Mexico City has more government video cameras in public spaces than any other city in the Americas. With over 83,000 cameras, it’s like the city is auditioning for a reality show. Meanwhile, New York trails behind with a mere 71,000. Looks like Big Brother prefers tacos to pizza!

The Congressional Budget Office hack has left data exposed faster than a speeding budget bill. With hackers potentially sharing secrets like grandma’s cookie recipe, the CBO is now on high alert. It’s a reminder that even government offices face network threats, proving once again that cybersecurity is no joke!

Google’s latest Chrome 142 update doesn’t just bring new features but also fixes five security vulnerabilities. The star of the show? An out-of-bounds write bug in WebGPU with a CVSS score of 8.8, proving once again that even browsers can have midlife crises. Stay updated, stay safe!

Google is tackling review bombing with a new form for businesses to report fake negative reviews and extortion attempts. These scams involve threats of further reputation damage unless a ransom is paid. Meanwhile, Meta is embroiled in its own scandal, allegedly making billions from scam ads. It’s a wild world of digital deception!

InedibleOchotense, a Russia-linked group, spoofed ESET to launch phishing attacks on Ukraine, cleverly pairing real software with a sneaky backdoor. Their emails and Signal messages urged users to download “official threat removal software” from fake ESET domains, proving once again that even cybercriminals appreciate a good disguise.

ESET’s latest APT activity report reveals Russian state-sponsored groups, like Sandworm, expanding their cyberattacks on Ukraine’s grain sector. These destructive wiper attacks aim to cripple Ukraine’s war economy. Meanwhile, other Russian APTs, including Gamaredon, continue targeting Ukraine with a mix of cyberespionage and destructive tactics.

Operation Chargeback is the ultimate plot twist, featuring international cybercriminals who defrauded 4.3 million cardholders with €50 charges. These crafty con artists even used crime-as-a-service providers for shell companies. With suspects from seven countries, this is one blockbuster Europol and Eurojust won’t forget anytime soon.

Cybersecurity researchers have flagged a malicious Visual Studio Code extension with basic ransomware capabilities, allegedly created with AI—vibe-coded, if you will. Fortunately, this “test” extension, “susvsex,” targets a staging directory, but it’s a reminder to always be wary when installing new extensions.

The U.S. Congressional Budget Office has confirmed a cybersecurity incident potentially exposing sensitive data after a suspected foreign hacker breached its network. This breach is part of a series of cyber incidents targeting government agencies, adding a new chapter to the ongoing saga of digital cat-and-mouse games.

Account takeover attacks aren’t just knocking on your digital door; they’re bulldozing through. With global ATO fraud losses reaching over $13 billion in 2023, the financial hit is just the beginning. Embrace multi-factor authentication and Zero Trust principles to keep cybercriminals at bay and your reputation intact.

Clop Ransomware group has reportedly breached The Washington Post, claiming the newspaper neglected customer security. They’re threatening to spill the beans on their Tor leak site soon. Stay tuned for more drama than a soap opera, as Clop continues its cybercrime spree.

Gootloader JavaScript malware is back, teaming up with Vanilla Tempest for a villainous duet. Think of it as the cybercrime equivalent of a buddy cop movie, where the only thing getting arrested is your data. Beware the sneaky WOFF2 fonts and SEO tricks—Gootloader’s got more surprises than a magician at a hacker convention.

The Congressional Budget Office was hacked, potentially by foreign adversaries eyeing U.S. economic projections and budget analyses. It’s a cyber whodunit with international intrigue, but don’t worry, CBO’s on it like a hawk on a budget spreadsheet.

Sora 2 highlights the need for more regulations as its advanced capabilities enable the creation of eerily realistic videos, posing risks of deepfakes and fraud. Even experts struggle to spot these GenAI-generated illusions, leaving us wondering if we’re talking to a doctor or just a really convincing hologram.

The “susvsex” extension on Microsoft’s VS Code marketplace is the tech equivalent of a villain revealing their evil plan in a monologue. Despite its blatant ransomware functionality and AI-generated vibe, Microsoft initially left it up. Secure Annex calls it “AI slop,” proving even malicious software has room for improvement.

SonicWall’s recent breach was the handiwork of a mysterious nation-state threat actor who leveraged an API call to access firewall configuration backup files. The breach is a reminder of the growing trend of attackers exploiting exposed secrets such as API keys. While SonicWall has taken steps to strengthen defenses, cybersecurity concerns persist.

Cisco warns that a new attack variant is targeting Secure Firewall ASA and FTD devices. Exploiting vulnerabilities CVE-2025-20333 and CVE-2025-20362, this attack can cause unpatched devices to reload unexpectedly, leading to denial of service conditions. Cisco strongly advises updating to fixed software releases.

Nevada’s ransomware saga unfolded like a tech thriller, with a trojanized tool, a persistent hacker, and a 28-day recovery marathon. Instead of paying ransom, the state shelled out $259,000 in overtime to restore systems. The report highlights transparency in cybersecurity incidents—something as rare as a unicorn!

Google sounds the alarm on self-modifying AI malware. This new breed of malware uses AI to mutate and adapt in real-time, making it harder to detect. Dubbed “AI-in-the-loop,” it evolves during execution, marking a significant shift in cyber threats that even seasoned defenders might find challenging to tackle.

Cisco warned about a new attack variant targeting its firewalls, causing them to reload and leading to denial-of-service conditions. Despite patches, these firewalls have been under attack for months. Meanwhile, two critical bugs in Cisco Unified CCX software could allow attackers to execute commands with root privileges. Time to patch up, folks!