Latest news as of 5/20/2026, 12:47:29 PM
The Register
Security pros question assurances as company offers staff credit monitoring Wynn Resorts has confirmed that employee data was stolen from its servers, and is taking the hackers' word that they've since deleted it.…
Dark Reading
ICS/OT experts have devised a scoring system for rating the severity and effects of cybersecurity events in operational technology environments.
The Hacker News
Why automating sensitive data transfers is now a mission-critical priority More than half of national security organizations still rely on manual processes to transfer sensitive data, according to The CYBER360: Defending the Digital Battlespace report. This should alarm every defense and government leader because manual handling of sensitive data is not just inefficient, it is a systemic
Bleeping Computer
The U.S. Treasury Department has sanctioned a Russian exploit broker who bought stolen hacking tools from a former executive of a U.S. defense contractor. [...]
The Register
Note to secret agents: ChatGPT is NOT a private diary A ChatGPT user with links to Chinese law enforcement tried to use the AI chatbot to run smear campaigns targeting the Japanese prime minister and other critics of the Chinese Communist Party, according to OpenAI's latest report on malicious uses of its models.…
Graham Cluley
Amid a privacy backlash, a US $10,000 reward has been offered for anyone who can find a way to run Ring doorbell cameras locally, cutting off the flow of video data to Amazon's servers. Read more in my article on the Hot for Security blog.
The Hacker News
A 39-year-old Australian national who was previously employed at U.S. defense contractor L3Harris has been sentenced to a little over seven years in prison for selling eight zero-day exploits to Russian exploit broker Operation Zero in exchange for millions of dollars. Peter Williams pleaded guilty to two counts of theft of trade secrets in October 2025. In addition to the jail term, Williams
Bleeping Computer
The former head of Trenchant, a specialized U.S. defense contractor unit, was sentenced Tuesday to more than seven years in federal prison for stealing and selling zero-day exploits to a Russian exploit broker whose clients include the Russian government. [...]
The Hacker News
SolarWinds has released updates to address four critical security flaws in its Serv-U file transfer software that, if successfully exploited, could result in remote code execution. The vulnerabilities, all rated 9.1 on the CVSS scoring system, are listed below - CVE-2025-40538 - A broken access control vulnerability that allows an attacker to create a system admin user and execute arbitrary
Have I Been Pwned
In October 2025, that exposed almost 42M records. The data contained 38M unique email addresses along with names, phone numbers and physical addresses. Passwords were stored as PBKDF2 hashes and for a subset of records, dates of birth and partial credit card data were also included (card type, expiry and masked card number). In , Canadian Tire advised that the incident did not impact bank account information or loyalty program data. retailer Canadian Tire was the victim of a data breach its disclosure notice