The U.S. Army has picked Anduril to lead a team consisting of other tech industry heavyweights like Palantir to build its next-generation command-and-control prototype, or C2, awarding the tech company a $99.6 million contract to deliver it in less than a year, according to statements from the service and company. The prototype architecture will consist
Mitel warns of critical MiVoice MX-ONE authentication bypass flaw
Mitel Networks has released security updates to patch a critical-severity authentication bypass vulnerability impacting its MiVoice MX-ONE enterprise communications platform. MX-ONE is the company’s SIP-based communications system, which can scale to support hundreds of thousands of users. The critical security flaw is due to an improper access control weakness discovered in the MiVoice MX-ONE Provisioning
Romania, Poland take different tacks on buying new combat vehicles
U.S. Marines look at a Romanian MLI-84 infantry fighting vehicle during a presentation at the Smardan Training Area in Romania on May 9, 2016. (Lance Cpl. Kyle A. Kauffman/U.S. Marine Corps) WARSAW, Poland — As numerous Eastern European allies pursue acquisitions of infantry fighting vehicles, Romania and Poland are advancing plans to boost their tracked
US nuclear weapons agency reportedly hacked in SharePoint attacks
Unknown threat actors have reportedly breached the National Nuclear Security Administration’s network in attacks exploiting a recently patched Microsoft SharePoint zero-day vulnerability chain. NNSA is a semi-autonomous U.S. government agency part of the Energy Department that maintains the country’s nuclear weapons stockpile and is also tasked with responding to nuclear and radiological emergencies within the
US Army drops into Australia for massive war games
TOWNSVILLE, Australia — U.S. paratroopers made the most dramatic entrance possible to Australia during Exercise Talisman Sabre 2025. Flying 14.5 hours nonstop from Joint Base Elmendorf-Richardson in Alaska, they parachuted from the night sky into the Australian countryside on July 14. “We landed right on the X,” Col. Brian Weightman, commander of the 2nd Infantry
Cisco: Maximum-severity ISE RCE flaws now exploited in attacks
Cisco is warning that three recently patched critical remote code execution vulnerabilities in Cisco Identity Services Engine (ISE) are now being actively exploited in attacks. Although the vendor did not specify how they were being exploited and whether they were successful, applying the security updates as soon as possible is now critical. “In July 2025, the
VA official outlines effort to revitalize electronic health records for veterans
VA official outlines effort to revitalize electronic health records for veterans The conversion of the VA’s ponderous paper records system to a comprehensive electronic version has long plagued the agency. Where does the effort stand now? 3 days ago
Dior begins sending data breach notifications to U.S. customers
The House of Dior (Dior) is sending data breach notifications to U.S. customers informing them that a May cybersecurity incident compromised their personal information. Dior is a French luxury fashion house, part of the LVMH (Moët Hennessy Louis Vuitton) group, which is the world’s largest luxury conglomerate. The Dior brand alone generates an annual revenue of
GM Defense hopes for ‘first win’ in Europe through UK vehicles race
A CH-47 loads personnel and an Infantry Squad Vehicle during Hurricane Helene relief in Tennessee, October 2024. (Spc. Matthew Wantroba/U.S. Army) MILAN — GM Defense has partnered with British company NP Aerospace to offer American platforms in a bid for the United Kingdom’s Light Mobility Vehicle (LMV) tender. The program requirements are part of the
Threat actors downgrade FIDO2 MFA auth in PoisonSeed phishing attack
A PoisonSeed phishing campaign is bypassing FIDO2 security key protections by abusing the cross-device sign-in feature in WebAuthn to trick users into approving login authentication requests from fake company portals. The PoisonSeed threat actors are known to employ large-volume phishing attacks for financial fraud. In the past, distributing emails containing crypto seed phrases used to drain cryptocurrency