Today's cybersecurity headlines are brought to you by ThreatPerspective
| Follow @EthHackingNews |
| Follow @EthHackingNews |
La Poste, France's national postal service, has been hit by a major cyberattack that has left its digital banking and online services offline. The attack, which occurred on Monday, has disrupted the lives of millions of customers across the country. La Poste has yet to provide a timeline for full service restoration or disclose the nature of the incident, leaving customers to rely on alternative methods of conducting banking and postal transactions.
Published: Wed Dec 24 02:01:58 2025 by llama3.2 3B Q4_K_M
Baker University has disclosed a data breach after attackers gained access to its network one year ago and stole the personal, health, and financial information of over 53,000 individuals. The university is now offering free credit monitoring services to those affected and encourages potentially impacted individuals to regularly check their account statements and credit reports for suspicious activity.
Published: Wed Dec 24 02:48:01 2025 by llama3.2 3B Q4_K_M
Nissan Motor Co., Ltd. has confirmed that information about thousands of its customers was leaked due to a breach at Red Hat in September. The breach exposed approximately 21,000 customer records containing personal details such as names, addresses, and contact information. Nissan emphasized that financial data was not compromised during the incident.
Published: Wed Dec 24 03:42:55 2025 by llama3.2 3B Q4_K_M
Researchers have discovered a new variant of the MacSync information stealer that can bypass checks from Gatekeeper, the security system in macOS. Delivered through a digitally signed, notarized Swift application within a disk image, this malware can steal sensitive data such as iCloud keychain credentials and passwords stored on web browsers.
Published: Wed Dec 24 04:41:37 2025 by llama3.2 3B Q4_K_M
Microsoft plans to rewrite its entire C and C++ codebase using Rust by 2030, a bold move that could have far-reaching implications for software security.
Published: Wed Dec 24 06:04:33 2025 by llama3.2 3B Q4_K_M
ServiceNow Announces $7.75 Billion Acquisition of Cybersecurity Firm Armis to Strengthen Its Security Capabilities
Published: Wed Dec 24 07:47:56 2025 by llama3.2 3B Q4_K_M
21,000 Nissan customers had their personal data leaked after an unauthorized access to a Red Hat-managed server, highlighting the ongoing threats posed by advanced persistent threats and organized crime groups. The breach serves as a reminder of the importance of robust cybersecurity measures for organizations handling sensitive customer data.
Published: Wed Dec 24 09:33:17 2025 by llama3.2 3B Q4_K_M
Microsoft has released an out-of-band update to address a long-standing issue with its Message Queuing (MSMQ) service, highlighting the challenges of supporting legacy codebases in today's software landscape.
Published: Wed Dec 24 10:47:26 2025 by llama3.2 3B Q4_K_M
NYPD Spying Scandal: A New Front in the Battle for Transparency
In a move that promises to further expose the deep-seated issues within the NYPD's Intelligence Division, a New Jersey resident has filed a lawsuit alleging ongoing surveillance of Muslim communities. The case is expected to pose a test for mayor-elect Zohran Mamdani's law enforcement policies and bring much-needed transparency to a department shrouded in controversy.
Published: Wed Dec 24 12:22:18 2025 by llama3.2 3B Q4_K_M
In a shocking turn of events, Chinese crypto scammers on the messaging platform Telegram have taken over as the largest illicit online marketplace in history. With an estimated $27 billion in annual transactions, these markets are facilitating everything from money laundering to human trafficking. As law enforcement agencies struggle to keep up with this growing industry, it's clear that a coordinated global effort is needed to disrupt these operations once and for all.
Published: Wed Dec 24 13:56:08 2025 by llama3.2 3B Q4_K_M
A new variant of the MacSync information stealer has been discovered by cybersecurity researchers, using a digitally signed and notarized Swift application to bypass Apple's Gatekeeper security measure. This malware distribution method represents a significant threat to Mac users' privacy and security, highlighting the need for regular updates and vigilance in maintaining a secure posture.
Published: Wed Dec 24 15:23:57 2025 by llama3.2 3B Q4_K_M
The world of small business cyber attacks has undergone a significant shift, with 70.5% of identified data breaches in 2025 belonging to SMBs. In this article, we will explore three key breaches from 2025 and examine the most effective ways for SMBs to protect themselves in the coming year.
Published: Wed Dec 24 17:11:28 2025 by llama3.2 3B Q4_K_M
The SEC has filed charges against multiple companies for their alleged involvement in a $14 million cryptocurrency scam using fake AI-themed investment tips. The scam targeted unsuspecting users with ads on social media and built trust through group chats posing as financial professionals promising returns from AI-generated investment tips. The scammers then convinced the victims to invest funds into fake trading platforms, only to defraud them later. The total misappropriated funds amount to at least $14 million, with cryptocurrency assets accounting for $7.4 million and fiat currency accounts for $6.6 million.
Published: Wed Dec 24 18:55:43 2025 by llama3.2 3B Q4_K_M
Apple has been fined €98.6 million ($116 million) by Italy's antitrust authority for allegedly violating antitrust rules related to its App Tracking Transparency (ATT) framework. The ruling is the latest in a series of fines and probes faced by Apple over its dominance in the app distribution market.
Published: Wed Dec 24 20:14:17 2025 by llama3.2 3B Q4_K_M
African countries have joined forces with INTERPOL to combat the escalating threat of cybercrime, resulting in a record-breaking 574 arrests and over $3 million recovered. Learn more about Operation Sentinel's impact on ransomware attacks and cybercrime efforts across Africa.
Published: Wed Dec 24 21:43:20 2025 by llama3.2 3B Q4_K_M
A new password manager has emerged that's specifically designed for organizations operating within the Google Workspace ecosystem. Learn more about Passwd and how it can simplify your credential management.
Published: Wed Dec 24 22:59:40 2025 by llama3.2 3B Q4_K_M
The Federal Bureau of Investigation (FBI) has seized the 'web3adspanels.org' domain and database used by cybercriminals to store stolen bank login credentials, disrupting a major operation that resulted in significant financial losses for U.S. victims.
Published: Thu Dec 25 00:21:08 2025 by llama3.2 3B Q4_K_M
The U.S. Federal Communications Commission (FCC) has banned foreign-made drones and critical components over national security concerns. This decision marks a significant shift in policy for drone regulation in the U.S. and sets a precedent for other countries to follow. The ban aims to protect national security and reduce reliance on foreign-made drones, while also highlighting the importance of international regulations to prevent the misuse of drones.
Published: Thu Dec 25 02:47:01 2025 by llama3.2 3B Q4_K_M
Italian regulator rules Apple's ATT feature limits competition, imposing a €98.6 million fine on the tech giant for allegedly restricting fair competition in the App Store.
Published: Thu Dec 25 03:28:14 2025 by llama3.2 3B Q4_K_M
La Poste, one of France's largest postal services, has been hit by a major cyberattack that has disrupted its digital banking and online services. The company confirmed that a DDoS attack had rendered its online services inaccessible, with no impact on customer data. The incident is believed to be in response to recent cyberattacks on France's Interior Ministry and other government organizations.
Published: Thu Dec 25 04:38:11 2025 by llama3.2 3B Q4_K_M
Red Hat's GitLab instance was breached, exposing the data of 21,000 Nissan customers. The breach highlights the importance of robust cybersecurity measures in place to protect sensitive data and customer relationships.
Published: Thu Dec 25 06:08:24 2025 by llama3.2 3B Q4_K_M
Malicious actors have exploited a vulnerability in the Microsoft Activation Scripts (MAS) tool to spread PowerShell malware, infecting systems with the 'Cosmali Loader.' The malicious domain is almost identical to the legitimate one listed in official MAS instructions. Reinstalling Windows and exercising caution when using open-source software are recommended to avoid further infection.
Published: Thu Dec 25 07:10:37 2025 by llama3.2 3B Q4_K_M
MongoDB has issued a high-priority warning about a severe remote code execution vulnerability (CVE-2025-14847) affecting multiple versions of the database management system. Organizations using MongoDB are urged to patch the issue immediately to prevent potential attacks.
Published: Thu Dec 25 08:39:43 2025 by llama3.2 3B Q4_K_M
Pen testers at Pen Test Partners exposed four security vulnerabilities in Eurostar's AI chatbot, prompting a heated response from the train operator's head of security that has left many in the cybersecurity community questioning the company's handling of the issue. Despite reporting the flaws to Eurostar via its vulnerability disclosure program, the researchers were accused of "blackmail" by the company, sparking outrage and debate among experts about the importance of acknowledging and responding to security reports.
Published: Thu Dec 25 10:12:40 2025 by llama3.2 3B Q4_K_M
The FBI has announced the shutdown of a platform used by cybercriminals to break into Americans' bank accounts, highlighting the need for increased awareness and education about cybersecurity threats. With losses estimated at over $262 million since the start of the year, it's clear that these crimes are having a significant impact on individuals and organizations alike.
Published: Thu Dec 25 11:38:17 2025 by llama3.2 3B Q4_K_M
As the digital world becomes increasingly complex, it's more important than ever to be aware of the evolving threat landscape. From AI-fueled disinformation campaigns to critical vulnerabilities in cloud infrastructure, there are numerous challenges that require attention and action. Stay informed with The Hacker News to stay ahead of the threats.
Published: Thu Dec 25 12:48:36 2025 by llama3.2 3B Q4_K_M
The recent LastPass data breach has led to a multi-year window for attackers to crack weak master passwords and drain assets from customers' wallets. TRM Labs has found evidence pointing to Russian cybercriminal actors and highlights the importance of ecosystem-level analysis, demixing, and dematerialization in attribution and enforcement efforts.
Published: Thu Dec 25 13:51:55 2025 by llama3.2 3B Q4_K_M
Fortinet has issued a warning about an active exploitation of a five-year-old security flaw in their FortiOS SSL VPN, known as CVE-2020-12812, which can allow users to bypass two-factor authentication. Organizations that have not deployed the latest versions of FortiOS should take immediate action to address this vulnerability.
Published: Thu Dec 25 15:50:19 2025 by llama3.2 3B Q4_K_M
A new UEFI flaw has been discovered that enables early-boot DMA attacks on popular motherboards from ASRock, ASUS, GIGABYTE, and MSI. This vulnerability allows post-authentication remote code execution through a critical case of command injection in the time_tzsetup.cgi parameter of Digiever DS-2105 Pro NVRs. Follow this article to learn more about the latest cybersecurity concern and what you can do to protect yourself.
Published: Thu Dec 25 17:12:58 2025 by llama3.2 3B Q4_K_M
A five-year-old vulnerability in Fortinet's SSL VPN software has been exploited in the wild, highlighting the ongoing threat posed by older vulnerabilities. This article provides a detailed analysis of the CVE-2020-12812 flaw, its potential severity, and the steps organizations must take to prevent exploitation.
Published: Thu Dec 25 19:46:04 2025 by llama3.2 3B Q4_K_M
A critical flaw in the popular open-source NoSQL database MongoDB could be exploited by attackers to take over vulnerable servers, giving them access to sensitive data. The high-severity vulnerability has been rated at 8.7 on the Common Vulnerability Scoring System (CVSS) and affects various versions of the database software. Users are advised to upgrade to a fixed version or configure compression options to mitigate this risk.
Published: Thu Dec 25 20:53:26 2025 by llama3.2 3B Q4_K_M
A widespread cyberattack has left millions of dollars' worth of cryptocurrency being stolen from users of the Trust Wallet Chrome extension. The attack appears to have been linked to a compromised version of the extension, which exfiltrated sensitive wallet data to an external server hosted at metrics-trustwallet.com. In this article, we will explore the details of the incident and what it means for cybersecurity in the future.
Published: Fri Dec 26 05:37:48 2025 by llama3.2 3B Q4_K_M
Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection. A critical security flaw in the package's serialization injection mechanism could be exploited by an attacker to steal sensitive secrets and influence LLM responses through prompt injection, carrying a CVSS score of 9.3 out of 10.0.
Published: Fri Dec 26 07:07:45 2025 by llama3.2 3B Q4_K_M
Spotify has taken action against unlawful scraping of its music library, a move that underscores the company's commitment to protecting its intellectual property and safeguarding the integrity of the music industry. The incident highlights the ongoing struggle between online service providers and those seeking to circumvent digital security protocols in order to access copyrighted material.
Published: Fri Dec 26 08:15:55 2025 by llama3.2 3B Q4_K_M
Trust Wallet has confirmed that a compromised Chrome extension update led to $7 million worth of stolen cryptocurrency, highlighting the importance of maintaining strict security measures when it comes to online extensions and cryptocurrency wallets.
Published: Fri Dec 26 09:17:04 2025 by llama3.2 3B Q4_K_M
Remedio CEO Tal Kollender is taking on the hackers with AI-powered technology, but warns that defenders must keep up with the pace of modern cyber attacks in order to stay ahead of the threats. With Remedio's innovative approach to cybersecurity, Kollender is changing the way companies fix things without any business disruption.
Published: Fri Dec 26 10:40:07 2025 by llama3.2 3B Q4_K_M
Trust Wallet Chrome Extension Breach: A $7 Million Crypto Loss via Malicious Code
Published: Fri Dec 26 11:39:04 2025 by llama3.2 3B Q4_K_M
China-linked APT group Evasive Panda has unleashed a highly targeted DNS poisoning campaign to deliver MgBot malware to victims in Türkiye, China, and India. The attackers employed sophisticated techniques, including custom encryption algorithms and DNS manipulation, to evade detection and maintain persistence in compromised systems.
Published: Fri Dec 26 12:46:02 2025 by llama3.2 3B Q4_K_M
A recent cyber attack on the French national postal service, La Poste, has been attributed to the pro-Russian hacktivist group Noname057. The attack caused disruptions to digital banking and online services, but officials have stated that they are working to restore normal operations as quickly as possible.
Published: Fri Dec 26 13:56:44 2025 by llama3.2 3B Q4_K_M
A recent data breach at Aflac has exposed the personal information of over 22 million customers, highlighting the ongoing threat of cyberattacks on sensitive institutions. The incident underscores the need for greater transparency and accountability in handling personal information and demonstrates the importance of robust security measures to prevent future breaches.
Published: Fri Dec 26 15:27:17 2025 by llama3.2 3B Q4_K_M
As cybersecurity threats continue to evolve, tabletop exercises are becoming increasingly crucial for organizations to ensure preparedness and resilience in the face of AI-powered threats. This article explores the changing nature of these exercises and provides guidance on how organizations can adapt their tabletop exercises to reflect the speed and volume of modern cyber threats.
Published: Fri Dec 26 16:57:47 2025 by llama3.2 3B Q4_K_M
MongoDB has issued a high-priority alert urging its administrators to patch a severe memory-read vulnerability that may be exploited by unauthenticated attackers remotely. The vulnerability affects multiple versions of the database management system, including 8.2, 8.0, 7.0, 6.0, and 5.0. Administrators are advised to upgrade to fixed versions or disable zlib compression immediately.
Published: Fri Dec 26 17:40:30 2025 by llama3.2 3B Q4_K_M
Trust Wallet has warned users to update its Chrome extension after a $7 million security loss due to malicious code inserted into version 2.68 of the multi-chain, non-custodial wallet. The attack may have been carried out by a Pro-Russian group known as Noname057, and attackers also launched a phishing campaign to drain funds from victims' wallets. Users are advised to update to version 2.69 immediately to mitigate the issue.
Published: Fri Dec 26 19:06:39 2025 by llama3.2 3B Q4_K_M
Recent cybersecurity incidents highlight the importance of ongoing vigilance and proactive measures in protecting against emerging threats. From botnet hijackings to actively exploited vulnerabilities, organizations must adapt their security strategies accordingly to stay ahead of cybercriminals.
Published: Sat Dec 27 02:26:55 2025 by llama3.2 3B Q4_K_M
The US military is struggling to keep pace with the rapid advancements in drone capabilities, leaving it vulnerable to complex attacks from adversaries. The situation is further complicated by the lack of effective deployment and utilization of commercial drones by the Pentagon. As the threat posed by drones continues to grow, it is imperative that national security policymakers take concrete steps to address this issue.
Published: Sat Dec 27 04:12:04 2025 by llama3.2 3B Q4_K_M
A critical flaw in the LangChain ecosystem has been discovered, allowing prompt injection and data exposure. The vulnerability has a CVSS score of 9.3 and affects hundreds of millions of global installs. Developers must update their packages immediately and implement additional security measures to secure their applications.
Published: Sat Dec 27 12:58:25 2025 by llama3.2 3B Q4_K_M
Ubisoft's Rainbow Six Siege suffers massive breach, with hackers distributing billions of in-game credits and cosmetic items to player accounts worldwide. The breach has left the gaming community reeling, with reports of fake ban messages on the ban ticker and players receiving unprecedented amounts of in-game currency.
Published: Sat Dec 27 23:50:17 2025 by llama3.2 3B Q4_K_M
Recent updates in the cybersecurity landscape highlight the ongoing threat posed by state-sponsored hackers, mobile malware, and data breaches. Staying up-to-date with security patches and best practices is crucial to protecting against these threats.
Published: Sun Dec 28 03:59:50 2025 by llama3.2 3B Q4_K_M
The cyber threat landscape is constantly evolving, with new vulnerabilities and exploits emerging on a daily basis. In this latest installment of Security Affairs Malware Newsletter Round 77, we take a deep dive into the most significant security incidents and vulnerabilities that have emerged in the past month, highlighting the ongoing importance of staying vigilant in the face of an ever-evolving threat landscape.
Published: Sun Dec 28 06:01:23 2025 by llama3.2 3B Q4_K_M
Stolen LastPass backups enable crypto theft through 2025 due to weak master passwords, according to recent findings by TRM Labs. This breach has significant implications for users and highlights the ongoing threat of cybercrime in the cryptocurrency space.
Published: Sun Dec 28 06:59:40 2025 by llama3.2 3B Q4_K_M
In 2025, the world witnessed a shocking increase in human harm caused by cybercrime, resulting in deaths, torture, and amputations. This article delves into the details of these devastating attacks and their impact on individuals and society as a whole.
Published: Sun Dec 28 08:50:11 2025 by llama3.2 3B Q4_K_M
Ubissoft recently revealed that it had been forced to shut down the servers for its popular tactical first-person shooter, Rainbow Six Siege, following a hacking incident. The company confirmed that hackers gained control over significant portions of the game's systems, including the ability to ban and unban users, send custom messages, unlock all in-game items, and grant every player 2 billion R6 Credits and Renown.
Published: Sun Dec 28 10:51:44 2025 by llama3.2 3B Q4_K_M
A Condé Nast database leak exposed over 2.3 million WIRED records, raising concerns about responsible disclosure practices among security researchers and companies.
Published: Sun Dec 28 12:08:26 2025 by llama3.2 3B Q4_K_M
Condé Nast has been hit with a major data breach, resulting in the leak of sensitive information belonging to over 2.3 million Wired subscribers. The breach has raised serious concerns about user privacy and security, and users are advised to take immediate action to protect their personal data.
Published: Sun Dec 28 14:05:20 2025 by llama3.2 3B Q4_K_M
In a shocking turn of events, Ubisoft's popular game Rainbow Six Siege was targeted by a group of skilled attackers who infiltrated its servers and caused widespread chaos. The attack, which occurred over the weekend, saw players' accounts compromised and an enormous amount of in-game currency distributed. With the game now offline while engineers work to restore order, gamers are left wondering what the future holds for their beloved game.
Published: Sun Dec 28 14:17:31 2025 by llama3.2 3B Q4_K_M
Exploited MongoBleed vulnerability exposes over 80,000 MongoDB servers, leaving sensitive data vulnerable to exploitation. Organizations must prioritize patching and securing their systems to prevent potential exploitation.
Published: Sun Dec 28 14:45:17 2025 by llama3.2 3B Q4_K_M
South Korea's Coupang reveals a former employee accessed 33 million customer records before deleting the data after realizing the severity of his actions. The incident highlights the growing threat of cybercrime, emphasizing the need for effective cybersecurity measures to protect sensitive information.
Published: Sun Dec 28 22:18:55 2025 by llama3.2 3B Q4_K_M
Global MongoDB vulnerability raises alarms as 87,000 potentially susceptible instances identified worldwide, with experts warning of critical implications for organizations relying on the database management solution. Stay up-to-date on the latest developments and learn how to protect your organization's sensitive data from this emerging threat.
Published: Mon Dec 29 02:03:24 2025 by llama3.2 3B Q4_K_M
The Evasive Panda group has launched a sophisticated DNS poisoning campaign, compromising systems in Turkey, China, and India. This campaign highlights the group's ability to adapt and evolve its tactics, staying one step ahead of security measures. The use of DNS poisoning and advanced encryption techniques makes it challenging for security researchers to detect and reverse-engineer the malware.
Published: Mon Dec 29 03:00:12 2025 by llama3.2 3B Q4_K_M
European countries are banding together to challenge the dominance of US cloud giants AWS, Microsoft, and Google by creating their own digital sovereignty initiatives, such as GAIA-X. The goal is to provide a secure and trustworthy alternative for European businesses and governments, but it remains to be seen whether these efforts will be successful in competing with the big three.
Published: Mon Dec 29 03:34:49 2025 by llama3.2 3B Q4_K_M
A sustained spear-phishing campaign has exploited the npm registry to facilitate credential theft, leaving a trail of vulnerabilities in its wake. The attackers used open-source software supply chains to deliver malicious payloads, highlighting the need for stringent dependency verification and phishing-resistant multi-factor authentication.
Published: Mon Dec 29 03:59:38 2025 by llama3.2 3B Q4_K_M
The Digital Shadow of Tyranny: How Trump's Cyberwarfare Campaigns Are Reshaping America
Published: Mon Dec 29 04:52:37 2025 by llama3.2 3B Q4_K_M
The Rise of Public Surveillance: How Citizens Are Countering Law Enforcement's Watchful Eyes
Published: Mon Dec 29 05:12:34 2025 by llama3.2 3B Q4_K_M
Fortinet has issued a warning about ongoing exploitation of a 5-year-old vulnerability in its FortiOS operating system that allows attackers to bypass two-factor authentication when targeting vulnerable firewalls. Despite patches released in July 2020, threat actors continue to exploit this vulnerability, and organizations must take steps to protect themselves.
Published: Mon Dec 29 05:24:38 2025 by llama3.2 3B Q4_K_M
A comprehensive review of recent events reveals a pervasive sense of chaos and disorder in the digital realm. Cyber breaches, hacks, and data leaks have become increasingly common, with numerous high-profile companies falling victim to devastating cyber attacks in 2025. As cybersecurity threats continue to evolve, it is essential that organizations prioritize cybersecurity and take proactive measures to prevent these incidents from occurring.
Published: Mon Dec 29 06:19:56 2025 by llama3.2 3B Q4_K_M
Korean Air recently experienced a data breach that exposed thousands of employees' sensitive information. The incident highlights the vulnerabilities of even large organizations and emphasizes the importance of robust cybersecurity measures. With approximately 30,000 data records compromised, Korean Air is urging its employees to exercise caution regarding suspicious communications and has been in contact with relevant authorities.
Published: Mon Dec 29 07:15:07 2025 by llama3.2 3B Q4_K_M
A newly disclosed MongoDB vulnerability, known as MongoBleed, has been actively exploited by attackers worldwide, with over 87,000 potentially vulnerable instances identified. The issue lies in the zlib message decompression feature of MongoDB, which allows unauthenticated attackers to leak sensitive data from servers. Organizations are advised to upgrade their databases or disable zlib compression on their servers to mitigate this risk.
Published: Mon Dec 29 07:58:15 2025 by llama3.2 3B Q4_K_M
A former Coinbase support agent has been arrested in India for allegedly aiding hackers in stealing sensitive customer information from a compromised database, affecting approximately 69,500 customers. The arrest is the latest development in a growing saga of data breaches and cybercrime that has plagued the cryptocurrency industry.
Published: Mon Dec 29 08:26:41 2025 by llama3.2 3B Q4_K_M
Recent developments highlight the ongoing threat posed by various security concerns, including a new UEFI firmware flaw that enables early-boot DMA attacks, a critical VPN vulnerability, financial malware schemes, and open-source vulnerabilities. Stay informed about these security concerns and take proactive steps to protect your systems from potential breaches.
Published: Mon Dec 29 08:42:51 2025 by llama3.2 3B Q4_K_M
Korean Air Discloses Data Breach After Catering Supplier Hack, Revealing Thousands of Employee Personal Details
South Korea's flag carrier Korean Air has disclosed a data breach after its catering supplier was hacked. The breach exposed personal details of around 30,000 employees of Korean Air. To learn more about the incident and potential security implications, please read our in-depth article.
Published: Mon Dec 29 09:03:23 2025 by llama3.2 3B Q4_K_M
South Korean authorities have arrested a Lithuanian national over his role in infecting 2.8 million systems with clipboard-stealing malware disguised as KMSAuto, stealing $1.2 million from cryptocurrency users.
Published: Mon Dec 29 13:30:12 2025 by llama3.2 3B Q4_K_M
Crims punish Wired subscribers by publishing personal info
A group of hackers, known as Lovely, claimed to have stolen approximately 40 million pieces of sensitive information from Conde Nast, including email addresses, home addresses, phone numbers, user IDs, display names, account creation and update timestamps, and in some cases, last session dates and IP addresses. The attack culminated in the publication of 2.3 million emails belonging to subscribers of Wired magazine, along with the names of 285,000 subscribers, 108,000 home addresses, and 32,000 phone numbers.
Published: Mon Dec 29 13:43:02 2025 by llama3.2 3B Q4_K_M
KrebsOnSecurity.com Celebrates 16th Anniversary: A Year of Uncovering Global Cybercrime Operations
In this year-long retrospective, we'll delve into the notable cases and trends that made headlines on KrebsOnSecurity.com over the past 12 months, highlighting the continued evolution of global cybercrime operations and the relentless efforts of security researchers to uncover their secrets.
Published: Mon Dec 29 14:32:56 2025 by llama3.2 3B Q4_K_M
Coinbase has announced that an ex-support agent has been arrested by the Hyderabad police over a customer data leak that involved the theft of nearly 70,000 customer records. The breach highlights the importance of security and responsible practices in the cryptocurrency industry.
Published: Mon Dec 29 15:23:19 2025 by llama3.2 3B Q4_K_M
Romania's Oltenia Energy Complex has been hit by a devastating ransomware attack, crippling its IT systems and posing significant risks to the national energy supply. The incident highlights the need for robust cybersecurity measures and government support to prevent similar threats. In this article, we explore the details of the attack, its impact on the company and broader implications for cybersecurity measures.
Published: Mon Dec 29 16:03:37 2025 by llama3.2 3B Q4_K_M
Coupang has announced a $1.17 billion settlement to compensate its 33.7 million data breach victims, making it one of the largest payouts ever recorded in South Korea's history. The company's cybersecurity crisis highlights the need for robust measures and employee training to prevent such incidents in the future.
Published: Mon Dec 29 16:35:45 2025 by llama3.2 3B Q4_K_M
Chinese state hackers have been found using a rootkit to hide their malicious activity related to the ToneShell malware, marking a significant escalation of cyber threats. The use of a kernel-mode loader provides the attackers with enhanced protection from detection by security tools and allows them to maintain operational stealth and resilience.
Published: Mon Dec 29 18:19:58 2025 by llama3.2 3B Q4_K_M
A Korean telco's deployment of thousands of badly secured femtocells has exposed thousands of customers to snooping and fraud, with 368 customers falling victim to a micropayment scam valued at $169,000. The incident highlights the importance of robust cybersecurity measures when deploying IoT devices like femtocells.
Published: Mon Dec 29 21:43:53 2025 by llama3.2 3B Q4_K_M
A new variant of backdoor dubbed TONESHELL has been discovered in a cyber attack attributed to the Chinese hacking group Mustang Panda. The driver, signed with an old digital certificate, leverages kernel-mode rootkit technology to evade traditional security measures and provide unparalleled protection for malicious files.
The threat poses significant concerns for organizations and individuals targeted by the group, highlighting the need for robust security measures and vigilance in the face of evolving cyber threats. Stay informed about the latest developments and learn how to protect yourself against this new threat.
U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a new MongoDB Server vulnerability to its list of known exploited vulnerabilities. The vulnerability, tracked as CVE-2025-14847, is being actively exploited by attackers worldwide, with more than 87,000 potentially vulnerable instances identified. Experts recommend immediate upgrading or disabling zlib compression on the affected MongoDB servers to prevent exploitation.
Published: Tue Dec 30 03:15:13 2025 by llama3.2 3B Q4_K_M
Discover how to harness the power of AI in your SOC without falling into common pitfalls. Learn about effective integration strategies and best practices from industry experts at SANS Security Central 2026.
Published: Tue Dec 30 04:39:49 2025 by llama3.2 3B Q4_K_M
Silver Fox Targets Indian Users With Tax-Themed Emails Delivering ValleyRAT Malware: A Sophisticated Phishing Campaign Unfolds in Asia-Pacific Region
Published: Tue Dec 30 05:17:42 2025 by llama3.2 3B Q4_K_M
South Korean authorities have arrested a 29-year-old Lithuanian national suspected of spreading KMSAuto malware that infected 2.8 million systems worldwide, resulting in $1.7 billion worth of stolen cryptocurrency.
Published: Tue Dec 30 05:58:40 2025 by llama3.2 3B Q4_K_M
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert to federal civilian executive branch agencies, ordering them to patch a high-severity MongoDB flaw that is actively being exploited in attacks. This vulnerability allows unauthenticated threat actors to remotely steal credentials and other sensitive data through low-complexity attacks.
Published: Tue Dec 30 08:47:33 2025 by llama3.2 3B Q4_K_M
Two former employees of cybersecurity companies have pleaded guilty to targeting US companies in BlackCat (ALPHV) ransomware attacks. The case highlights the importance of maintaining high standards of ethics in the cybersecurity industry.
Published: Tue Dec 30 09:30:22 2025 by llama3.2 3B Q4_K_M
A sophisticated Advanced Persistent Threat (APT) group known as Mustang Panda has been observed employing a signed kernel-mode rootkit driver to deploy its ToneShell backdoor. This marks a significant escalation in the techniques used by APT groups to compromise systems, highlighting the ongoing cat-and-mouse game between cyber threat actors and security researchers.
Published: Tue Dec 30 10:00:46 2025 by llama3.2 3B Q4_K_M
The European Space Agency has confirmed a recent cybersecurity breach involving unauthorized access to external servers containing sensitive information on collaborative engineering activities. The attackers claimed to have stolen over 200GB of data from the ESA's systems and private Bitbucket repositories, highlighting the importance of robust cybersecurity measures in protecting sensitive information.
Published: Tue Dec 30 10:38:48 2025 by llama3.2 3B Q4_K_M
SmarterMail users must act swiftly to address a newly disclosed critical vulnerability that could be exploited to achieve remote code execution. Update immediately to Build 9413 or later to ensure optimal protection, as the use of this version is recommended.
Published: Tue Dec 30 11:22:58 2025 by llama3.2 3B Q4_K_M
Two former cybersecurity employees have pleaded guilty to carrying out a series of sophisticated ransomware attacks that targeted several high-profile companies in the US. They face up to 20 years in prison for their crimes, which involved using ALPHV / BlackCat ransomware to extort millions of dollars in Bitcoin from victims.
Published: Tue Dec 30 12:41:06 2025 by llama3.2 3B Q4_K_M
The highly anticipated holiday season has come to an abrupt end, thanks to a severe vulnerability in the widely used open-source database server MongoDB, known as the "Heartbleed" of MongoDB. This devastating cyberattack exposes sensitive user information and highlights the need for organizations to prioritize security measures, including regular patching and monitoring.
Published: Tue Dec 30 13:37:58 2025 by llama3.2 3B Q4_K_M
Coupang has announced a $1.17 billion compensation package for nearly 34 million customers affected by a data breach, providing purchase vouchers worth approximately $1.2 billion. The incident highlights the need for robust cybersecurity measures and ongoing vigilance in the face of evolving threats.
Published: Tue Dec 30 15:00:15 2025 by llama3.2 3B Q4_K_M
New York's incoming mayor bans Raspberry Pi at his inauguration party, sparking debate among cybersecurity experts about the effectiveness and fairness of the ban.
Published: Tue Dec 30 18:39:33 2025 by llama3.2 3B Q4_K_M
Cybersecurity professionals turn to ransomware for personal gain, with two experts admitting to running a ransomware attack that targeted multiple organizations in the United States. The pair's involvement highlights the complexities and dangers of modern cybercrime and raises serious questions about the ethics of cybersecurity professionals.
Published: Tue Dec 30 19:55:46 2025 by llama3.2 3B Q4_K_M
Hong Kong has introduced a new measure to combat scams by requiring customers to use over-the-counter banking, also known as "Money Safe" accounts. These accounts allow customers to set aside funds that can only be accessed by visiting a brick-and-mortar bank. The move is seen as an important step in protecting Hong Kong's banks and residents from cyberattacks.
Published: Tue Dec 30 23:06:31 2025 by llama3.2 3B Q4_K_M
The continued use of Predator spyware highlights the need for greater regulation and oversight in addressing the issue of commercial spyware. The implications of this tool's use are far-reaching, posing significant risks to human rights and civil liberties.
Published: Wed Dec 31 00:37:31 2025 by llama3.2 3B Q4_K_M
MongoBleed (CVE-2025-14847) is a globally exploited MongoDB Server vulnerability allowing remote memory leak without authentication, affecting numerous countries including China, the US, Germany, Hong Kong, Singapore, India, Russia, France, Vietnam, and Indonesia. The issue has been added to CISA's KEV catalog due to active exploitation. All federal civilian executive branch agencies in the US are advised to remediate by January 19. Prompt action is crucial to mitigate this global cybersecurity crisis.
Published: Wed Dec 31 03:00:31 2025 by llama3.2 3B Q4_K_M
The world is entering a new era of great power competition between the United States, China, and Russia. As we approach 2026, it's essential that policymakers develop a clear understanding of the threat posed by these nations and devise effective strategies to address it. This article explores the implications of AI in international relations, cybersecurity threats, and the need for a nuanced approach to navigating this new era of global politics.
Published: Wed Dec 31 04:09:19 2025 by llama3.2 3B Q4_K_M
IBM has warned of a critical authentication bypass vulnerability in its API Connect platform that could allow remote attackers to access applications without authentication. The vulnerability affects versions 10.0.11.0 and 10.0.8.0 through 10.0.8.5 and requires immediate attention from affected organizations.
Published: Wed Dec 31 04:38:50 2025 by llama3.2 3B Q4_K_M
The Looming Shadow of Cybersecurity Stagnation: A Growing Concern for the United States
A growing trend of staffing cuts and instability within the US federal government has raised serious concerns about its ability to effectively address cybersecurity challenges. The situation is further complicated by the Trump administration's policies on immigration, which have created a perfect storm of concerns about cybersecurity. With the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) facing significant challenges due to staffing cuts, the country's digital defense posture is at risk of being compromised.
Published: Wed Dec 31 05:18:21 2025 by llama3.2 3B Q4_K_M
IBM Warns of Critical API Connect Bug: A critical security alert has been issued regarding a vulnerability in its API Connect platform that could allow attackers to bypass authentication mechanisms and gain unauthorized access to the application. Read more about this critical bug and how organizations can take proactive measures to address it.
Published: Wed Dec 31 07:56:56 2025 by llama3.2 3B Q4_K_M
Modified Shai-Hulud Worm Found on npm Registry, Researchers Sound Alarm
Cybersecurity researchers have recently discovered a modified strain of the Shai Hulud worm on the npm registry. According to research team Aikido, this appears to be an attacker testing malware payloads. The attackers had access to the original source code for the worm and exploited specific vulnerabilities in Java's reverse-domain namespace convention.
The malicious package "org.fasterxml.jackson.core/jackson-databind" was found on Maven Central and used as an attack vector. It exploits a blind spot in Java's reverse-domain namespace convention, according to Aikido. The attackers had access to the original source code for the worm and used it to test their payload.
The modified Shai Hulud worm appears to be testing payloads and was discovered on January 2026. According to Charlie Eriksen of Aikido, "This suggests we may have caught the attackers testing their payload." The researchers also found that this malware exploited specific vulnerabilities in Java's reverse-domain namespace convention.
Cybersecurity experts are warning developers about a new threat to use packages on Maven Central. Aikido reported that they found the malicious package "org.fasterxml.jackson.core/jackson-databind" on Maven Central, which is a legitimate Jackson JSON library extension but poses as an attack vector.
The attackers had access to the original source code for the worm and used it to test their payload. The modified Shai Hulud worm appears to be testing payloads and was discovered in January 2026. According to Eriksen, "the differences in the code suggest that this was obfuscated again from the original source, not modified in place." This suggests that the researchers may have caught an attacker who is testing new versions of malware.
Cybersecurity researchers are sounding the alarm about a new strain of Shai-Hulud worm on npm registry. The attackers had access to the original source code for the worm and used it to test their payload. Aikido reported that this malicious package "org.fasterxml.jackson.core/jackson-databind" was found on Maven Central, which is a legitimate Jackson JSON library extension but poses as an attack vector.
The modified Shai Hulud worm appears to be testing payloads and was discovered in January 2026. According to Eriksen, "the differences in the code suggest that this was obfuscated again from the original source, not modified in place." This suggests that the researchers may have caught an attacker who is testing new versions of malware.
The attackers had access to the original source code for the worm and used it to test their payload. Cybersecurity experts are warning developers about a new threat to use packages on Maven Central.
The modified Shai Hulud worm appears to be testing payloads and was discovered in January 2026. According to Eriksen, "the differences in the code suggest that this was obfuscated again from the original source, not modified in place." This suggests that the researchers may have caught an attacker who is testing new versions of malware.
Aikido reported that they found the malicious package "org.fasterxml.jackson.core/jackson-databind" on Maven Central, which is a legitimate Jackson JSON library extension but poses as an attack vector. The attackers had access to the original source code for the worm and used it to test their payload.
The modified Shai Hulud worm appears to be testing payloads and was discovered in January 2026. According to Eriksen, "the differences in the code suggest that this was obfuscated again from the original source, not modified in place." This suggests that the researchers may have caught an attacker who is testing new versions of malware.
The attackers had access to the original source code for the worm and used it to test their payload. Cybersecurity experts are warning developers about a new threat to use packages on Maven Central.
Published: Wed Dec 31 08:14:44 2025 by llama3.2 3B Q4_K_M
Singapore's Cyber Security Agency of Singapore (CSA) has issued a warning about a critical vulnerability in SmarterMail, allowing for unauthenticated remote code execution via arbitrary file upload. The severity of the flaw has been rated at 10.0 on the Common Vulnerability Scoring System (CVSS), indicating a high level of risk to organizations that use this software.
Published: Wed Dec 31 09:01:22 2025 by llama3.2 3B Q4_K_M
The RondoDox botnet has been identified exploiting the critical React2Shell flaw (CVE-2025-55182) to compromise vulnerable Next.js servers. This malicious activity poses a significant threat to organizations and highlights the importance of prioritizing the security and patching of Next.js servers.
Published: Wed Dec 31 09:12:34 2025 by llama3.2 3B Q4_K_M
A $3.9 million heist has been uncovered at Unleash Protocol, a decentralized intellectual property platform, due to an unauthorized contract upgrade by an attacker who used Tornado Cash for mixing stolen assets. The incident highlights the need for robust security measures within DeFi platforms and underscores the importance of smart contract audits.
Published: Wed Dec 31 10:00:19 2025 by llama3.2 3B Q4_K_M
The European Space Agency (ESA) has disclosed a data breach after a hacker offered to sell stolen data, confirming that external science servers were compromised. The hack is believed to have occurred on December 18, and the hackers claimed to have stolen sensitive information from private Bitbucket repositories. This article will delve into the details of the incident, including the extent of the breach, the measures taken by the ESA to address it, and the implications for the organization and its stakeholders.
Published: Wed Dec 31 11:01:28 2025 by llama3.2 3B Q4_K_M
The European Space Agency (ESA) has suffered another cybersecurity breach, with hackers claiming to have stolen over 200 GB of sensitive data, including confidential documents and source code. This incident raises concerns about the agency's overall cybersecurity posture and highlights the need for organizations to prioritize robust security measures to prevent similar breaches.
Published: Wed Dec 31 11:13:39 2025 by llama3.2 3B Q4_K_M
In a devastating attack known as Shai-Hulud 2.0, a popular cryptocurrency wallet extension for Google Chrome fell prey to a software supply chain attack that drained $8.5M in assets from users' wallets. This attack highlights the importance of implementing robust security protocols and conducting regular audits to detect and prevent similar attacks. Stay informed about the latest security threats and take proactive measures to protect yourself from potential breaches.
Published: Wed Dec 31 11:21:02 2025 by llama3.2 3B Q4_K_M
IBM has announced a critical security flaw in its API Connect authentication system that could allow attackers to bypass authentication mechanisms and gain unauthorized access to the application. This vulnerability has been rated 9.8 out of a maximum of 10.0 on the CVSS scoring system, making it one of the most critical vulnerabilities ever disclosed.
Published: Wed Dec 31 23:29:50 2025 by llama3.2 3B Q4_K_M
| Follow @EthHackingNews |