https://www.tiktok.com/@cisomarketplace
January 27, 2026 — In an unprecedented move that signals a dramatic shift in federal contractor accountability, the U.S. Treasury Department has terminated all 31 of its contracts with Booz Allen Hamilton, one of the federal government's largest consulting firms. The decision, announced by Treasury Secretary Scott Bessent,
WorldLeaks Ransomware Group Claims Theft of Jordan Brand Designs, Supply Chain Data, and Six Years of Internal Documents Nike, Inc. has confirmed it is actively investigating a potential cybersecurity incident after the WorldLeaks ransomware group claimed to have exfiltrated 1.4 terabytes of sensitive internal data from the sportswear giant.
Executive Summary Clawdbot, the rapidly-adopted open-source AI agent gateway, has a significant exposure problem. Our research using Shodan and Censys identified over 1,100 publicly accessible Clawdbot gateway and control instances on the internet. While many deployments have authentication enabled, we discovered numerous instances requiring no authentication whatsoever—leaving API
The highest-ranking insider threat case in modern military history exposes critical vulnerabilities in state secrets protection as Beijing's military command structure collapses under Xi's purge The cybersecurity world has witnessed countless insider threat incidents—disgruntled employees exfiltrating customer databases, privileged administrators selling access credentials, contractors walking
From Pegasus to Pall Mall: Understanding the Growing Market for Offensive Cyber Capabilities You don't need to manufacture fighter jets to field an air force—you just need the budget to buy them. The same principle now applies to offensive cyber capabilities. Over 80 countries have purchased vulnerabilities,
One of the most comprehensive free threat intelligence resources just got a major update—and if you're not using it, you're missing critical context on how ransomware operations actually work. Orange Cyber Defense (OCD) has released version 29 of their Ransomware Ecosystem Map, an extensive visual
Executive Summary The Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) Version 1.3 is an industry-led, vendor-neutral framework designed to help organizations build, measure, and mature their CTI programs. Its core philosophy is a stakeholder-first approach, defining success by the CTI program's ability to provide demonstrable value to
Over half a million students face heightened identity theft risks after hackers breach centralized education database January 2026 - The Victorian Department of Education has confirmed a significant cybersecurity breach affecting personal information from all 1,700 government schools across the state, potentially exposing data belonging to more than 665,
Four production AI tools. Four data exfiltration vectors. One week. Between January 7th and January 15th, 2026, security researchers publicly disclosed critical vulnerabilities in four major AI-powered productivity tools: IBM Bob, Superhuman AI, Notion AI, and Anthropic's Claude Cowork. Each exploit demonstrated the same fundamental attack pattern—indirect
Taiwan's critical infrastructure endured nearly one billion cyberattacks throughout 2025, according to newly released data from the island's National Security Bureau (NSB), marking an unprecedented escalation in what security officials describe as coordinated "hybrid warfare" tactics that blend digital intrusions with military pressure. This
Russian-Linked Threat Actors Target Distributed Solar and Wind Installations in Unprecedented Campaign Poland successfully defended against what officials are calling the most serious cyberattack on its energy infrastructure in years, narrowly avoiding a nationwide blackout that could have left 500,000 people without heat during brutal winter conditions. The sophisticated
January 8, 2026 - The Royal Borough of Kensington and Chelsea has confirmed that criminals successfully exfiltrated data containing sensitive personal information of hundreds of thousands of residents during a sophisticated cyber attack that first struck in late November 2025. In a stark escalation from their initial disclosure in November,