An attack against Salesforce between August 8 and August 18 targeting data through its Salesloft Drift app “is more extensive than at first thought.” The attack targeted numerous Salesforce customers “systematically...more
On August 27, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) issued a Cybersecurity Advisory entitled “Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage...more
On August 15, 2025, a bipartisan coalition of 37 state Attorneys General, led by Georgia Attorney General Chris Carr and New Mexico Attorney General Raul Torrez, sent a letter to Instagram requesting that it make “immediate...more
Researchers at Arizona State University and Citizen Lab have discovered that three families of Android VPN applications, used by millions of people worldwide, are related and owned by companies or individuals located in...more
In this line of work, I am often asked if law enforcement is ever successful in finding and punishing the threat actors who have wreaked havoc on U.S. businesses and stolen millions of dollars in ransomware attacks. I am so...more
8/14/2025
/ Criminal Investigations ,
Cryptocurrency ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Department of Homeland Security (DHS) ,
Digital Assets ,
FBI ,
Investigations ,
Law Enforcement ,
Ransomware
In a ruling issued on June 18, 2025, in Purl v. Department of Health and Human Services, Docket No. 2:24-cv-00228-Z, Doc. 110 (N.D. Tex. 2025), the District Court for the Northern District of Texas largely vacated the privacy...more
On August 4, 2025, Illinois Governor JB Pritzker signed the Wellness and Oversight for Psychological Resources Act into law, which went into immediate effect, and “prohibits anyone from using AI to provide mental health and...more
Threat actors continue to exploit ToolShell to gain unauthorized access to on-premises SharePoint servers. On August 6, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released a malware analysis report...more
On July 24, 2025, during a public meeting following public comment, the California Privacy Protection Agency (CPPA) Board unanimously approved amendments to the California Consumer Privacy Act (CCPA). These substantial...more
Current and former students at Lawrence High School and Free State High School, located in Lawrence, Kansas, have sued the school district, alleging that its use of an AI surveillance tool violates their privacy....more
On August 1, 2025, a California federal jury found that Meta violated the California Invasion of Privacy Act (CIPA) by collecting data from the Flo Health app without the consent of the individuals who downloaded the app and...more
On July 24, 2025, the California Privacy Protection Agency (CPPA) Board unanimously approved amendments to the California Consumer Privacy Act (CCPA). These substantial changes include new compliance obligations for...more
On July 29, 2025, the Cybersecurity & Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation, Canadian Centre for Cyber Security, Royal Canadian Mounted Police, the Australian Cyber Security...more
We have repeatedly warned our readers about the risks associated with TikTok. We are reminding our readers that the popular Temu app raises the same concerns....more
Following in the footsteps of almost two dozen attorneys general in other states, Kentucky Attorney General Russell Coleman filed a lawsuit on July 17, 2025, against Chinese online shopping platform Temu, alleging that it...more
On July 24, 2025, the White House released the “White House AI Action Plan,” which includes over 90 policy actions focused on accelerating innovation, building AI infrastructure, and increasing international diplomacy around...more
Microsoft has confirmed that vulnerabilities in its on-premises SharePoint Server installations, a network spoofing vulnerability (CVE-202549706), and a remote code execution vulnerability (CVE-2025-49704) are being actively...more
In the wake of the recent July 4th flooding tragedy in Texas, scammers and criminals are reaching out to victims to take advantage of their vulnerability. Unfortunately, this is not the first time criminals have used natural...more
If you own an electric vehicle, keep an eye on cybersecurity issues that may affect your car and its accessories. You wouldn’t think that an electric vehicle charger could include a vulnerability that allows threat actors to...more
According to Cybersecurity Dive, “Americans lost $16.6 billion to cyber fraud and internet crimes last year (2024), up 33% from the previous year. Phishing, spoofing and extortion topped the list of complaints, but investment...more
The SafePay ransomware group has been active since fall 2024 and has increased its activity this spring and summer. According to NCC Group, SafePay hit the most victims of any threat actor in May 2025—it is linked to 248...more
Malwarebytes recently reported that it has found scammers hijacking websites of name brands, including banks, software companies, and social media platforms to trick victims into calling a fraudulent telephone number instead...more
Incogni recently issued its “Gen AI and LLM Data Privacy Ranking 2025” where it “delved deep into the most popular LLMs and developed a set of 11 criteria for assessing data privacy risks associated with advanced machine...more
On June 27, 2025, the Federal Bureau of Investigation (FBI) issued a warning on X to the airline and transportation sectors that the notorious cyber criminal ring Scattered Spider is attacking those sectors....more
On June 30, 2025, a Joint Advisory was issued by the National Security Agency, the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation and the Department of Defense Cyber Crime Center issued...more