A Nigerian national, Chukwuemeka Victor Amachukwu, was extradited from France to the US to face charges related to a multi-year cyber-enabled fraud campaign. The scheme involved spearphishing attacks, identity theft, and fraudulent filings.

China has accused U.S. intelligence agencies of conducting cyberattacks on two Chinese military enterprises, including the exploitation of a Microsoft Exchange zero-day vulnerability.

Federal cybersecurity officials are continuing to assess the strategic threat posed by the Chinese state-sponsored threat actor Volt Typhoon, which has infiltrated U.S. critical infrastructure networks, including systems on the island of Guam.

The FBI has issued a series of public service announcements (PSAs) warning about “The Com,” a rapidly growing and decentralized cybercriminal network composed primarily of minors and young adults aged 11 to 25.

Two critical zero-day vulnerabilities in Microsoft SharePoint—CVE-2025-53770 and CVE-2025-53771—are being actively exploited by China-linked threat actors Linen Typhoon, Violet Typhoon, and Storm-2603.

Arizona election officials reported a cyberattack on the state’s online candidate portal, where attacker(s) replaced candidate photos with images of the late Iranian Ayatollah Ruhollah Khomeini.

Karen Serobovich Vardanyan, a 33-year-old Armenian national, has been extradited to the United States and charged for his alleged involvement in Ryuk ransomware attacks that occurred between March 2019 and September 2020.

Researchers identified critical vulnerabilities in Grok 4, particularly when deployed without system-level security prompting. The model was found to be highly susceptible to prompt injection attacks and capable of generating harmful content.

The U.S. Department of the Treasury has imposed sanctions on individuals and entities involved in a North Korean IT worker scheme designed to covertly fund DPRK weapons of mass destruction and ballistic missile programs.

A China-linked threat actor, UNC5174, exploited three Ivanti CSA zero-days (CVE-2024-8190, CVE-2024-8963, CVE-2024-9380) to target French critical infrastructure sectors from September to November 2024.