Security Wire
A curated security and critical-infrastructure wire, filtered through an Irish and EU lens. It pulls a basket of security-news sources and surfaces the slice touching sovereignty-relevant infrastructure — energy, health, telecom and subsea cable, water, government, finance and transport — dropping the global firehose.
-
Global Government
County Government Reportedly Paid $1 Million to Cyber Extortion Group
A U.S. county government reportedly paid $1 million to a cyber extortion group to prevent release of stolen sensitive data.
-
Global Finance
RedWing MaaS Packages Android Bank Fraud as a Telegram Rental Service
RedWing malware-as-a-service on Telegram enables low-skill criminals to steal banking credentials and authentication codes from Android users' devices across potentially affected EU financial systems.
-
Global Energy & Grid
The GitHub Actions Attack Pattern Your CI Security Scanners Miss
GitHub Actions workflows can evade traditional CI security scanners, leaving development pipelines vulnerable despite passing security checks.
-
Global Government
CISA Reportedly Using Anthropic’s Mythos to Scan Government Software for Flaws
US cybersecurity agency CISA is reportedly using Anthropic's AI tool to scan government software for vulnerabilities as part of its attack surface evaluation programme.
-
Global Finance
UK cyber pledge draws only a handful of top firms despite ministerial appeal
UK government's cybersecurity pledge attracts limited uptake from major firms, with only Aviva, London Stock Exchange Group and Marks & Spencer among signatories.
-
Global Government
Webinar tomorrow: Why modern email attacks require a new approach to defense
Upcoming webinar examines how behavioral AI can improve detection of sophisticated phishing and business email compromise attacks while reducing security alert fatigue.
-
Global Energy & Grid
Siemens Mendix Studio Pro
Siemens released patches for Mendix Studio Pro vulnerability allowing arbitrary code execution through malicious project files during build processes.
-
Global Energy & Grid
What Changes When Your Software Supply Chain Includes AI Writing Your Code?
AI-generated code in software supply chains creates new security risks alongside traditional dependency vulnerabilities, complicating verification processes for enterprises.
-
Global Government
Iran-Linked Hackers Use New Cavern C2 Framework to Target Israeli Organizations
Iranian state-linked hackers deployed a new command-and-control framework targeting Israeli IT providers and government sectors, according to cybersecurity researchers.
-
Global Health
Major medical device manufacturer notifies nearly 4 million of breach
Medical device manufacturer breached, affecting nearly 4 million people's Social Security numbers and health data; company reports no public disclosure evidence.
-
Global Government
Armored Likho APT Targeting Government, Electric Power Entities
Armored Likho APT group targets government and electric power sector entities using modular remote access trojans and information-stealing malware for financial gain and espionage.
-
Global Energy & Grid
Suspected China-Nexus Hackers Use Fake Indian Tax Filing Utility to Deploy DcRAT
China-linked hackers deployed malware disguised as an Indian tax utility to target taxpayers and finance professionals, attempting to steal sensitive data via remote access trojan.
-
Global Telecom & Subsea
New TrojPix Attack Leaks Data From Air-Gapped Systems via Video Cable Emissions
Researchers demonstrate TrojPix attack extracting data from isolated computers via imperceptible pixel manipulation and video cable emissions, requiring prior malware infection.
-
Global Government
U.S. Government Entity Paid Kairos $1 Million in Data-Theft Extortion Case
US federal agency paid $1 million to data-theft extortionists calling themselves Kairos to prevent leak of stolen files, according to blockchain analysis.
-
Global Energy & Grid
Armored Likho Targets Government Agencies, Power Sector with BusySnake Stealer
Threat actor Armored Likho deployed BusySnake stealer against government agencies and power sector entities in Russia, Brazil, and Kazakhstan, combining financial fraud with espionage operations.
-
Global Government
European Parliament Member Investigating Spyware Was Hacked With Pegasus
Former EU Parliament member investigating Pegasus spyware was targeted with the same surveillance tool while serving on an oversight committee examining its misuse.
-
Global Government
Spyware found on phone of European Parliament member probing it
European Parliament member Stelios Kouloglou, who investigated commercial spyware misuse, was infected twice with Pegasus spyware while serving on the investigative committee.
-
Global Health
Medtronic notifies customers impacted by ShinyHunters data breach
Medtronic has notified customers of a data breach exposing personal information, with potential implications for EU healthcare infrastructure dependent on the device manufacturer.
-
Global Transport & Ports
Unpatched Argo CD Repo-Server Flaw Could Let Attackers Take Over Kubernetes Clusters
Unpatched vulnerability in Argo CD repo-server allows unauthenticated code execution and potential Kubernetes cluster takeover; no fix currently available.
-
Global Finance
Ousaban Banking Trojan Targets Iberian Bank Users with Fake PDF Lures
Ousaban banking trojan targets Spanish and Portuguese bank users via phishing PDFs; EU financial infrastructure threatened by Brazil-linked malware campaign.
-
Global Government
US lifts export controls on Anthropic’s frontier cybersecurity AI models
US removes export restrictions on Anthropic's advanced AI cybersecurity models following government agreements, potentially expanding the company's reach to international markets including the EU.
-
Global Energy & Grid
Frangoteam FUXA SCADA/HMI
Frangoteam FUXA SCADA/HMI contains a vulnerability allowing unauthenticated remote attackers to enumerate user accounts and role assignments on industrial control systems.
-
Global Government
Mustang Panda Uses Zoho WorkDrive as Command Channel in Indian Government Attacks
China-linked hacking group Mustang Panda exploited Zoho WorkDrive to command malware in Indian government and hydropower sector networks.
-
Global Finance
Lessons for life: Why children’s data is a long-term identity risk
Children's early data breaches pose long-term identity theft risks; experts advise parents on protecting minors' digital information from collection and misuse.
-
Global Water
This month in security with Tony Anscombe – May 2026 edition
Polish water treatment facilities suffered cyberattacks; Google identified first AI-generated zero-day exploit; AI-directed attacks failed against Mexican infrastructure.
-
Global Government
GopherWhisper: A burrow full of malware
ESET researchers identified GopherWhisper, a China-aligned advanced persistent threat group targeting Mongolian government institutions with malware.
-
Global Energy & Grid
DynoWiper update: Technical analysis and attribution
ESET researchers provide technical analysis of DynoWiper malware used in a data destruction attack against a Polish energy sector company.
-
Global Energy & Grid
ESET Research: Sandworm behind cyberattack on Poland’s power grid in late 2025
ESET researchers attribute a cyberattack on Poland's power grid in late 2025 to Russian state-sponsored group Sandworm, involving previously undocumented data-wiping malware.
-
Global Government
LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan
ESET researchers identified China-aligned APT group LongNosedGoblin targeting Southeast Asian and Japanese government networks using Group Policy for cyberespionage tool deployment.
Headlines, short summaries and links only — full articles remain with their publishers, and each item links back to the source. Aggregated automatically; classification is keyword-derived and may miss or mislabel. Independent, no images, no tracking.