\"text\":\"In addition to Haugh, Wendy Noble, an NSA veteran who was \u003ca href=\\\"https://therecord.media/wendy-noble-nsa-deputy-director\\\"\u003enamed\u003c/a\u003e the agency’s deputy chief in 2023, was transferred to a post in the Pentagon’s Office of the Under Secretary of Defense for Intelligence, according to four sources familiar with the matter.\"}},{\"id\":\"BU3-hsHF-R\",\"type\":\"paragraph\",\"data\":{\"text\":\"Cyber Command and NSA personnel were informed late Thursday night that Army Lt. Gen. William Hartman, the No. 2 at Cyber Command, would assume leadership of both organizations in an acting capacity, one of these sources said.\"}},{\"id\":\"bDL_6D5l3D\",\"type\":\"paragraph\",\"data\":{\"text\":\"Sheila Thomas,\u0026nbsp;\u003ca href=\\\"https://www.nsa.gov/About/Leadership/Leadership-View/Article/4020115/sheila-thomas/\\\"\u003ethe NSA’s executive director,\u003c/a\u003e will replace Noble, according to another source.\"}},{\"id\":\"PAudBO-HF-\",\"type\":\"paragraph\",\"data\":{\"text\":\"The reasoning behind the move was initially unclear. Early Friday morning, Laura Loomer, — a far-right activist who once claimed the Sept. 11 terrorist attacks were an inside job and reportedly met with the president this week —\u0026nbsp;\u003ca target=\\\"_blank\\\" href=\\\"https://x.com/LauraLoomer/status/1908013350866608261\\\"\u003eclaimed credit for prompting the moves\u003c/a\u003e, as well as the axing of several National Security Council officials.\"}},{\"id\":\"9PeI50sYr5\",\"type\":\"paragraph\",\"data\":{\"text\":\"\\\"As a Biden appointee, General Haugh had no place serving in the Trump admin given the fact that he was HAND PICKED by General Milley, who was accused of committing treason by President Trump,\\\" she \u003ca href=\\\"https://x.com/LauraLoomer/status/1908133163102253503\\\"\u003ewrote in a post on X\u003c/a\u003e. \\\"Why would we want an NSA Director who was referred to Biden after being hand selected by Milley, who told China he would side with them over Trump.\\\"\"}},{\"id\":\"dqkSYPCGHk\",\"type\":\"paragraph\",\"data\":{\"text\":\"The Pentagon said it would provide more information when it becomes available.\"}},{\"id\":\"JEArgy8FK-\",\"type\":\"paragraph\",\"data\":{\"text\":\"The changes mark the latest upheaval to jolt the U.S. national security apparatus. President Trump in February fired Air Force Gen. CQ Brown Jr. as chairman of the Joint Chiefs of Staff. And Defense Secretary Pete Hegseth has sought to cut tens of thousands of jobs from DOD’s payroll to put the money toward the president’s priorities.\"}},{\"id\":\"of65VVGtVt\",\"type\":\"paragraph\",\"data\":{\"text\":\"By removing Haugh, Trump could be readying to split the “dual-hat” leadership structure that has governed both entities for more than a decade. Trump nearly severed the connection at the end of his first term, and people connected to his transition said h\u003ca href=\\\"https://therecord.media/cyber-command-nsa-dual-hat-trump\\\"\u003ee would attempt to do so again once back in office\u003c/a\u003e.\"}},{\"id\":\"5cBPaUz3Oh\",\"type\":\"paragraph\",\"data\":{\"text\":\"If that is the case, Trump could name a new Cyber Command chief and separately a new head of the powerful espionage agency.\"}},{\"id\":\"fdZi9zpEbU\",\"type\":\"paragraph\",\"data\":{\"text\":\"Or the president could just be looking to install his own pick atop both organizations.\"}},{\"id\":\"sXZFSELAo6\",\"type\":\"paragraph\",\"data\":{\"text\":\"Jon Darby, NSA’s former director of operations, blasted the dismissals.\"}},{\"id\":\"uRCLjT4RQ7\",\"type\":\"paragraph\",\"data\":{\"text\":\"\\\"No matter if this move is for a perceived lack of loyalty or is a precursor for splitting the dual hat, removing seasoned leaders with the depth of knowledge in the extremely complex world of cyber and signals intelligence is dangerous to the nation,” he said.\"}},{\"id\":\"hoIECeeYTv\",\"type\":\"paragraph\",\"data\":{\"text\":\"In a statement, Mark Warner of Virginia, the top Democrat on the Senate Intelligence Committee, also derided Haugh’s firing.\"}},{\"id\":\"gmE0hHvQwt\",\"type\":\"paragraph\",\"data\":{\"text\":\"“At a time when the United States is facing unprecedented cyber threats, as the Salt Typhoon cyberattack from China has so clearly underscored, how does firing [Haugh] make Americans any safer?“\"}},{\"id\":\"q_xP2ILpgn\",\"type\":\"paragraph\",\"data\":{\"text\":\"He also said it is “astonishing” Trump would “fire the nonpartisan, experienced leader of the National Security Agency while still failing to hold any member of his team accountable for leaking classified information on a commercial messaging app,” a\u003ca href=\\\"https://therecord.media/gabbard-ratcliffe-signal-atlantic-yemen-operation-senate-hearing\\\"\u003e reference to the Cabinet-level discussion of pending military strikes on Signal\u003c/a\u003e.\"}}],\"version\":\"2.29.0\"}","isBrief":false,"createdAt":"2025-04-04T03:06:50.774Z","updatedAt":"2025-04-04T13:33:34.160Z","publishedAt":"2025-04-04T03:07:55.490Z","showFrom":null,"listingShowFrom":null,"editor":{"data":{"id":3,"attributes":{"name":"Martin Matishak","bio":"is the senior cybersecurity reporter for The Record. Prior to joining Recorded Future News in 2021, he spent more than five years at Politico, where he covered digital and national security developments across Capitol Hill, the Pentagon and the U.S. intelligence community. He previously was a reporter at The Hill, National Journal Group and Inside Washington Publishers.","twitterHandle":"https://twitter.com/martinmatishak","createdAt":"2022-03-28T09:52:53.414Z","updatedAt":"2023-12-06T14:48:41.466Z","publishedAt":"2022-03-28T09:52:55.553Z","blueskyProfile":null}}},"editors":{"data":[]},"image":{"id":6841,"alt":"Gen. Timothy Haugh","caption":"Gen. Timothy Haugh, head of NSA and Cyber Command, testifies before the Senate Intelligence Committee on March 25, 2025. Source: committee video feed","tablet":{"data":null},"mobile":{"data":null},"desktop":{"data":{"id":8833,"attributes":{"name":"haugh-senate-hearing-20250325.png","alternativeText":"Gen. Timothy Haugh, head of NSA and Cyber Command, testifies before the Senate Intelligence Committee on March 25, 2025. Source: committee video feed","caption":"Gen. Timothy Haugh, head of NSA and Cyber Command, testifies before the Senate Intelligence Committee on March 25, 2025. Source: committee video feed","width":1085,"height":630,"formats":{"large":{"ext":".png","url":"/uploads/large_haugh_senate_hearing_20250325_2d6518fdcb.png","hash":"large_haugh_senate_hearing_20250325_2d6518fdcb","mime":"image/png","name":"large_haugh-senate-hearing-20250325.png","path":null,"size":1149.92,"width":1000,"height":581,"sizeInBytes":1149915},"small":{"ext":".png","url":"/uploads/small_haugh_senate_hearing_20250325_2d6518fdcb.png","hash":"small_haugh_senate_hearing_20250325_2d6518fdcb","mime":"image/png","name":"small_haugh-senate-hearing-20250325.png","path":null,"size":331.15,"width":500,"height":290,"sizeInBytes":331149},"medium":{"ext":".png","url":"/uploads/medium_haugh_senate_hearing_20250325_2d6518fdcb.png","hash":"medium_haugh_senate_hearing_20250325_2d6518fdcb","mime":"image/png","name":"medium_haugh-senate-hearing-20250325.png","path":null,"size":695.03,"width":750,"height":435,"sizeInBytes":695034},"thumbnail":{"ext":".png","url":"/uploads/thumbnail_haugh_senate_hearing_20250325_2d6518fdcb.png","hash":"thumbnail_haugh_senate_hearing_20250325_2d6518fdcb","mime":"image/png","name":"thumbnail_haugh-senate-hearing-20250325.png","path":null,"size":88.72,"width":245,"height":142,"sizeInBytes":88722}},"hash":"haugh_senate_hearing_20250325_2d6518fdcb","ext":".png","mime":"image/png","size":316.7,"url":"/uploads/haugh_senate_hearing_20250325_2d6518fdcb.png","previewUrl":null,"provider":"local","provider_metadata":null,"createdAt":"2025-03-25T17:58:14.576Z","updatedAt":"2025-04-04T03:05:46.191Z"}}}},"page":{"data":{"id":10897,"attributes":{"title":"Haugh fired from leadership of NSA, Cyber Command","slug":"/gen-timothy-haugh-fired-nsa-cyber-command-trump","createdAt":"2025-04-04T03:10:51.131Z","updatedAt":"2025-04-04T03:12:12.505Z","publishedAt":"2025-04-04T03:10:52.257Z","locale":"en","showTitle":false,"customArticleSidebar":false}}}}},{"id":6347,"attributes":{"title":"Maryland pharmacist used keyloggers to spy on coworkers for a decade, victim alleges","date":"2025-04-05T01:17:12.977Z","body":"{\"time\":1743815742751,\"blocks\":[{\"id\":\"OTq4lyR1Qj\",\"type\":\"paragraph\",\"data\":{\"text\":\"A Maryland pharmacist installed spyware on hundreds of computers at a major teaching hospital and recorded videos over the course of a decade of staff pumping breastmilk and breastfeeding, a class-action lawsuit alleges.\u0026nbsp;\"}},{\"id\":\"cNCC-IsEb3\",\"type\":\"paragraph\",\"data\":{\"text\":\"The suit, filed on March 27 and first \u003ca href=\\\"https://www.thebaltimorebanner.com/community/criminal-justice/matthew-bathula-umd-hospital-hack-32KWAHLG2RBNLFFVX5BAFILRCM/\\\"\u003ereported\u003c/a\u003e by the Baltimore Banner, accuses pharmacist Matthew Bathula of implanting keyloggers — a type of software that records what someone types on a keyboard — on about 400 computers at the University of Maryland Medical Center (UMMC).\u0026nbsp;\"}},{\"id\":\"0UgDKiL0Dj\",\"type\":\"paragraph\",\"data\":{\"text\":\"The class-action was filed by an anonymous employee at the hospital against her employer, which the suit contends was negligent in allowing the security breaches to occur and in allegedly failing to notify victims. No criminal charges have been filed against Bathula, who according to the complaint and a \u003ca href=\\\"https://www.umms.org/ummc/news/2025/university-of-maryland-medical-system-statement-on-recent-cyber-incident\\\"\u003estatement\u003c/a\u003e from UMMC is being investigated by the FBI.\"}},{\"id\":\"Wuhs_M5Rfb\",\"type\":\"paragraph\",\"data\":{\"text\":\"“It’s our most sincere hope and expectation that the person alleged to have violated the trust of his colleagues and of our organization will be held accountable to the fullest extent of the law, which is why we have worked collaboratively over the past several months with the FBI and US Attorney’s Office who are engaged in an active criminal investigation,” the medical center said in a statement posted to their website on Thursday.\u0026nbsp;\"}},{\"id\":\"YTiLY6twqQ\",\"type\":\"paragraph\",\"data\":{\"text\":\"“Healthcare organizations and the people who work in them have unfortunately in recent times become the victims of cyberattacks from threat actors, and we continue to take aggressive steps to protect our IT systems in this challenging environment.”\"}},{\"id\":\"WU1y5vHCa6\",\"type\":\"paragraph\",\"data\":{\"text\":\"Through the keyloggers, Bathula allegedly accessed coworkers’ passwords, including for bank accounts, home surveillance systems, emails, dating apps and other accounts. He downloaded private photographs, videos and personal information, the complaint claims, and even remotely activated webcams in exam rooms for telehealth sessions.\u0026nbsp;\u0026nbsp;\"}},{\"id\":\"JUuNImhOrc\",\"type\":\"paragraph\",\"data\":{\"text\":\"The protections to stop someone from accessing devices and installing malware were inadequate, the plaintiff alleges.\u0026nbsp;\"}},{\"id\":\"hqRSR8cXkZ\",\"type\":\"paragraph\",\"data\":{\"text\":\"“UMMC is subject to numerous state and federal regulations that require it to implement measures to protect the sensitive information stored on its computer systems,” the complaint says. “Bathula could not have pulled off his decade-long cyber spying campaign unless UMMC’s data security measures were woefully inadequate.”\"}},{\"id\":\"Jo3P40clr8\",\"type\":\"paragraph\",\"data\":{\"text\":\"According to the suit, the hospital sent an email to employees in early October about “a serious IT incident” and a “highly sophisticated and very difficult to detect cyberattack that has resulted in the theft of data from shared UMMS computers.” The email acknowledged the use of keylogging software and said the facility has been investigating the attack and would communicate updates “in the coming days.”\u0026nbsp;\"}},{\"id\":\"37H7mu2L-j\",\"type\":\"paragraph\",\"data\":{\"text\":\"The victims say they only discovered their information was compromised — and in some cases that highly personal material was accessed — when they were contacted by the FBI.\u0026nbsp;\"}},{\"id\":\"0f_ftdxJyy\",\"type\":\"paragraph\",\"data\":{\"text\":\"The hospital reportedly “put IT protections in place that were readily available prior to Bathula’s attacks and which are reasonable and standard in the industry,” according to the complaint, including disabling the use of thumb drives and implementing restrictions on downloads and uploads of applications.\u0026nbsp;\"}},{\"id\":\"_1YmfN2H9v\",\"type\":\"paragraph\",\"data\":{\"text\":\"“These minimal protections were not in place during Bathula’s decade of criminal cyber activity,” they said.\u0026nbsp;\"}},{\"id\":\"94kRrHXDbh\",\"type\":\"paragraph\",\"data\":{\"text\":\"The pharmacist was terminated in October 2024 but, according to the suit, subsequently moved to another health system. Attempts to reach Bathula were unsuccessful.\u0026nbsp;\"}},{\"id\":\"fwHYIUVQtx\",\"type\":\"paragraph\",\"data\":{\"text\":\"A UMMC spokesperson declined to comment on the specifics of the case but said “in response to this incident, we have increased surveillance across our network to better detect unauthorized access.” \"}}],\"version\":\"2.29.0\"}","isBrief":false,"createdAt":"2025-04-05T01:17:12.977Z","updatedAt":"2025-04-05T01:17:14.160Z","publishedAt":"2025-04-05T01:17:14.155Z","showFrom":null,"listingShowFrom":null,"editor":{"data":{"id":21,"attributes":{"name":"James Reddick","bio":"has worked as a journalist around the world, including in Lebanon and in Cambodia, where he was Deputy Managing Editor of The Phnom Penh Post. He is also a radio and podcast producer for outlets like Snap Judgment.","twitterHandle":"https://twitter.com/jredd66","createdAt":"2022-10-07T14:56:22.348Z","updatedAt":"2023-08-30T17:29:27.973Z","publishedAt":"2022-10-07T14:56:23.554Z","blueskyProfile":null}}},"editors":{"data":[]},"image":{"id":6848,"alt":"keyboard","caption":"Image: Adrien via Unsplash","tablet":{"data":null},"mobile":{"data":null},"desktop":{"data":{"id":7220,"attributes":{"name":"adrien-D5kDcF1JvEM-unsplash.jpg","alternativeText":"keyboard, encryption","caption":"Image: Adrien via Unsplash","width":1085,"height":630,"formats":{"large":{"ext":".jpg","url":"/uploads/large_adrien_D5k_Dc_F1_Jv_EM_unsplash_25b82e6793.jpg","hash":"large_adrien_D5k_Dc_F1_Jv_EM_unsplash_25b82e6793","mime":"image/jpeg","name":"large_adrien-D5kDcF1JvEM-unsplash.jpg","path":null,"size":84.2,"width":1000,"height":581,"sizeInBytes":84195},"small":{"ext":".jpg","url":"/uploads/small_adrien_D5k_Dc_F1_Jv_EM_unsplash_25b82e6793.jpg","hash":"small_adrien_D5k_Dc_F1_Jv_EM_unsplash_25b82e6793","mime":"image/jpeg","name":"small_adrien-D5kDcF1JvEM-unsplash.jpg","path":null,"size":30.16,"width":500,"height":290,"sizeInBytes":30156},"medium":{"ext":".jpg","url":"/uploads/medium_adrien_D5k_Dc_F1_Jv_EM_unsplash_25b82e6793.jpg","hash":"medium_adrien_D5k_Dc_F1_Jv_EM_unsplash_25b82e6793","mime":"image/jpeg","name":"medium_adrien-D5kDcF1JvEM-unsplash.jpg","path":null,"size":55.45,"width":750,"height":435,"sizeInBytes":55445},"thumbnail":{"ext":".jpg","url":"/uploads/thumbnail_adrien_D5k_Dc_F1_Jv_EM_unsplash_25b82e6793.jpg","hash":"thumbnail_adrien_D5k_Dc_F1_Jv_EM_unsplash_25b82e6793","mime":"image/jpeg","name":"thumbnail_adrien-D5kDcF1JvEM-unsplash.jpg","path":null,"size":9.99,"width":245,"height":142,"sizeInBytes":9985}},"hash":"adrien_D5k_Dc_F1_Jv_EM_unsplash_25b82e6793","ext":".jpg","mime":"image/jpeg","size":95.16,"url":"/uploads/adrien_D5k_Dc_F1_Jv_EM_unsplash_25b82e6793.jpg","previewUrl":null,"provider":"local","provider_metadata":null,"createdAt":"2024-04-22T12:13:39.779Z","updatedAt":"2025-04-05T01:16:31.614Z"}}}},"page":{"data":{"id":10903,"attributes":{"title":"Maryland pharmacist used keyloggers to spy on coworkers for a decade, victim alleges","slug":"/maryland-pharmacist-keylogger-spying-lawsuit","createdAt":"2025-04-05T01:18:18.124Z","updatedAt":"2025-04-05T01:18:19.285Z","publishedAt":"2025-04-05T01:18:19.269Z","locale":"en","showTitle":false,"customArticleSidebar":false}}}}},{"id":6345,"attributes":{"title":"Port of Seattle says 90,000 people impacted in 2024 ransomware attack","date":"2025-04-04T18:47:34.147Z","body":"{\"time\":1743792403922,\"blocks\":[{\"id\":\"Y6WOj_op7c\",\"type\":\"paragraph\",\"data\":{\"text\":\"About 90,000 people had information accessed by ransomware hackers who breached the systems of the Port of Seattle last year.\"}},{\"id\":\"HgHBe9Xb2p\",\"type\":\"paragraph\",\"data\":{\"text\":\"The organization — which runs Seattle-Tacoma International Airport, several parks, container terminals and more — said it is sending breach notification letters to those affected, including about 71,000 people in Washington state.\"}},{\"id\":\"jLM_wbWonl\",\"type\":\"paragraph\",\"data\":{\"text\":\"“The threat actors accessed and downloaded some personal information from previously used Port systems for employee, contractor, and parking data. The Port holds very little information about airport or maritime passengers, and systems processing payments were not affected,” officials \u003ca href=\\\"https://www.portseattle.org/news/port-seattle-providing-notice-individuals-affected-fall-2024-cyberattack\\\"\u003esaid\u003c/a\u003e in a notice on Thursday.\u0026nbsp;\"}},{\"id\":\"9eAXgVsrZ5\",\"type\":\"paragraph\",\"data\":{\"text\":\"Those impacted had some combination of names, dates of birth, Social Security numbers, driver’s licenses, ID cards and some medical information stolen. Victims will receive one year of free credit monitoring services.\"}},{\"id\":\"au7AOhSxCY\",\"type\":\"paragraph\",\"data\":{\"text\":\"The port also \u003ca href=\\\"https://www.portseattle.org/news/port-cyberattack-archive\\\"\u003eposted\u003c/a\u003e the breach notice online for those who did not have an available mailing address.\"}},{\"id\":\"p1wodI61nv\",\"type\":\"paragraph\",\"data\":{\"text\":\"The \u003ca href=\\\"https://therecord.media/seatac-airport-port-of-seattle-cyberattack\\\"\u003eAugust 24 incident\u003c/a\u003e, which took place ahead of the Labor Day holiday, severely damaged the systems used by the city’s port and airport, forcing workers to take extraordinary measures to help travelers. The ransomware attack knocked out the airport’s Wi-Fi and employees had to use dry-erase boards for flight and baggage information.\"}},{\"id\":\"bUyvgOHpcZ\",\"type\":\"paragraph\",\"data\":{\"text\":\"\u003ca href=\\\"https://therecord.media/labor-day-travel-seattle-airport-hack\\\"\u003eScreens throughout the facility\u003c/a\u003e were down and some airlines have had to manually sort through bags. A post-mortem said the encryptions and the resulting system disconnections took down port services like “baggage, check-in kiosks, ticketing, Wi-Fi, passenger display boards, the Port of Seattle website, the flySEA app, and reserved parking.”\"}},{\"id\":\"dwbx4rBzWT\",\"type\":\"paragraph\",\"data\":{\"text\":\"In the message on Thursday, the port said the ransomware attack did not affect “the proprietary systems of major airline and cruise partners” and the hackers did not access “the systems of federal partners like the Federal Aviation Administration, Transportation Security Administration, and U.S. Customs and Border Protection.”\"}},{\"id\":\"pMaqVklcCz\",\"type\":\"paragraph\",\"data\":{\"text\":\"The hackers, later identified as being part of the \u003ca href=\\\"https://therecord.media/tag/rhysida\\\"\u003eRhysida ransomware gang\u003c/a\u003e, were only able to break into legacy systems used for employee data.\u0026nbsp;\"}},{\"id\":\"ZVpjzxpLDi\",\"type\":\"paragraph\",\"data\":{\"text\":\"In September, port officials confirmed that they \u003ca href=\\\"https://therecord.media/seattle-port-rhysida-ransom-refused\\\"\u003erefused to pay a ransom\u003c/a\u003e, with executive director Steve Metruck explaining that “paying the criminal organization would not reflect Port values or our pledge to be a good steward of taxpayer dollars.”\"}}],\"version\":\"2.29.0\"}","isBrief":true,"createdAt":"2025-04-04T18:47:34.147Z","updatedAt":"2025-04-04T18:47:35.352Z","publishedAt":"2025-04-04T18:47:35.345Z","showFrom":null,"listingShowFrom":null,"editor":{"data":{"id":25,"attributes":{"name":"Jonathan Greig","bio":"is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.","twitterHandle":"https://twitter.com/jgreigj","createdAt":"2022-10-07T14:57:14.099Z","updatedAt":"2023-09-26T13:04:28.169Z","publishedAt":"2022-10-07T14:57:15.045Z","blueskyProfile":null}}},"editors":{"data":[]},"image":{"id":6846,"alt":"seattle airport","caption":"Image: Port of Seattle/X","tablet":{"data":null},"mobile":{"data":null},"desktop":{"data":{"id":7896,"attributes":{"name":"seattle-airport.jpg","alternativeText":"airport hack","caption":"Image: Port of Seattle/Twitter","width":1085,"height":635,"formats":{"large":{"ext":".jpg","url":"/uploads/large_seattle_airport_c3cbeae865.jpg","hash":"large_seattle_airport_c3cbeae865","mime":"image/jpeg","name":"large_seattle-airport.jpg","path":null,"size":82.37,"width":1000,"height":585,"sizeInBytes":82368},"small":{"ext":".jpg","url":"/uploads/small_seattle_airport_c3cbeae865.jpg","hash":"small_seattle_airport_c3cbeae865","mime":"image/jpeg","name":"small_seattle-airport.jpg","path":null,"size":27.05,"width":500,"height":293,"sizeInBytes":27047},"medium":{"ext":".jpg","url":"/uploads/medium_seattle_airport_c3cbeae865.jpg","hash":"medium_seattle_airport_c3cbeae865","mime":"image/jpeg","name":"medium_seattle-airport.jpg","path":null,"size":51.37,"width":750,"height":439,"sizeInBytes":51369},"thumbnail":{"ext":".jpg","url":"/uploads/thumbnail_seattle_airport_c3cbeae865.jpg","hash":"thumbnail_seattle_airport_c3cbeae865","mime":"image/jpeg","name":"thumbnail_seattle-airport.jpg","path":null,"size":8.5,"width":245,"height":143,"sizeInBytes":8500}},"hash":"seattle_airport_c3cbeae865","ext":".jpg","mime":"image/jpeg","size":96,"url":"/uploads/seattle_airport_c3cbeae865.jpg","previewUrl":null,"provider":"local","provider_metadata":null,"createdAt":"2024-08-30T16:34:22.866Z","updatedAt":"2025-04-04T18:46:55.885Z"}}}},"page":{"data":{"id":10901,"attributes":{"title":"Port of Seattle says 90,000 people impacted in 2024 ransomware attack","slug":"/port-of-seattle-says-90000-impacted-in-2024-ransomware-attack","createdAt":"2025-04-04T18:48:48.008Z","updatedAt":"2025-04-04T18:48:49.128Z","publishedAt":"2025-04-04T18:48:49.114Z","locale":"en","showTitle":false,"customArticleSidebar":false}}}}}]}},{"id":2,"__component":"blocks.latest-news-block","title":"Latest Cyber Security News","category":{"data":null}},{"id":679,"__component":"blocks.briefs","title":"Briefs","isFullWidth":true},{"id":216,"__component":"blocks.raw-html","content":"\u003ca rel=\"me\" aria-label=\"Mastodon social link\" href=\"https://mastodon.social/@therecord_media\"\u003e \u003c/a\u003e"}],"mainLeft":[],"mainRight":[],"metaData":{"id":1,"title":"Cyber Security News | The Record from Recorded Future News","description":"Stay updated on the latest cyber security news. The Record from Recorded Future News gives exclusive access to leaders, policymakers, and the cyber underground.","hideFromSearchEngines":false,"image":{"data":{"id":16,"attributes":{"name":"primary-logo-rgb-carrot.svg","alternativeText":"primary-logo-rgb-carrot.svg","caption":"primary-logo-rgb-carrot.svg","width":278,"height":63,"formats":null,"hash":"primary_logo_rgb_carrot_d6e486d746","ext":".svg","mime":"image/svg+xml","size":5.15,"url":"/uploads/primary_logo_rgb_carrot_d6e486d746.svg","previewUrl":null,"provider":"local","provider_metadata":null,"createdAt":"2022-03-30T16:04:49.763Z","updatedAt":"2023-10-31T17:03:19.251Z"}}}},"sidebar":[],"tag":{"data":null}}}],"meta":{"pagination":{"page":1,"pageSize":25,"pageCount":1,"total":1}}},"newsTickerData":{"flatItems":[{"entity_type":"CyberVulnerability","entity_id":"w07VJ3","curr_heat_score":100,"name":"CVE-2024-40348","summary":"CVE-2024-40348 is a vulnerability in Bazaar v1.4.3 that allows unauthenticated attackers to execute a directory traversal, with an exploit and proof of concept available on GitHub at the repository maintained by NingXin2002.","remove_row":false,"link":"https://app.recordedfuture.com/live/sc/entity/w07VJ3?utm_medium=web\u0026utm_source=therecord\u0026utm_campaign=ticker"},{"entity_type":"CyberVulnerability","entity_id":"wbGPeG","curr_heat_score":92,"name":"CVE-2024-38112","summary":"CVE-2024-38112 is a Microsoft Windows MSHTML Platform Spoofing Vulnerability that was exploited in the Void Banshee campaign to deliver malware, specifically the Atlantida stealer, via Internet Explorer, and was patched by Microsoft on July 9, 2024.","remove_row":false,"link":"https://app.recordedfuture.com/live/sc/entity/wbGPeG?utm_medium=web\u0026utm_source=therecord\u0026utm_campaign=ticker"},{"entity_type":"Malware","entity_id":"RIub6h","curr_heat_score":85,"name":"REMCOS RAT","summary":"Recent reports indicate a significant rise in the distribution and sophistication of Remcos RAT malware, which exploits vulnerabilities like CVE-2017-11882 through phishing emails containing malicious Microsoft Office documents, employing techniques such as script-based attacks and process injection to enable remote control and data theft from compromised systems.","remove_row":false,"link":"https://app.recordedfuture.com/live/sc/entity/RIub6h?utm_medium=web\u0026utm_source=therecord\u0026utm_campaign=ticker"},{"entity_type":"ThreatActor","entity_id":"pFT6mi","curr_heat_score":82,"name":"Scattered Spider","summary":"Scattered Spider, a group of young hackers known for their disruptive social engineering tactics, has been linked to high-profile cyberattacks against companies like MGM and Caesars Entertainment, and recent law enforcement actions have led to multiple arrests, highlighting ongoing concerns about their phishing schemes and ransomware operations.","remove_row":false,"link":"https://app.recordedfuture.com/live/sc/entity/pFT6mi?utm_medium=web\u0026utm_source=therecord\u0026utm_campaign=ticker"},{"entity_type":"ThreatActor","entity_id":"I60vfZ","curr_heat_score":78,"name":"RedGolf","summary":"RedGolf, a Chinese state-sponsored hacking group, has been actively involved in cyber espionage and financially motivated cybercrime, employing sophisticated tactics to target high-profile organizations and government networks globally.","remove_row":false,"link":"https://app.recordedfuture.com/live/sc/entity/I60vfZ?utm_medium=web\u0026utm_source=therecord\u0026utm_campaign=ticker"},{"entity_type":"ThreatActor","entity_id":"O7NRMb","curr_heat_score":78,"name":"BlueBravo","summary":"BlueBravo has been actively targeting high-value victims through sophisticated spear phishing campaigns and exploiting rogue Remote Desktop Protocol (RDP) servers for cyber espionage, particularly against governmental and research entities in Europe and Ukraine.","remove_row":false,"link":"https://app.recordedfuture.com/live/sc/entity/O7NRMb?utm_medium=web\u0026utm_source=therecord\u0026utm_campaign=ticker"},{"entity_type":"ThreatActor","entity_id":"Jxyxnd","curr_heat_score":78,"name":"North Korean Hackers","summary":"Recent reports indicate that North Korean hackers, particularly the group TraderTraitor, have been implicated in a series of high-profile cryptocurrency thefts in 2024, including a $308 million heist from Japan's DMM Bitcoin exchange and a $50 million attack on Radiant Capital, raising significant concerns about cybersecurity within the digital finance sector.","remove_row":false,"link":"https://app.recordedfuture.com/live/sc/entity/Jxyxnd?utm_medium=web\u0026utm_source=therecord\u0026utm_campaign=ticker"},{"entity_type":"Malware","entity_id":"noAnDT","curr_heat_score":77,"name":"Play Ransomware","summary":"The Play ransomware group, known for its sophisticated tactics and exploitation of vulnerabilities in applications like FortiOS and Microsoft Exchange, has recently claimed responsibility for a significant cyberattack on Krispy Kreme, threatening to leak sensitive data stolen from the company within two days.","remove_row":false,"link":"https://app.recordedfuture.com/live/sc/entity/noAnDT?utm_medium=web\u0026utm_source=therecord\u0026utm_campaign=ticker"},{"entity_type":"ThreatActor","entity_id":"nE1Nbn","curr_heat_score":74,"name":"NoName057(16)","summary":"The pro-Russian hacker group NoName057(16) has been actively conducting DDoS attacks against various government and infrastructure websites across several countries, including Italy, France, Belgium, Moldova, and Taiwan, claiming these actions as retaliation for perceived anti-Russian sentiments and support for Ukraine.","remove_row":false,"link":"https://app.recordedfuture.com/live/sc/entity/nE1Nbn?utm_medium=web\u0026utm_source=therecord\u0026utm_campaign=ticker"},{"entity_type":"Malware","entity_id":"nlflWX","curr_heat_score":72,"name":"LummaC2","summary":"LummaC2, an increasingly prevalent malware operating as a subscription-based service, has gained notoriety for its sophisticated capabilities in stealing sensitive information such as login credentials and cryptocurrency wallet data, with a reported surge in detections by nearly 400% in the latter half of 2024, often propagated through phishing schemes, fake CAPTCHA prompts, and malicious downloads targeting both Windows and macOS users.","remove_row":false,"link":"https://app.recordedfuture.com/live/sc/entity/nlflWX?utm_medium=web\u0026utm_source=therecord\u0026utm_campaign=ticker"},{"entity_type":"Malware","entity_id":"sp5mQW","curr_heat_score":71,"name":"HijackLoader","summary":"HijackLoader is a modular malware loader that has gained popularity among cybercriminals for delivering various payloads, including LummaC2 and information stealers like RedLine Stealer and Vidar Stealer, often utilizing techniques such as DLL sideloading and executable renaming to evade detection.","remove_row":false,"link":"https://app.recordedfuture.com/live/sc/entity/sp5mQW?utm_medium=web\u0026utm_source=therecord\u0026utm_campaign=ticker"},{"entity_type":"Malware","entity_id":"xCM2Hm","curr_heat_score":71,"name":"BugSleep","summary":"Recent intelligence indicates that the malware BugSleep, also referred to as MuddyRot, has been increasingly used by the Static Kitten group to target entities in Israel since July 2024.","remove_row":false,"link":"https://app.recordedfuture.com/live/sc/entity/xCM2Hm?utm_medium=web\u0026utm_source=therecord\u0026utm_campaign=ticker"},{"entity_type":"Malware","entity_id":"bLe-z4","curr_heat_score":70,"name":"SocGholish","summary":"Recent reports indicate that SocGholish, a sophisticated social engineering malware primarily distributed through fake software updates and malicious advertisements, has been actively targeting Kaiser Permanente employees to steal credentials, amidst a growing trend of ransomware attacks and evolving cyber threats in 2024.","remove_row":false,"link":"https://app.recordedfuture.com/live/sc/entity/bLe-z4?utm_medium=web\u0026utm_source=therecord\u0026utm_campaign=ticker"}],"groupedItems":{"CyberVulnerability":[{"entity_type":"CyberVulnerability","entity_id":"w07VJ3","curr_heat_score":100,"name":"CVE-2024-40348","summary":"CVE-2024-40348 is a vulnerability in Bazaar v1.4.3 that allows unauthenticated attackers to execute a directory traversal, with an exploit and proof of concept available on GitHub at the repository maintained by NingXin2002.","remove_row":false,"link":"https://app.recordedfuture.com/live/sc/entity/w07VJ3?utm_medium=web\u0026utm_source=therecord\u0026utm_campaign=ticker"},{"entity_type":"CyberVulnerability","entity_id":"wbGPeG","curr_heat_score":92,"name":"CVE-2024-38112","summary":"CVE-2024-38112 is a Microsoft Windows MSHTML Platform Spoofing Vulnerability that was exploited in the Void Banshee campaign to deliver malware, specifically the Atlantida stealer, via Internet Explorer, and was patched by Microsoft on July 9, 2024.","remove_row":false,"link":"https://app.recordedfuture.com/live/sc/entity/wbGPeG?utm_medium=web\u0026utm_source=therecord\u0026utm_campaign=ticker"}],"Malware":[{"entity_type":"Malware","entity_id":"RIub6h","curr_heat_score":85,"name":"REMCOS RAT","summary":"Recent reports indicate a significant rise in the distribution and sophistication of Remcos RAT malware, which exploits vulnerabilities like CVE-2017-11882 through phishing emails containing malicious Microsoft Office documents, employing techniques such as script-based attacks and process injection to enable remote control and data theft from compromised systems.","remove_row":false,"link":"https://app.recordedfuture.com/live/sc/entity/RIub6h?utm_medium=web\u0026utm_source=therecord\u0026utm_campaign=ticker"},{"entity_type":"Malware","entity_id":"noAnDT","curr_heat_score":77,"name":"Play Ransomware","summary":"The Play ransomware group, known for its sophisticated tactics and exploitation of vulnerabilities in applications like FortiOS and Microsoft Exchange, has recently claimed responsibility for a significant cyberattack on Krispy Kreme, threatening to leak sensitive data stolen from the company within two days.","remove_row":false,"link":"https://app.recordedfuture.com/live/sc/entity/noAnDT?utm_medium=web\u0026utm_source=therecord\u0026utm_campaign=ticker"},{"entity_type":"Malware","entity_id":"nlflWX","curr_heat_score":72,"name":"LummaC2","summary":"LummaC2, an increasingly prevalent malware operating as a subscription-based service, has gained notoriety for its sophisticated capabilities in stealing sensitive information such as login credentials and cryptocurrency wallet data, with a reported surge in detections by nearly 400% in the latter half of 2024, often propagated through phishing schemes, fake CAPTCHA prompts, and malicious downloads targeting both Windows and macOS users.","remove_row":false,"link":"https://app.recordedfuture.com/live/sc/entity/nlflWX?utm_medium=web\u0026utm_source=therecord\u0026utm_campaign=ticker"},{"entity_type":"Malware","entity_id":"sp5mQW","curr_heat_score":71,"name":"HijackLoader","summary":"HijackLoader is a modular malware loader that has gained popularity among cybercriminals for delivering various payloads, including LummaC2 and information stealers like RedLine Stealer and Vidar Stealer, often utilizing techniques such as DLL sideloading and executable renaming to evade detection.","remove_row":false,"link":"https://app.recordedfuture.com/live/sc/entity/sp5mQW?utm_medium=web\u0026utm_source=therecord\u0026utm_campaign=ticker"},{"entity_type":"Malware","entity_id":"xCM2Hm","curr_heat_score":71,"name":"BugSleep","summary":"Recent intelligence indicates that the malware BugSleep, also referred to as MuddyRot, has been increasingly used by the Static Kitten group to target entities in Israel since July 2024.","remove_row":false,"link":"https://app.recordedfuture.com/live/sc/entity/xCM2Hm?utm_medium=web\u0026utm_source=therecord\u0026utm_campaign=ticker"},{"entity_type":"Malware","entity_id":"bLe-z4","curr_heat_score":70,"name":"SocGholish","summary":"Recent reports indicate that SocGholish, a sophisticated social engineering malware primarily distributed through fake software updates and malicious advertisements, has been actively targeting Kaiser Permanente employees to steal credentials, amidst a growing trend of ransomware attacks and evolving cyber threats in 2024.","remove_row":false,"link":"https://app.recordedfuture.com/live/sc/entity/bLe-z4?utm_medium=web\u0026utm_source=therecord\u0026utm_campaign=ticker"}],"ThreatActor":[{"entity_type":"ThreatActor","entity_id":"pFT6mi","curr_heat_score":82,"name":"Scattered Spider","summary":"Scattered Spider, a group of young hackers known for their disruptive social engineering tactics, has been linked to high-profile cyberattacks against companies like MGM and Caesars Entertainment, and recent law enforcement actions have led to multiple arrests, highlighting ongoing concerns about their phishing schemes and ransomware operations.","remove_row":false,"link":"https://app.recordedfuture.com/live/sc/entity/pFT6mi?utm_medium=web\u0026utm_source=therecord\u0026utm_campaign=ticker"},{"entity_type":"ThreatActor","entity_id":"I60vfZ","curr_heat_score":78,"name":"RedGolf","summary":"RedGolf, a Chinese state-sponsored hacking group, has been actively involved in cyber espionage and financially motivated cybercrime, employing sophisticated tactics to target high-profile organizations and government networks globally.","remove_row":false,"link":"https://app.recordedfuture.com/live/sc/entity/I60vfZ?utm_medium=web\u0026utm_source=therecord\u0026utm_campaign=ticker"},{"entity_type":"ThreatActor","entity_id":"O7NRMb","curr_heat_score":78,"name":"BlueBravo","summary":"BlueBravo has been actively targeting high-value victims through sophisticated spear phishing campaigns and exploiting rogue Remote Desktop Protocol (RDP) servers for cyber espionage, particularly against governmental and research entities in Europe and Ukraine.","remove_row":false,"link":"https://app.recordedfuture.com/live/sc/entity/O7NRMb?utm_medium=web\u0026utm_source=therecord\u0026utm_campaign=ticker"},{"entity_type":"ThreatActor","entity_id":"Jxyxnd","curr_heat_score":78,"name":"North Korean Hackers","summary":"Recent reports indicate that North Korean hackers, particularly the group TraderTraitor, have been implicated in a series of high-profile cryptocurrency thefts in 2024, including a $308 million heist from Japan's DMM Bitcoin exchange and a $50 million attack on Radiant Capital, raising significant concerns about cybersecurity within the digital finance sector.","remove_row":false,"link":"https://app.recordedfuture.com/live/sc/entity/Jxyxnd?utm_medium=web\u0026utm_source=therecord\u0026utm_campaign=ticker"},{"entity_type":"ThreatActor","entity_id":"nE1Nbn","curr_heat_score":74,"name":"NoName057(16)","summary":"The pro-Russian hacker group NoName057(16) has been actively conducting DDoS attacks against various government and infrastructure websites across several countries, including Italy, France, Belgium, Moldova, and Taiwan, claiming these actions as retaliation for perceived anti-Russian sentiments and support for Ukraine.","remove_row":false,"link":"https://app.recordedfuture.com/live/sc/entity/nE1Nbn?utm_medium=web\u0026utm_source=therecord\u0026utm_campaign=ticker"}]}},"briefs":[{"id":6345,"attributes":{"date":"2025-04-04T18:47:34.147Z","title":"Port of Seattle says 90,000 people impacted in 2024 ransomware attack","publishedAt":"2025-04-04T18:47:35.345Z","page":{"data":{"id":10901,"attributes":{"slug":"/port-of-seattle-says-90000-impacted-in-2024-ransomware-attack"}}}}},{"id":6343,"attributes":{"date":"2025-04-04T12:42:44.168Z","title":"Russia jails hacker for two years over cyberattack on local tech company","publishedAt":"2025-04-04T12:42:45.680Z","page":{"data":{"id":10899,"attributes":{"slug":"/russia-jails-hacker-over-cyberattack-on-tech-firm"}}}}},{"id":6342,"attributes":{"date":"2025-04-04T11:58:39.255Z","title":"Lawmakers seek to close loophole limiting Secret Service investigations into cyber laundering","publishedAt":"2025-04-04T11:58:45.407Z","page":{"data":{"id":10898,"attributes":{"slug":"/lawmakers-seek-to-close-secret-service-cyber-money-laundering-loophole"}}}}},{"id":6340,"attributes":{"date":"2025-04-03T23:21:31.595Z","title":"Texas city warns thousands of utility payment site breach","publishedAt":"2025-04-03T23:21:32.872Z","page":{"data":{"id":10896,"attributes":{"slug":"/texas-city-warns-thousands-of-utility-site-breach"}}}}},{"id":6337,"attributes":{"date":"2025-04-03T14:57:49.352Z","title":"Hackers hit Ukrainian state agencies, critical infrastructure with new ‘Wrecksteel’ malware","publishedAt":"2025-04-03T15:00:36.339Z","page":{"data":{"id":10893,"attributes":{"slug":"/hackers-ukraine-critical-infrastructure-malware"}}}}},{"id":6334,"attributes":{"date":"2025-04-02T15:15:26.448Z","title":"CSAM platform Kidflix shut down by international operation","publishedAt":"2025-04-02T15:15:34.367Z","page":{"data":{"id":10890,"attributes":{"slug":"/csam-platform-kidflix-shut-down-europol"}}}}},{"id":6327,"attributes":{"date":"2025-04-01T15:26:33.134Z","title":"Russia tightens cybersecurity measures as financial fraud hits record high","publishedAt":"2025-04-01T15:26:34.209Z","page":{"data":{"id":10882,"attributes":{"slug":"/russia-tightens-cyber-measures-as-fraud-hits-record-high"}}}}},{"id":6325,"attributes":{"date":"2025-04-01T12:51:12.056Z","title":"Digital disruptions continue for Russian transportation, this time at state railway","publishedAt":"2025-04-01T12:51:13.686Z","page":{"data":{"id":10880,"attributes":{"slug":"/russia-state-railway-rzd-ddos-website-app"}}}}},{"id":6324,"attributes":{"date":"2025-03-31T20:05:22.456Z","title":"Canadian hacker arrested for allegedly stealing data from Texas Republican Party","publishedAt":"2025-03-31T20:07:56.129Z","page":{"data":{"id":10879,"attributes":{"slug":"/canadian-hacker-arrested-texas-gop"}}}}}],"latestNewsItems":[{"id":6346,"attributes":{"date":"2025-04-04T21:22:49.900Z","title":"CISA warns of latest Ivanti firewall bug being exploited by suspected Chinese hackers","editor":{"data":{"id":25,"attributes":{"name":"Jonathan Greig"}}},"editors":{"data":[]},"page":{"data":{"id":10902,"attributes":{"slug":"/cisa-ivanti-firewall-bug-exploitation"}}},"image":{"id":6847,"alt":"Ivanti","caption":null,"desktop":{"data":{"id":6695,"attributes":{"name":"michael-dziedzic-O99bWwDMBa8-unsplash.jpg","alternativeText":"Ivanti","caption":null,"width":1085,"height":630,"formats":{"large":{"ext":".jpg","url":"/uploads/large_michael_dziedzic_O99b_Ww_DM_Ba8_unsplash_a9f4479abf.jpg","hash":"large_michael_dziedzic_O99b_Ww_DM_Ba8_unsplash_a9f4479abf","mime":"image/jpeg","name":"large_michael-dziedzic-O99bWwDMBa8-unsplash.jpg","path":null,"size":43.82,"width":1000,"height":581},"small":{"ext":".jpg","url":"/uploads/small_michael_dziedzic_O99b_Ww_DM_Ba8_unsplash_a9f4479abf.jpg","hash":"small_michael_dziedzic_O99b_Ww_DM_Ba8_unsplash_a9f4479abf","mime":"image/jpeg","name":"small_michael-dziedzic-O99bWwDMBa8-unsplash.jpg","path":null,"size":18.6,"width":500,"height":290},"medium":{"ext":".jpg","url":"/uploads/medium_michael_dziedzic_O99b_Ww_DM_Ba8_unsplash_a9f4479abf.jpg","hash":"medium_michael_dziedzic_O99b_Ww_DM_Ba8_unsplash_a9f4479abf","mime":"image/jpeg","name":"medium_michael-dziedzic-O99bWwDMBa8-unsplash.jpg","path":null,"size":30.57,"width":750,"height":435},"thumbnail":{"ext":".jpg","url":"/uploads/thumbnail_michael_dziedzic_O99b_Ww_DM_Ba8_unsplash_a9f4479abf.jpg","hash":"thumbnail_michael_dziedzic_O99b_Ww_DM_Ba8_unsplash_a9f4479abf","mime":"image/jpeg","name":"thumbnail_michael-dziedzic-O99bWwDMBa8-unsplash.jpg","path":null,"size":6.86,"width":245,"height":142}},"hash":"michael_dziedzic_O99b_Ww_DM_Ba8_unsplash_a9f4479abf","ext":".jpg","mime":"image/jpeg","size":47.46,"url":"/uploads/michael_dziedzic_O99b_Ww_DM_Ba8_unsplash_a9f4479abf.jpg","previewUrl":null,"provider":"local","provider_metadata":null,"createdAt":"2024-01-16T19:07:32.865Z","updatedAt":"2025-04-04T21:16:18.706Z"}}},"tablet":{"data":null},"mobile":{"data":null}}}},{"id":6344,"attributes":{"date":"2025-04-04T13:56:44.947Z","title":"Cybercriminals are trying to loot Australian pension accounts in new campaign","editor":{"data":{"id":33,"attributes":{"name":"Alexander Martin"}}},"editors":{"data":[]},"page":{"data":{"id":10900,"attributes":{"slug":"/cybercriminals-australia-hacking-campaign-pension"}}},"image":{"id":6845,"alt":"Australia dollar","caption":"Credit: Miles Burke / Pexels","desktop":{"data":{"id":8868,"attributes":{"name":"Aussiedollars.jpg","alternativeText":"Australia dollar","caption":"Credit: Miles Burke / Pexels","width":1085,"height":630,"formats":{"large":{"ext":".jpg","url":"/uploads/large_Aussiedollars_336351082c.jpg","hash":"large_Aussiedollars_336351082c","mime":"image/jpeg","name":"large_Aussiedollars.jpg","path":null,"size":149.99,"width":1000,"height":581,"sizeInBytes":149994},"small":{"ext":".jpg","url":"/uploads/small_Aussiedollars_336351082c.jpg","hash":"small_Aussiedollars_336351082c","mime":"image/jpeg","name":"small_Aussiedollars.jpg","path":null,"size":45.02,"width":500,"height":290,"sizeInBytes":45017},"medium":{"ext":".jpg","url":"/uploads/medium_Aussiedollars_336351082c.jpg","hash":"medium_Aussiedollars_336351082c","mime":"image/jpeg","name":"medium_Aussiedollars.jpg","path":null,"size":93.21,"width":750,"height":435,"sizeInBytes":93207},"thumbnail":{"ext":".jpg","url":"/uploads/thumbnail_Aussiedollars_336351082c.jpg","hash":"thumbnail_Aussiedollars_336351082c","mime":"image/jpeg","name":"thumbnail_Aussiedollars.jpg","path":null,"size":10.89,"width":245,"height":142,"sizeInBytes":10888}},"hash":"Aussiedollars_336351082c","ext":".jpg","mime":"image/jpeg","size":158.13,"url":"/uploads/Aussiedollars_336351082c.jpg","previewUrl":null,"provider":"local","provider_metadata":null,"createdAt":"2025-04-04T13:55:47.782Z","updatedAt":"2025-04-04T13:56:08.803Z"}}},"tablet":{"data":null},"mobile":{"data":null}}}},{"id":6343,"attributes":{"date":"2025-04-04T12:42:44.168Z","title":"Russia jails hacker for two years over cyberattack on local tech company","editor":{"data":{"id":12,"attributes":{"name":"Daryna Antoniuk"}}},"editors":{"data":[]},"page":{"data":{"id":10899,"attributes":{"slug":"/russia-jails-hacker-over-cyberattack-on-tech-firm"}}},"image":{"id":6843,"alt":"prison","caption":"Image: Tim Hufner via Unsplash","desktop":{"data":{"id":7679,"attributes":{"name":"jail-prison.jpg","alternativeText":"jail-prison","caption":"Image: Tim Hufner via Unsplash","width":1085,"height":632,"formats":{"large":{"ext":".jpg","url":"/uploads/large_jail_prison_6a0cef6881.jpg","hash":"large_jail_prison_6a0cef6881","mime":"image/jpeg","name":"large_jail-prison.jpg","path":null,"size":71.05,"width":1000,"height":582,"sizeInBytes":71047},"small":{"ext":".jpg","url":"/uploads/small_jail_prison_6a0cef6881.jpg","hash":"small_jail_prison_6a0cef6881","mime":"image/jpeg","name":"small_jail-prison.jpg","path":null,"size":22.41,"width":500,"height":291,"sizeInBytes":22405},"medium":{"ext":".jpg","url":"/uploads/medium_jail_prison_6a0cef6881.jpg","hash":"medium_jail_prison_6a0cef6881","mime":"image/jpeg","name":"medium_jail-prison.jpg","path":null,"size":43.27,"width":750,"height":437,"sizeInBytes":43273},"thumbnail":{"ext":".jpg","url":"/uploads/thumbnail_jail_prison_6a0cef6881.jpg","hash":"thumbnail_jail_prison_6a0cef6881","mime":"image/jpeg","name":"thumbnail_jail-prison.jpg","path":null,"size":7.04,"width":245,"height":143,"sizeInBytes":7044}},"hash":"jail_prison_6a0cef6881","ext":".jpg","mime":"image/jpeg","size":83.45,"url":"/uploads/jail_prison_6a0cef6881.jpg","previewUrl":null,"provider":"local","provider_metadata":null,"createdAt":"2024-07-12T13:19:09.807Z","updatedAt":"2025-04-04T12:42:34.898Z"}}},"tablet":{"data":null},"mobile":{"data":null}}}},{"id":6342,"attributes":{"date":"2025-04-04T11:58:39.255Z","title":"Lawmakers seek to close loophole limiting Secret Service investigations into cyber laundering","editor":{"data":{"id":25,"attributes":{"name":"Jonathan Greig"}}},"editors":{"data":[]},"page":{"data":{"id":10898,"attributes":{"slug":"/lawmakers-seek-to-close-secret-service-cyber-money-laundering-loophole"}}},"image":{"id":6842,"alt":"money","caption":"Image: Aidan Bartos via Unsplash","desktop":{"data":{"id":6967,"attributes":{"name":"aidan-bartos-v9rZ3Yz6fSg-unsplash.jpg","alternativeText":"money dollars","caption":"Image: Aidan Bartos via Unsplash","width":1085,"height":630,"formats":{"large":{"ext":".jpg","url":"/uploads/large_aidan_bartos_v9r_Z3_Yz6f_Sg_unsplash_a725b3172a.jpg","hash":"large_aidan_bartos_v9r_Z3_Yz6f_Sg_unsplash_a725b3172a","mime":"image/jpeg","name":"large_aidan-bartos-v9rZ3Yz6fSg-unsplash.jpg","path":null,"size":92.48,"width":1000,"height":581},"small":{"ext":".jpg","url":"/uploads/small_aidan_bartos_v9r_Z3_Yz6f_Sg_unsplash_a725b3172a.jpg","hash":"small_aidan_bartos_v9r_Z3_Yz6f_Sg_unsplash_a725b3172a","mime":"image/jpeg","name":"small_aidan-bartos-v9rZ3Yz6fSg-unsplash.jpg","path":null,"size":30.05,"width":500,"height":290},"medium":{"ext":".jpg","url":"/uploads/medium_aidan_bartos_v9r_Z3_Yz6f_Sg_unsplash_a725b3172a.jpg","hash":"medium_aidan_bartos_v9r_Z3_Yz6f_Sg_unsplash_a725b3172a","mime":"image/jpeg","name":"medium_aidan-bartos-v9rZ3Yz6fSg-unsplash.jpg","path":null,"size":58.18,"width":750,"height":435},"thumbnail":{"ext":".jpg","url":"/uploads/thumbnail_aidan_bartos_v9r_Z3_Yz6f_Sg_unsplash_a725b3172a.jpg","hash":"thumbnail_aidan_bartos_v9r_Z3_Yz6f_Sg_unsplash_a725b3172a","mime":"image/jpeg","name":"thumbnail_aidan-bartos-v9rZ3Yz6fSg-unsplash.jpg","path":null,"size":9.09,"width":245,"height":142}},"hash":"aidan_bartos_v9r_Z3_Yz6f_Sg_unsplash_a725b3172a","ext":".jpg","mime":"image/jpeg","size":108.62,"url":"/uploads/aidan_bartos_v9r_Z3_Yz6f_Sg_unsplash_a725b3172a.jpg","previewUrl":null,"provider":"local","provider_metadata":null,"createdAt":"2024-03-06T19:24:56.296Z","updatedAt":"2025-04-04T11:58:04.894Z"}}},"tablet":{"data":null},"mobile":{"data":null}}}},{"id":6340,"attributes":{"date":"2025-04-03T23:21:31.595Z","title":"Texas city warns thousands of utility payment site breach","editor":{"data":{"id":25,"attributes":{"name":"Jonathan Greig"}}},"editors":{"data":[]},"page":{"data":{"id":10896,"attributes":{"slug":"/texas-city-warns-thousands-of-utility-site-breach"}}},"image":{"id":6840,"alt":"texas flags","caption":"Image: Perry Merrity via Unsplash","desktop":{"data":{"id":8867,"attributes":{"name":"texas-flags.jpg","alternativeText":"texas","caption":"Image: Perry Merrity via Unsplash","width":1085,"height":611,"formats":{"large":{"ext":".jpg","url":"/uploads/large_texas_flags_de81b6491f.jpg","hash":"large_texas_flags_de81b6491f","mime":"image/jpeg","name":"large_texas-flags.jpg","path":null,"size":54.71,"width":1000,"height":563,"sizeInBytes":54708},"small":{"ext":".jpg","url":"/uploads/small_texas_flags_de81b6491f.jpg","hash":"small_texas_flags_de81b6491f","mime":"image/jpeg","name":"small_texas-flags.jpg","path":null,"size":19.62,"width":500,"height":282,"sizeInBytes":19616},"medium":{"ext":".jpg","url":"/uploads/medium_texas_flags_de81b6491f.jpg","hash":"medium_texas_flags_de81b6491f","mime":"image/jpeg","name":"medium_texas-flags.jpg","path":null,"size":35.09,"width":750,"height":422,"sizeInBytes":35087},"thumbnail":{"ext":".jpg","url":"/uploads/thumbnail_texas_flags_de81b6491f.jpg","hash":"thumbnail_texas_flags_de81b6491f","mime":"image/jpeg","name":"thumbnail_texas-flags.jpg","path":null,"size":6.75,"width":245,"height":138,"sizeInBytes":6754}},"hash":"texas_flags_de81b6491f","ext":".jpg","mime":"image/jpeg","size":62.93,"url":"/uploads/texas_flags_de81b6491f.jpg","previewUrl":null,"provider":"local","provider_metadata":null,"createdAt":"2025-04-03T23:20:35.767Z","updatedAt":"2025-04-03T23:20:35.767Z"}}},"tablet":{"data":null},"mobile":{"data":null}}}},{"id":6339,"attributes":{"date":"2025-04-03T18:19:34.164Z","title":"US, Australia, Canada warn of ‘fast flux’ scheme used by ransomware gangs","editor":{"data":{"id":25,"attributes":{"name":"Jonathan Greig"}}},"editors":{"data":[]},"page":{"data":{"id":10895,"attributes":{"slug":"/us-australia-canada-warn-of-fast-flux-ransomware-rusia"}}},"image":{"id":6839,"alt":"digital","caption":"Image: Ian Talmacs via Unsplash","desktop":{"data":{"id":8866,"attributes":{"name":"red-digital.jpg","alternativeText":"red digital","caption":"Image: Ian Talmacs via Unsplash","width":1085,"height":621,"formats":{"large":{"ext":".jpg","url":"/uploads/large_red_digital_f1b63748b1.jpg","hash":"large_red_digital_f1b63748b1","mime":"image/jpeg","name":"large_red-digital.jpg","path":null,"size":87.34,"width":1000,"height":572,"sizeInBytes":87340},"small":{"ext":".jpg","url":"/uploads/small_red_digital_f1b63748b1.jpg","hash":"small_red_digital_f1b63748b1","mime":"image/jpeg","name":"small_red-digital.jpg","path":null,"size":30.4,"width":500,"height":286,"sizeInBytes":30396},"medium":{"ext":".jpg","url":"/uploads/medium_red_digital_f1b63748b1.jpg","hash":"medium_red_digital_f1b63748b1","mime":"image/jpeg","name":"medium_red-digital.jpg","path":null,"size":57.54,"width":750,"height":429,"sizeInBytes":57541},"thumbnail":{"ext":".jpg","url":"/uploads/thumbnail_red_digital_f1b63748b1.jpg","hash":"thumbnail_red_digital_f1b63748b1","mime":"image/jpeg","name":"thumbnail_red-digital.jpg","path":null,"size":7.88,"width":245,"height":140,"sizeInBytes":7878}},"hash":"red_digital_f1b63748b1","ext":".jpg","mime":"image/jpeg","size":101.63,"url":"/uploads/red_digital_f1b63748b1.jpg","previewUrl":null,"provider":"local","provider_metadata":null,"createdAt":"2025-04-03T18:19:23.764Z","updatedAt":"2025-04-03T18:19:23.764Z"}}},"tablet":{"data":null},"mobile":{"data":null}}}},{"id":6338,"attributes":{"date":"2025-04-03T15:43:17.860Z","title":"Poland’s prime minister says cyberattack targeted his party as election nears","editor":{"data":{"id":12,"attributes":{"name":"Daryna Antoniuk"}}},"editors":{"data":[]},"page":{"data":{"id":10894,"attributes":{"slug":"/poland-prime-minister-cyber-targeted"}}},"image":{"id":6838,"alt":"Poland Donald Tusk","caption":"Credit: European Union","desktop":{"data":{"id":8865,"attributes":{"name":"Donald Tusk.jpg","alternativeText":"Poland Donald Tusk","caption":"Credit: European Union","width":1085,"height":631,"formats":{"large":{"ext":".jpg","url":"/uploads/large_Donald_Tusk_3383fabb2f.jpg","hash":"large_Donald_Tusk_3383fabb2f","mime":"image/jpeg","name":"large_Donald Tusk.jpg","path":null,"size":43.6,"width":1000,"height":582,"sizeInBytes":43600},"small":{"ext":".jpg","url":"/uploads/small_Donald_Tusk_3383fabb2f.jpg","hash":"small_Donald_Tusk_3383fabb2f","mime":"image/jpeg","name":"small_Donald Tusk.jpg","path":null,"size":16.16,"width":500,"height":291,"sizeInBytes":16161},"medium":{"ext":".jpg","url":"/uploads/medium_Donald_Tusk_3383fabb2f.jpg","hash":"medium_Donald_Tusk_3383fabb2f","mime":"image/jpeg","name":"medium_Donald Tusk.jpg","path":null,"size":28.95,"width":750,"height":436,"sizeInBytes":28952},"thumbnail":{"ext":".jpg","url":"/uploads/thumbnail_Donald_Tusk_3383fabb2f.jpg","hash":"thumbnail_Donald_Tusk_3383fabb2f","mime":"image/jpeg","name":"thumbnail_Donald Tusk.jpg","path":null,"size":6.04,"width":245,"height":142,"sizeInBytes":6037}},"hash":"Donald_Tusk_3383fabb2f","ext":".jpg","mime":"image/jpeg","size":42.4,"url":"/uploads/Donald_Tusk_3383fabb2f.jpg","previewUrl":null,"provider":"local","provider_metadata":null,"createdAt":"2025-04-03T15:42:12.737Z","updatedAt":"2025-04-03T15:42:31.381Z"}}},"tablet":{"data":null},"mobile":{"data":null}}}},{"id":6337,"attributes":{"date":"2025-04-03T14:57:49.352Z","title":"Hackers hit Ukrainian state agencies, critical infrastructure with new ‘Wrecksteel’ malware","editor":{"data":{"id":12,"attributes":{"name":"Daryna Antoniuk"}}},"editors":{"data":[]},"page":{"data":{"id":10893,"attributes":{"slug":"/hackers-ukraine-critical-infrastructure-malware"}}},"image":{"id":6837,"alt":"Ukraine MFA","caption":"Image: Enrico Strocchi / Flickr","desktop":{"data":{"id":8864,"attributes":{"name":"Ukraine MFA.jpg","alternativeText":"Ukraine MFA","caption":"Credit: Enrico Strocchi / Flickr","width":1085,"height":630,"formats":{"large":{"ext":".jpg","url":"/uploads/large_Ukraine_MFA_8a69358ef9.jpg","hash":"large_Ukraine_MFA_8a69358ef9","mime":"image/jpeg","name":"large_Ukraine MFA.jpg","path":null,"size":107.24,"width":1000,"height":581,"sizeInBytes":107243},"small":{"ext":".jpg","url":"/uploads/small_Ukraine_MFA_8a69358ef9.jpg","hash":"small_Ukraine_MFA_8a69358ef9","mime":"image/jpeg","name":"small_Ukraine MFA.jpg","path":null,"size":34.06,"width":500,"height":290,"sizeInBytes":34057},"medium":{"ext":".jpg","url":"/uploads/medium_Ukraine_MFA_8a69358ef9.jpg","hash":"medium_Ukraine_MFA_8a69358ef9","mime":"image/jpeg","name":"medium_Ukraine MFA.jpg","path":null,"size":66.9,"width":750,"height":435,"sizeInBytes":66900},"thumbnail":{"ext":".jpg","url":"/uploads/thumbnail_Ukraine_MFA_8a69358ef9.jpg","hash":"thumbnail_Ukraine_MFA_8a69358ef9","mime":"image/jpeg","name":"thumbnail_Ukraine MFA.jpg","path":null,"size":10.05,"width":245,"height":142,"sizeInBytes":10054}},"hash":"Ukraine_MFA_8a69358ef9","ext":".jpg","mime":"image/jpeg","size":111.72,"url":"/uploads/Ukraine_MFA_8a69358ef9.jpg","previewUrl":null,"provider":"local","provider_metadata":null,"createdAt":"2025-04-03T14:55:50.257Z","updatedAt":"2025-04-03T14:56:17.823Z"}}},"tablet":{"data":null},"mobile":{"data":null}}}},{"id":6336,"attributes":{"date":"2025-04-02T20:29:12.023Z","title":"Native tribe in Minnesota says cyber incident knocked out healthcare, casino systems","editor":{"data":{"id":25,"attributes":{"name":"Jonathan Greig"}}},"editors":{"data":[]},"page":{"data":{"id":10892,"attributes":{"slug":"/native-minnesota-tribe-says-cyber-incident-disrupted-healthcare-casino"}}},"image":{"id":6836,"alt":"casino","caption":"Image: Unsplash","desktop":{"data":{"id":8317,"attributes":{"name":"gambling-casino-slot.jpg","alternativeText":"gambling casino slot machine","caption":"Image: Unsplash","width":1085,"height":628,"formats":{"large":{"ext":".jpg","url":"/uploads/large_gambling_casino_slot_a18d50f80c.jpg","hash":"large_gambling_casino_slot_a18d50f80c","mime":"image/jpeg","name":"large_gambling-casino-slot.jpg","path":null,"size":63.27,"width":1000,"height":579,"sizeInBytes":63269},"small":{"ext":".jpg","url":"/uploads/small_gambling_casino_slot_a18d50f80c.jpg","hash":"small_gambling_casino_slot_a18d50f80c","mime":"image/jpeg","name":"small_gambling-casino-slot.jpg","path":null,"size":14.07,"width":350,"height":203,"sizeInBytes":14074},"medium":{"ext":".jpg","url":"/uploads/medium_gambling_casino_slot_a18d50f80c.jpg","hash":"medium_gambling_casino_slot_a18d50f80c","mime":"image/jpeg","name":"medium_gambling-casino-slot.jpg","path":null,"size":42,"width":750,"height":434,"sizeInBytes":42002},"thumbnail":{"ext":".jpg","url":"/uploads/thumbnail_gambling_casino_slot_a18d50f80c.jpg","hash":"thumbnail_gambling_casino_slot_a18d50f80c","mime":"image/jpeg","name":"thumbnail_gambling-casino-slot.jpg","path":null,"size":8.49,"width":245,"height":142,"sizeInBytes":8486}},"hash":"gambling_casino_slot_a18d50f80c","ext":".jpg","mime":"image/jpeg","size":63.59,"url":"/uploads/gambling_casino_slot_a18d50f80c.jpg","previewUrl":null,"provider":"local","provider_metadata":null,"createdAt":"2024-11-21T21:32:10.820Z","updatedAt":"2025-04-02T20:22:29.740Z"}}},"tablet":{"data":null},"mobile":{"data":null}}}}],"rfFeedArticles":[{"title":"2024 Malicious Infrastructure Report","link":"https://www.recordedfuture.com/research/2024-malicious-infrastructure-report","enclosure":{"url":"https://cms.recordedfuture.com/uploads/format_webp/2024_malicious_infrastructure_report_95f6761bdf.png","length":"0","type":"image/png"}},{"title":"Stimmen aus Moskau: Russian Influence Operations Target German Elections","link":"https://www.recordedfuture.com/research/stimmen-aus-moskau-russian-influence-operations-target-german-elections","enclosure":{"url":"https://cms.recordedfuture.com/uploads/format_webp/Main_Feature_65c13c676d.png","length":"0","type":"image/png"}},{"title":"RedMike (Salt Typhoon) Exploits Vulnerable Cisco Devices of Global Telecommunications Providers","link":"https://www.recordedfuture.com/research/redmike-salt-typhoon-exploits-vulnerable-devices","enclosure":{"url":"https://cms.recordedfuture.com/uploads/format_webp/Main_Feature_2_08af644e66.png","length":"0","type":"image/png"}},{"title":"Inside the Scam: North Korea’s IT Worker Threat","link":"https://www.recordedfuture.com/research/inside-the-scam-north-koreas-it-worker-threat","enclosure":{"url":"https://cms.recordedfuture.com/uploads/format_webp/Main_Feature_1_dd9f012ba7.png","length":"0","type":"image/png"}},{"title":"The Risk of a Taiwan Invasion Is Rising Fast","link":"https://www.recordedfuture.com/research/risk-taiwan-invasion-rising","enclosure":{"url":"https://cms.recordedfuture.com/uploads/format_webp/risk_taiwan_invasion_rising_953050d7fe.png","length":"0","type":"image/png"}},{"title":"TAG-124’s Multi-Layered TDS Infrastructure and Extensive User Base","link":"https://www.recordedfuture.com/research/tag-124-multi-layered-tds-infrastructure-extensive-user-base","enclosure":{"url":"https://cms.recordedfuture.com/uploads/format_webp/tag_124_multi_layered_TDS_infrastructure_extensive_user_base_420a021258.jpg","length":"0","type":"image/jpg"}},{"title":"2024 Annual Report","link":"https://www.recordedfuture.com/research/2024-annual-report","enclosure":{"url":"https://cms.recordedfuture.com/uploads/format_webp/2024_annual_report_46f62c51ea.jpg","length":"0","type":"image/jpg"}},{"title":"\"Crazy Evil\" Cryptoscam Gang: Unmasking a Global Threat in 2024","link":"https://www.recordedfuture.com/research/crazy-evil-cryptoscam-gang","enclosure":{"url":"https://cms.recordedfuture.com/uploads/format_webp/crazy_evil_cryptoscam_gang_329447bf75.jpg","length":"0","type":"image/jpg"}},{"title":"Annual Payment Fraud Intelligence Report: 2024","link":"https://www.recordedfuture.com/research/annual-payment-fraud-intelligence-report-2024","enclosure":{"url":"https://cms.recordedfuture.com/uploads/format_webp/annual_payment_fraud_Main_700596c9df.jpg","length":"0","type":"image/jpg"}},{"title":"Chinese State-Sponsored RedDelta Targeted Taiwan, Mongolia, and Southeast Asia with Adapted PlugX Infection Chain","link":"https://www.recordedfuture.com/research/reddelta-chinese-state-sponsored-group-targets-mongolia-taiwan-southeast-asia","enclosure":{"url":"https://cms.recordedfuture.com/uploads/format_webp/reddelta_chinese_state_sponsored_group_targets_mongolia_taiwan_southeast_asia_Main_d14be68739.jpg","length":"0","type":"image/jpg"}}],"previewMode":false},"__N_SSG":true},"page":"/[[...slug]]","query":{},"buildId":"7zZRTogRkYCZIPydVQ19Y","isFallback":false,"isExperimentalCompile":false,"gsp":true,"scriptLoader":[]}</script></body></html>