Illinois Representative Delia Ramirez has been appointed as the top Democrat on the House Homeland Security Committee's Cybersecurity and Infrastructure Protection Subcommittee, replacing Eric Swalwell following his resignation from Congress.
Security vendor Noma disclosed 'GrafanaGhost,' an indirect prompt injection vulnerability in Grafana's AI assistant that could silently exfiltrate user data. Grafana has since patched the underlying image renderer flaw.
Russia's APT28 has been silently intercepting internet traffic at government and critical infrastructure targets worldwide since at least 2024, exploiting old bugs in SOHO routers and tweaking a single DNS setting to steal credentials.
Chainguard has launched Factory 2.0, a rebuilt platform that uses agentic reconciliation bots and a controller/reconciler model to continuously harden open source artifacts across containers, libraries, GitHub Actions, and AI agent skills.
Pluralsight has unveiled SecureReady, an end-to-end security skill development platform combining on-demand content, hands-on labs, and expert seminars to help organizations build operationally ready cybersecurity teams.
Niobium has unveiled The Fog, a private cloud infrastructure platform that keeps data encrypted throughout computation using fully homomorphic encryption. The platform enters private beta now, with a public launch targeted for late Q2 2026.
The fallout from TeamPCP's supply chain campaign continues to grow, with Mercor and the European Commission disclosing breaches while ShinyHunters and Lapsus$ claim stolen data and a new ransomware alliance raises the threat further.
HackerOne suspended new vulnerability submissions to its Internet Bug Bounty program on March 27, citing a deepening imbalance between AI-accelerated bug discovery and the capacity of open source maintainers to fix reported flaws.
Iranian-affiliated threat actors are actively attacking Internet-facing OT devices across US energy, water, and government sectors, causing operational disruption and financial losses, according to a joint CISA advisory.
Brazilian threat group Water Saci, also known as Augmented Marauder, is running a wormable email campaign deploying the Casbaneiro banking Trojan against Spanish-speaking targets across Latin America and Spain.