FBI: Russian Hackers Now Target Signal Backup Recovery Keys

The FBI and CISA warn that Russian Intelligence Services are phishing Signal users for their Backup Recovery Keys β€” giving attackers persistent access to full message histories even after victims change accounts. Here is what changed, who is at risk, and the one control that matters most.

CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue

CISA added CVE-2026-12569, a critical unauthenticated RCE vulnerability in PTC Windchill and FlexPLM, to its KEV catalog as attackers deploy persistent JSP web shells. Learn what controls would have blunted this attack.

Polymarket Customers Lose $3 Million in Supply-Chain Attack

A compromised third-party vendor injected malicious JavaScript into Polymarket's frontend on June 25, 2026, draining approximately $3 million from user wallets. Learn the vendor-access control that could have blunted it.

Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root

CVE-2026-20230 is an unauthenticated SSRF in Cisco Unified CM now actively exploited after a public PoC exposed a file-write path to root. Learn the patch, workaround, and cyber-insurance controls.

LastPass Confirms Data Breach in Klue Supply Chain Attack

A legacy credential at market intelligence vendor Klue gave attackers OAuth tokens that unlocked LastPass's Salesforce environment and exposed customer records. Here is what happened and how to prevent it.

Cyber insurance underwriters are raising the bar, and organizations need to be ready.

Join Claroty Field CTO Sean Tufts on June 25 to learn how cyber-physical systems (CPS) security controls can help strengthen your security posture, demonstrate operational resilience, and support more favorable cyber insurance outcomes.

Key topics include:
πŸ”Ή The CPS security controls underwriters prioritize
πŸ”Ή How to demonstrate resilience and reduce risk
πŸ”Ή Strategies to help optimize coverage and premiums

πŸ“… June 25, 2026
πŸ•š 4:00pm BST | 11:00am ET | 8:00am PT

🎟️ Register now: https://discover.claroty.com/webinar-how-to-align-security-controls-with-cyber-insurance-premiums

#CyberInsurance #CyberSecurity #CPSecurity #OTSecurity #CyberResilience #RiskManagement

Ransomware Attacks Shift to Data Theft Tactics

Ransomware attacks have taken a sinister turn, with a growing number of hackers ditching decryption keys and instead using stolen data to extort their victims. In fact, a recent report found that a whopping 87% of ransomware claims now involve data theft, with encryption becoming a thing of the past.

https://osintsights.com/ransomware-attacks-shift-to-data-theft-tactics?utm_source=mastodon&utm_medium=social

#RansomwareAttacks #DataTheft #Extortion #EmergingThreats #CyberInsurance

Ransomware Attacks Shift to Data Theft Tactics

Learn how ransomware attacks now focus on data theft tactics, not encryption, and discover crucial steps to protect your business from these evolving threats today.

OSINTSights

πŸ’πŸ”’ New on the Claroty blog: Cyber insurance readiness is becoming a critical business requirement for data center operators.

As insurers apply greater scrutiny to mission-critical environments, organizations must demonstrate strong cybersecurity controls, physical security measures, and operational resilience across systems such as ⚑ power, ❄️ cooling, 🏒 building management, and πŸšͺ physical access controls.

πŸ“– Learn what underwriters are looking for and how to strengthen your data center cybersecurity posture: https://claroty.com/blog/achieving-cyber-insurance-readiness-for-data-centers

#DataCenterSecurity #CyberInsurance #Cybersecurity #OperationalResilience #CriticalInfrastructure #OTSecurity #DataCenters #CyberRiskManagement

Achieving Cyber-Insurance Readiness for Data Centers

In order for data centers to achieve cyber insurance readiness, they must demonstrate a commitment to operational resilience. Underwriters evaluate resilience to determine the insurability of operational environments, therefore data centers must demonstrate their ability to maintain operations in the event of an attack...

Claroty

πŸ“ Cyber insurance renewals are getting tougher, and industrial organizations can no longer rely on spreadsheets, screenshots, and last-minute evidence gathering.

The good news? Audit readiness doesn't have to be a weeks-long scramble.

βœ… This checklist shows how industrial organizations can streamline cyber insurance underwriting, demonstrate security controls with confidence, and move from reactive compliance to continuous risk management.

πŸ‘‰ Download it here and see what insurers are looking for before your next renewal: https://claroty.com/resources/datasheets/industrial-cyber-insurance-proof-pack-audit-ready-checklist

#IndustrialCybersecurity #CyberInsurance #OTSecurity #CriticalInfrastructure #RiskManagement #CyberResilience #Compliance #ICSsecurity

Cyber insurers are shifting from yearly audits to continuous validation.
Kimberly Manibusan from Qualys explains why insurers now want measurable proof of:
πŸ”΄ Faster remediation
πŸ”΄ Patch management effectiveness
πŸ”΄ Continuous security visibility

πŸ“– Read:
https://www.technadu.com/cyber-insurers-now-want-evidence-that-companies-are-fixing-security-risks/627941/

#CyberInsurance #CyberSecurity #CyberRisk #ExposureManagement