News You Should Know 2026 on

2026.04.21 News You Should Know

Tue, 21 Apr 2026 00:00:00 -0500

Geopolitics

Sweden blames Russian hackers for attempting ‘destructive’ cyberattack on thermal plant | TechCrunch - Sweden’s minister of civil defense, Carl-Oskar Bohlin, said during a press conference on Wednesday that the attempted attack happened in early 2025 and attributed the incident to hackers with “connections to Russian intelligence and security services.”

2026.04.14 News You Should Know

Tue, 14 Apr 2026 00:00:00 -0500

Iran intruders disrupting US water, energy facilities • The Register - “These PLCs were deployed across multiple US critical infrastructure sectors within a wide variety of industrial automation processes … Some of the victims experienced operational disruption and financial loss,” it continued. It’s also worth noting that the energy and utilities sector was the fifth-most targeted industry in the US last month, according to Check Point’s cyberattack tracking.

2026.04.07 News You Should Know

Tue, 07 Apr 2026 00:00:00 -0500

Trump wants to slash $707M from CISA’s budget • The Register - Trump’s 2027 spending plan says it will “refocus” CISA by “removing offices that are duplicative of existing and effective programs at the State and Federal level, such as certain targeted school safety programs.” Overall reduction to CISA budget will be $710M~

2026.03.31 News You Should Know

Tue, 31 Mar 2026 00:00:00 -0500

Supply Chains

1K+ cloud environments infected via Trivy attack • The Register - “That 1,000-plus downstream victims will probably expand into another 500, another 1,000, maybe another 10,000,” he continued. “And we know that these actors are collaborating with a number of other actors right now.”

LiteLLM infected with credential-stealing code via Trivy • The Register - Two versions of LiteLLM, an open source interface for accessing multiple large language models, have been removed from the Python Package Index (PyPI) following a supply chain attack that injected them with malicious credential-stealing code.

2026.03.24 News You Should Know

Tue, 24 Mar 2026 00:00:00 -0500

Japan to allow ‘proactive cyber-defense’ from October 1st • The Register - online the nation faces “the most complicated national security environment” since World War II, and because “society as a whole is proceeding with digitalization.”

Linux Foundation wants to shield FOSS devs from AI bug slop • The Register - “OpenSSF has the active resources needed to support numerous projects that will help these overworked maintainers with the triage and processing of the increased AI-generated security reports they are currently receiving.”

2026.03.17 News You Should Know

Tue, 17 Mar 2026 00:00:00 -0500

Iran

Iran plots ‘infrastructure warfare’ against US tech giants • The Register - Iran has reportedly designated Amazon, Google, IBM, Microsoft, Nvidia, Oracle, and Palantir facilities as legitimate targets of retaliatory strikes, according to an Al Jazeera report citing Iran’s state-affiliated Tasnim news agency. 29 locations in Bahrain, Israel, Qatar, and the United Arab Emirates that house offices, datacenters, and research facilities that Iran has set its sights on destroying. This comes a week after Iran said it deliberately targeted three AWS datacenters in the region.

2026.03.10 News You Should Know

Tue, 10 Mar 2026 00:00:00 -0500

Iran

Iran intelligence backdoored US bank, airport networks • The Register - Iranian Ministry of Intelligence and Security (MOIS) has been embedded in multiple US companies’ networks - including a bank, software firm, and airport, among others - since the beginning of February, with more activity in the days following the US and Israeli military strikes, according to security researchers. Plus, the compromised software company supplies its tech to defense and aerospace industries among others, and has a presence in Israel.

2026.03.03 News You Should Know

Tue, 03 Mar 2026 00:00:00 -0500

OpenAI: Chinese agent used ChatGPT for smear ops • The Register - Chinese Gov Agent using ChatGPT to plan smear campaigns, write situation reports. Interesting look into how bad guys are bad guying.

Perplexity Comet browser hole was exploitable via cal invite • The Register - The second thing is that we show that once the 1Password extension is installed in the Comet browser and is unlocked, we can actually instruct Comet to go to the extension URL and then hijack your 1Password account – full takeover of your 1Password account, which is the worst thing that can happen," said Bargury.

2026.02.26 News You Should Know

Thu, 26 Feb 2026 00:00:00 -0500

China remains embedded in US energy networks ‘for the purpose of taking it down’ - Three new threat groups began targeting critical infrastructure last year, while a well-known Beijing-backed crew - Volt Typhoon - continued to compromise cellular gateways and routers, and then break into US electric, oil, and gas companies in 2025. “Nothing that they were taking was useful for intellectual property,” Lee said. “Everything they were doing and learning was only useful for disrupting or causing destruction at those sites. Voltzite was embedded in that infrastructure for the purpose of taking it down.”

2026.02.17 News You Should Know

Tue, 17 Feb 2026 00:00:00 -0500

US lawyers file privacy class action against Lenovo • The Register - “When a user lands on the homepage of Website, [sic] the Website loads numerous first and third-party tracking implementations that measure and record user data,” it says, including the likes of TikTok, Facebook, Microsoft, and Google. This allows Lenovo to collect bulk personal data, it claims, and “Lenovo knowingly permits access to, or transfer of, such bulk US sensitive personal data to entities or persons that qualify as covered persons under the DOJ Rule, including its foreign parents that are directly or indirectly controlled by persons in China, such as the Lenovo Group.”

2026.02.10 News You Should Know

Tue, 10 Feb 2026 00:00:00 -0500

Nitrogen can’t unlock its own ransomware after coding error • The Register - Don’t rely on threat actors to be your backup, they may not even be able to unlock the data!

Microsoft Warns Python Infostealers Target macOS via Fake Ads and Installers - “They are typically distributed via phishing emails and collect login credentials, session cookies, authentication tokens, credit card numbers, and crypto wallet data.”

2026.02.03 News You Should Know

Tue, 03 Feb 2026 00:00:00 -0500

General

Vulnerability exploits now dominate intrusions • The Register - A functional proof-of-concept exploit for React2Shell began circulating online within 30 hours of disclosure, for example.

Fintech firm Marquis blames hack at firewall provider SonicWall for its data breach | TechCrunch - Marquis said it believes that its August 2025 ransomware attack happened because the company’s firewall service provider SonicWall had its own data breach that exposed critical security information about its customers’ firewalls.

2026.01.27 News You Should Know

Tue, 27 Jan 2026 00:00:00 -0500

ShinyHunters claims Okta customer breaches, leaks data • The Register - On Friday, the criminals leaked data allegedly stolen from market-intel broker Crunchbase, streaming platform SoundCloud, and financial-tech firm Betterment, and confirmed to The Register that they gained access to two of the three - Crunchbase and Betterment - by voice-phishing Okta single-sign-on codes.

2026.01.20 News You Should Know

Tue, 20 Jan 2026 00:00:00 -0500

DRAM shortage may drive firewall prices higher: analysts • The Register - Reports last week out of the Korea Economic Daily stated two of the country’s producers of DRAM are planning to raise prices by up to 70 percent this quarter. When combined with the 50 percent increase during 2025, the price of memory could double in cost year-over-year by mid-2026.

2026.01.13 News You Should Know

Tue, 13 Jan 2026 00:00:00 -0500

Resecurity traps cybercrim in honeypot • The Register - “In our scenario, our goal was to allow the threat actor to conduct activity and feed them with synthetic data to observe their attack path and infrastructure,” the Resecurity team wrote. It Worked.

Stalkerware maker pleads guilty to sale of snooping software • The Register - Fleming is due to be sentenced later this year, when he’ll be facing up to 15 years in prison, a fine of $250,000, forfeiture of all property that was involved in the offense, and additional penalties.

2026.01.06 News You Should Know

Tue, 06 Jan 2026 00:00:00 -0500

Crims punish Wired subscribers by publishing personal info • The Register - The current leak is centered around readers of Wired magazine. The miscreants published 2.3 million emails, which had the names of 285,000 subscribers, 108,000 home addresses, and 32,000 phone numbers.

Have I Been Pwned: Check if your email address has been exposed in a data breach - Use this. Sign up your family. Use unique passwords in a password manager.