Espresso

Sign in Subscribe

CISA

Medusa Ransomware: North Korea's $15M Hospital Shakedown

Medusa Ransomware: North Korea's $15M Hospital Shakedown

TL;DR * Lazarus Group deploys Medusa ransomware against U.S. healthcare and Middle East targets, leveraging Blindingcan and ChromeStealer * ShinyHunters breach CarGurus, compromising 12.6 million accounts with personal data including addresses and phone numbers * CISA mandates federal agencies to inventory and decommission unsupported edge devices within 90 days under

CISA rushes Ivanti patch, VS Code loots keys, Docker Gordon RCE, Aussie API leak

CISA rushes Ivanti patch, VS Code loots keys, Docker Gordon RCE, Aussie API leak

TL;DR * Ivanti EPMM Critical Vulnerabilities (CVE-2026-1281) Actively Exploited, 1,400+ Instances Exposed * Open VSX Supply Chain Attack Compromises 22,000+ Downloads with macOS Infostealer Malware * DockerDash Flaw Enables Prompt Injection in Ask Gordon AI Assistant, Leading to Data Exfiltration * Australian Furniture Company Data Leak Sells 48,000 Records on

CISA leaks, Android bricks, Brazil theft drops 45%

CISA leaks, Android bricks, Brazil theft drops 45%

TL;DR * CISA Acting Head Madhu Gottumukkala Under Scrutiny for Uploading Sensitive Docs to ChatGPT * Android expands Theft Protection with granular authentication lockouts and remote locking * Microsoft KB5074109 Update Causes Windows 11 Boot Failures, Partial Rollback Initiated 🤦 CISA Leaks Own Files to ChatGPT, DHSChat Ignored CISA’s acting chief just

Cyber Under Siege: CISA Cuts, Apple CPU Leaks, Ransomware Surge & Quantum Prep—Who’s Protecting Us?

Cyber Under Siege: CISA Cuts, Apple CPU Leaks, Ransomware Surge & Quantum Prep—Who’s Protecting Us?

TL;DR * CISA Workforce Reduced by 30% Amid Trump Administration Layoffs, Sparking Congressional Concerns Over Cybersecurity Readiness * Researchers Exploit Memory Reordering in Apple M3 and X86 CPUs to Achieve 30K Bits/Sec Covert Channel, Uncovered in University Study * NordStellar Reports 45% Surge in Ransomware Incidents in 2025, with US Leading

China-linked APT UAT-8837 Exploits Zero-Day to Hijack Critical Infrastructure; Iran Spoofs GPS to Sabotage Starlink; ICE Leak Exposes Surveillance Machine; AI Code Agents Generate 69 Flaws; Copilot Leaks Chat History via One-Click URL

China-linked APT UAT-8837 Exploits Zero-Day to Hijack Critical Infrastructure; Iran Spoofs GPS to Sabotage Starlink; ICE Leak Exposes Surveillance Machine; AI Code Agents Generate 69 Flaws; Copilot Leaks Chat History via One-Click URL

TL;DR * UAT-8837 APT actor exploits CVE-2025-53690 zero-day to compromise North American critical infrastructure via credential harvesting and Earthworm malware * Iranian state actors jam Starlink terminals using GPS spoofing, disrupting satellite connectivity for 24 minutes per session and degrading bandwidth to 10% in targeted regions * ICE whistleblower leak exposes 4,

OpenAI, Trend Micro, HPE, and Microsoft Patch Critical Zero-Click and RCE Vulnerabilities Amid Surge in Telecom and Cloud Exploits

OpenAI, Trend Micro, HPE, and Microsoft Patch Critical Zero-Click and RCE Vulnerabilities Amid Surge in Telecom and Cloud Exploits

TL;DR * OpenAI patches ZombieAgent and ShadowLeak vulnerabilities in ChatGPT connectors, enabling zero-click exfiltration of Gmail, GitHub, and Outlook data via memory and file upload exploits * Trend Micro releases Critical Patch Build 7190 to remediate CVE-2025-69258 allowing unauthenticated remote code execution in Apex Central via DLL injection into MsgReceiver.exe

Critical n8n RCE Vulnerability CVE-2026-21858 Exploited, GoBruteforcer Botnet Grows, and OpenAI’s ChatGPT Health Faces Legal and Medical Risks

Critical n8n RCE Vulnerability CVE-2026-21858 Exploited, GoBruteforcer Botnet Grows, and OpenAI’s ChatGPT Health Faces Legal and Medical Risks

TL;DR * CVE-2026-21858 Critical RCE Vulnerability in n8n Allows Unauthenticated Attackers to Exfiltrate Credentials and Execute Commands on Systems * GoBruteforcer Botnet Targets 50,000+ Exposed FTP/MySQL Servers to Steal Cryptocurrency Wallets via Brute-Force Attacks on Default Credentials * Kensington and Chelsea Council Data Breach Exposes Hundreds of Thousands of Residents;