SiliconAngle reports that third-party compromise accounted for 36% of all data breaches last year, which may still be undervalued due to inadequate reporting and improper classification, highlighting the escalation in vendor-driven attacks.

Massachusetts-based tech firm MORSE Corp, a U.S. defense contractor, has agreed to a $4.6 million settlement to resolve a lawsuit alleging its nonadherence to military contract cybersecurity requirements and submission of false claims for payment, reports The Register.

Widely used cloud-based streaming tools platform StreamElements has disclosed having been impacted by a data breach involving a former third-party service provider.

Major U.S. cable operator and internet service provider WideOpenWest had its servers claimed to have been completely compromised by the newly emergent Arkana Security ransomware operation, reports Cybernews.

Hyper-V virtual machines have been targeted by Russian cyberespionage group RedCurl with its new QWCrypt ransomware, marking the operation's initial foray into ransomware, BleepingComputer reports.

BlackLock ransomware gang dismantled Operations of the BlackLock ransomware-as-a-service gang which was poised to be among the most prolific RaaS groups this year despite only emerging last March have been disrupted by Resecurity researchers after exploiting a misconfiguration within the group's data leak site, according to Security Affairs.

Organizations in the U.S., Mexico, and Honduras have been targeted in new attacks by the Chinese state-sponsored advanced persistent threat operation FamousSparrow, which was believed to have gone on a hiatus over the last three years, according to The Record, a news site by cybersecurity firm Recorded Future.

Reuters reports that teen Department of Government Efficiency staffer Edward Coristine was discovered to have operated network services firm DiamondCDN, which worked with the EGodly cybercrime ring.

Military strike plans of the U.S. against Houthi rebels in Yemen were discussed over the Signal messaging app and exposed by The Atlantic after the inadvertent inclusion of its editor-in-chief in the chat.

Zscaler's 2025 AI Security Report found that enterprise use of artificial intelligence and machine learning has grown more than 30-fold over the past year, leading to increased cybersecurity risks, SiliconAngle reports.