The report focuses on DOGE’s activities at the General Services Administration (GSA), Office of Personnel Management (OPM), and Social Security Administration (SSA), revealing multiple instances of potential cybersecurity violations.

Threat actors are increasingly adopting stealthy and unconventional techniques inspired by the Chinese APT group Salt Typhoon, which previously infiltrated major telecommunications providers.

A cyberattack on MySonicWall.com has resulted in unauthorized access to customer firewall configuration files. Hackers conducted a series of brute-force attacks on individual accounts to access backup firewall preference files stored in the cloud.

Google has released its September 2025 Android security update, addressing a record-breaking 120 vulnerabilities. Notably, the update patches two actively exploited zero-day vulnerabilities affecting the Android kernel and runtime components.

U.S. authorities have charged Ianis Aleksandrovich Antropenko, a Russian national, with multiple felonies related to the deployment of Zeppelin ransomware from 2018 to 2022. The charges include conspiracy to commit computer fraud and abuse.

Researchers have identified PromptLock, the first known AI-powered ransomware, written in Golang. This malware leverages prompt injection attacks on large language models (LLMs) to execute ransomware functions.

The breach, attributed to alleged Russian hackers, exploited vulnerabilities that had remained unpatched for five years, with unauthorized access dating back to at least July. The breach compromised highly sensitive information.

A surge in cyberespionage activity has been observed from the Chinese state-sponsored Silk Typhoon, also known as Murky Panda. The group has intensified its targeting of government, technology, legal sectors in North America.

Authorities disrupted the Rapper Bot DDoS botnet, one of the most powerful DDoS botnets to date. The botnet, active since at least 2021, was responsible for over 370,000 attacks targeting 18,000 unique victims across 1,000 autonomous systems.

The March 2025 executive order focuses on state and local preparedness, including for cyberattacks. The June 2025 executive order introduces sweeping changes to federal cybersecurity policy.