The Record

Minnesota governor Tim Walz issued an executive order on Tuesday, writing that Winona county experienced a cyberattack on critical systems that began on Monday.

Digital civil rights nonprofit Access Now released a report on the findings with the mobile security company Lookout on Wednesday, saying they saw evidence the hackers may “use the methods and infrastructure associated with the attacks to deliver spyware and exfiltrate data.”

The advisory said Iranian actors are targeting local municipal governments, water and wastewater systems and the energy sector.

The missive, obtained by Recorded Future News, arrives days before policymakers return from recess next week and aim for a quick extension Section 702 of the Foreign Intelligence Surveillance Act (FISA) for another 18 months.

Signature Healthcare and Signature Healthcare Brockton Hospital said on Monday that the cyber incident is impacting many of their information systems.

Officials said the activity centers on compromising small office and home office routers and similar network devices exposed to the internet, often because of weak security settings or outdated software.

The Education Authority (EA), which oversees school support services in Northern Ireland, said in an official statement it became aware of the incident affecting the “C2K” system last week and took immediate steps to contain the breach.

Cyber-enabled fraud was behind 85% of all losses reported to the FBI in 2025 and constituted 45% of the 1,008,597 complaints it's IC3 unit received overall.

Microsoft said it has been alarmed to see how effective Medusa actors are, citing multiple cases where the group can move from initial access to data exfiltration and ransomware deployment within 24 hours.

Microsoft, Google, Meta and Snapchat released a statement on Friday saying they “reaffirm their continued commitment to protecting children and preserving privacy, and will continue to take voluntary action” to complete the scans.

The suspects were named as Daniil Shchukin, a 31-year-old Russian national believed to have used the alias UNKN (UNKNOWN), and Anatoly Kravchuk, a 43-year-old Ukraine-born Russian citizen who investigators say worked as a developer for the group.

Bryan Fleming, founder of pcTattletale, was ordered to pay a $5,000 fine by a San Diego federal judge and will spend no time in prison beyond the one day he already served.

The Cybersecurity and Infrastructure Security Agency (CISA) gave federal agencies until Thursday to apply the hotfix.

The disruption on Friday affected apps from some of the country’s largest banks, including Sberbank, VTB, Alfa-Bank, T-Bank and Gazprombank.

Die Linke confirmed in late March that its IT infrastructure had been hit by what it described as a “serious cyberattack.”

Voxbeam’s actions allegedly led to “financial impersonation robocalls” that were made to American consumers “ using “non-compliant and long dormant accounts,” the FCC said.

A bug in a popular line of video conferencing software is being exploited by hackers, prompting the U.S. government to order all agencies to patch the vulnerability within two weeks.

The European Union’s cybersecurity agency said the hacking group TeamPCP was behind a massive recent data breach at the European Commission.

An emergency communications system used across a handful of small towns in northern Massachusetts was impacted by a cyberattack.

In a new report, CERT-UA said attackers are revisiting previously breached infrastructure to check whether access is still available, whether exploited vulnerabilities have been patched and whether previously obtained credentials remain valid.