SCOOP: Hackers breached CISA's systems last month through Ivanti vulnerabilities, forcing the agency to take its IP Gateway and Chemical Security Assessment Tool (CSAT) offline. The agency wouldn't say who was behind the attack or if data was stolen.

RT @blackorbird: Attacker IP addresses Update #toolshell.

RT @CyberScamWatch: CAMBODIA: Police raid property in Borey Highland, Sen Sok District, Phnom Penh. 24 Chinese and 4 Japanese arrested. Amo….

RT @0x534c: #ToolShell #Warlock 🚨 KQLWizard intel update: Storm-2603 exploited CVE-2025-53770 on 4 internet-facing SharePoint servers on 22….

RT @TheRecord_Media: California’s privacy agency on Thursday greenlit controversial new rules dictating how to regulate AI used by the priv….

RT @UjlakiMarci: 🟥 CVE-2025-41240, CVSS: 10.0 (#Critical, #Highest). Bitnami Helm charts, #VMware. Vulnerability allows unauthenticated….

RT @Comparitech: ‼️Town of North Providence 🇺🇸confirms data breach of 1.8K people following a cyber attack in May '25. #Ransomware gang Me….

RT @Shadowserver: Thanks to a scan conducted by @leak_ix, we have shared SharePoint IPs confirmed vulnerable to CVE-2025-53770, CVE-2025-5….

RT @HunterMapping: 🚨Alert🚨 :CVE-2025-2775&CVE-2025-2776&CVE-2025-2777 : Three Unauthenticated XML External Entity (XXE) Vulnerabilities in….

RT @a_greenberg: Basic web bugs exposed virtually all user data held by Airportr, a premium luggage pickup service used by 10 airlines. Dat….

RT @TheRecord_Media: Trump's nominee to lead @CISAgov got a mostly warm reception from the Senate panel tasked with advancing his nominatio….

EPA said they are not affected. State Department said it is investigating. No other agencies responded to requests for comment.

Federal agencies confirmed to suffer incidents include.- Dept. of Energy's National Nuclear Security Administration.- Dept. of HHS's National Institutes of Health. DHS declined to confirm NextGov reporting of a breach but said "there is no evidence of data exfiltration at DHS".

Microsoft said the Chinese hackers are using the Warlock ransomware as part of the #ToolShell campaign.

RT @GreyNoiseIO: A vulnerability in a Signal-based enterprise messaging app could expose plaintext usernames and passwords via an unauthent….

RT @CyversAlerts: 🚨ALERT🚨Our system has detected multiple suspicious transactions with an estimated loss of more than $12M involving @_WOO_….

RT @CISACyber: ⚠️ @CISAgov issued six NEW public #ICS advisories. These advisories provide info about current security issues, vulnerabilit….

RT @TheRecord_Media: China-linked hackers are now deploying a relatively new strain of ransomware in attacks that exploit Microsoft SharePo….

RT @GreyNoiseIO: An unexpected cluster of malicious IPs in a remote U.S. town led GreyNoise researchers to uncover a 500+ device botnet. Fu….

RT @S0ufi4n3: Exploit module for Microsoft SharePoint ToolPane Unauthenticated RCE (CVE-2025-53770 and CVE-2025-53771). .

RT @TheRecord_Media: The FBI released alerts about subgroups of the hacking collective known as 'the Com,' warning of cryptocurrency theft,….