Chinese cyber-espionage group, Salt Typhoon, has infiltrated a ninth American telecom provider. Several hundred companies have been alerted to potential breach, with political figures among the targets. AT&T, Verizon and T-Mobile indicated their systems are now secured. Meanwhile, the US is formulating further responses to the attacks, including strengthening cybersecurity prerequisites in federal contracts. The Department of Health is set to enforce cybersecurity regulations requiring the encryption, threat-monitoring and compliance checking of data. Furthermore, the UN General Assembly has approved a cybercrime treaty to improve international standards and responses to hackers.

Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware
Ivanti has patched a critical security vulnerability, CVE-2025-22457, that could have allowed remote, unauthenticated attackers to execute arbitrary code on its Connect Secure product. The