Threat Horizon

Shining a Light on Emerging Threats

  • Texas Gas Station Operator Reports Ransomware Breach Affecting 377,000 People

    thumbnail for Texas Gas Station Operator Reports Ransomware Breach Affecting 377,000 People

    Gulshan Management Services, tied to roughly 150 Handi Plus and Handi Stop gas stations across Texas, disclosed a ransomware incident impacting 377,082 individuals. The Maine AG filing indicates the breach occurred Sept. 17–27, 2025, was discovered on Sept. 27, and notifications began Jan. 5, 2026. Reporting indicates a phishing entry...

    Reading time: 1 minute
    Posted February 2, 2026 in News

  • Under Armour Investigates Alleged Data Breach Affecting 72M Accounts

    thumbnail for Under Armour Investigates Alleged Data Breach Affecting 72M Accounts

    Under Armour is investigating a reported breach after a dataset tied to the company appeared on underground forums and was ingested by Have I Been Pwned (HIBP). The leak is linked to claims by the Everest ransomware group, which listed Under Armour on its leak site in late 2025. HIBP...

    Reading time: 1 minute
    Posted February 2, 2026 in News

  • Sedgwick Government Solutions Confirms Cyber Incident at File Transfer System

    thumbnail for Sedgwick Government Solutions Confirms Cyber Incident at File Transfer System

    Sedgwick confirmed a cybersecurity incident at its federal contractor subsidiary, Sedgwick Government Solutions (SGS), after the TridentLocker ransomware group claimed it stole data. Sedgwick says the intrusion was limited to an isolated file transfer system, and that there is no evidence of access to claims management servers or disruption of...

    Reading time: 1 minute
    Posted February 2, 2026 in News

  • CISA Adds Four Exploited Bugs to KEV — What You Need to Know

    thumbnail for CISA Adds Four Exploited Bugs to KEV — What You Need to Know

    CISA added four vulnerabilities to the Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation. When a CVE lands in KEV, it means defenders should treat remediation as urgent. New KEV additions: Vite (CVE-2025-31125): Improper access control; exposed dev servers can leak files. Versa Concerto SD‑WAN (CVE-2025-34026): Critical...

    Reading time: 1 minute
    Posted February 2, 2026 in News

  • Patch Tuesday: March 2025

    thumbnail for Patch Tuesday: March 2025

    March 2025 Patch Tuesday: Microsoft Tackles 7 Zero-Days and 57 Flaws Microsoft’s March 2025 Patch Tuesday, released on March 11, delivered a hefty batch of security updates, addressing 57 vulnerabilities, including seven zero-day flaws—six of which were actively exploited. With critical remote code execution (RCE) bugs and a return to...

    Reading time: 2 minutes
    Posted March 11, 2025 in News

  • The Horizon Review: Week of March 3

    thumbnail for The Horizon Review: Week of March 3

    This week delivered a flurry of cybersecurity developments, from state-sponsored APTs to critical patches and emerging breaches. Here are the top 10 stories shaping the threat landscape. 1. North Korean APT Moonstone Sleet Deploys Qilin Ransomware Microsoft revealed that Moonstone Sleet, a North Korean hacking group, has begun using Qilin...

    Reading time: 2 minutes
    Posted March 8, 2025 in News

  • North Korean Hackers Team Up with Qilin Ransomware Gang, Microsoft Reports

    thumbnail for North Korean Hackers Team Up with Qilin Ransomware Gang, Microsoft Reports

    On March 7, 2025, Microsoft revealed that a North Korean hacking group, tracked as Moonstone Sleet, has recently begun deploying payloads from the notorious Qilin ransomware gang in a series of targeted attacks. This development, reported by BleepingComputer, marks a significant shift in tactics for the state-sponsored group, blending cyberespionage...

    Reading time: 2 minutes
    Posted March 8, 2025 in News

Categories


Posts from ...

r