The government of Sri Lanka has lost more than $3 million in two recent, separate cybersecurity incidents as the country continues to recover from its 2022 debt crisis.
The American technology giant provides water and energy monitoring and utility meters to hundreds of millions of homes and businesses.
The cosmetics retailer, which counts 41 million customers in its membership data, declined to provide an accurate total number of customers affected.
The DDoS attack against Mastodon’s flagship server comes less than a week after Bluesky was targeted with junk web traffic.
Vercel blamed its breach on an earlier hack at Context AI, which allowed hackers to hijack a Vercel employee’s account to steal customer data.
Sweden’s minister for civil defense said Russian hackers are “now attempting destructive cyber attacks against organizations in Europe.”
Dozens of WordPress plug-ins were allegedly hijacked to push malware after they were sold to a new corporate owner.
It’s not clear how many people were compromised by this hacking campaign, but a security researcher said the hackers were targeting victims since at least November 2025.
The U.K. energy company said a redirected payment meant for a contractor instead landed in a hacker’s bank account.
A joint FBI, NSA, and CISA advisory warns that Iranian hackers have ‘escalated’ their tactics in response to the ongoing U.S.-Israel war with Iran.