Ukrainian man charged with ransomware attack that affected 1,500 U.S. businesses — NBC

Yaroslav Vasinskyi, 22, was arrested last month at the request of the U.S. government while trying to enter Poland from Ukraine, writes Pete Williams. Here is the link:

Robinhood discloses breach that exposed information of millions of customers — CNN

The trading platform said in a statement that the November 3 attack allowed the unauthorized party to obtain a list of email addresses for about 5 million people, writes Matt Egan. Here...

‘Sideloading is a cyber criminal’s best friend,’ according to Apple’s software chief — The...

“Sideloading is a cyber criminal’s best friend and requiring that on iPhone would be a gold rush for the malware industry,” according to Apple senior vice president Craig Federighi, writes Chaim...

Malware found in npm package with millions of weekly downloads — The Record

A massively popular JavaScript library (npm package) was hacked, and modified with malicious code that downloaded and installed a password stealer and cryptocurrency miner, writes Catalin Cimpanu. Here is the link:  

Twitch blames data breach on server configuration error — CNET

Twitch on Wednesday confirmed what appears to be a large data breach, pointing to an "error in a Twitch server configuration change" that exposed some data to the internet, writes Carrie Mihalcik. Here...

As Google sets burial date for legacy Chrome Extensions, fears for ad-blockers grow —...

Google this month said Chrome browser extensions written under its Manifest V2 specification will stop working in January 2023, writes Thomas Claburn. Here is the link:

Snyk raises $350M

Developer security company Snyk has raised $530 million in a Series F investment round.

Hackers, remote workers spur record PE investment in cybersecurity — PitchBook

Private equity buyouts in cybersecurity are hitting new records as a fast-growing industry responds to a surge in remote working and increasingly sophisticated cyberattacks, writes Ryan Prete. Here is the link:

Juniper breach mystery starts to clear with new details on hackers and U.S. role...

Juniper’s breach remains important — and the subject of continued questions from Congress — because it highlights the perils of governments inserting backdoors in technology products, writes Jordan Robertson. Here is the...

Microsoft Azure cloud vulnerability is the ‘worst you can imagine’ — The Verge

A flaw in Microsoft’s Azure Cosmos DB database product left more than 3,300 Azure customers open to complete unrestricted access by attackers, writes Thomas Ricker. Here is the link: You can find...

Pegasus spyware found on journalists’ phones, French intelligence confirms — The Guardian

French intelligence investigators have confirmed that Pegasus spyware has been found on the phones of three journalists, writes Kim Willsher. 

Rootly raises $3.2M

Technical incident management platform company Rootly has closed $3.2 million in seed funding.

Biden announces investigation into international ransomware attack — The Guardian

Joe Biden said on Saturday he had directed US intelligence agencies to investigate a sophisticated ransomware attack, according to the report. Here is the link:

Wipro to acquire Ampion

Wipro has signed an agreement to acquire Ampion, an Australia-based provider of cyber security, DevOps and quality engineering services.

Armorblox raises $30M

Sunnyvale, Calif.-based email security company Armorblox has raised $30 million in a Series B funding round. The investment was led by Next47, with participation from Polaris Partners and Unusual Ventures, as well...