Latest Cybersecurity News and Articles
19 December 2025
Cybersecurity researchers have disclosed details of a new campaign that has used cracked software distribution sites as a distribution vector for a new version of a modular and stealthy loader known as CountLoader.
The campaign "uses CountLoader as the initial tool in a multistage attack for access, evasion, and delivery of additional malware families," Cyderes Howler Cell Threat Intelligence
19 December 2025
The startup’s solution captures, verifies, and governs all AI interactions within an enterprise’s environment.
The post AI Security Firm Ciphero Emerges From Stealth With $2.5 Million in Funding appeared first on SecurityWeek.
19 December 2025
The Trump administration has pursued a staggering range of policy pivots this past year that threaten to weaken the nation’s ability and willingness to address a broad spectrum of technology challenges, from cybersecurity and privacy to countering disinformation, fraud and corruption. These shifts, along with the president’s efforts to restrict free speech and freedom of the press, have come at such a rapid clip that many readers probably aren’t even aware of them all.
19 December 2025
Danish intelligence service said the attacks were part of Russia’s “hybrid war” against the West and an attempt to create instability.
The post Denmark Blames Russia for Cyberattacks Ahead of Elections and on Water Utility appeared first on SecurityWeek.
19 December 2025
The hacking group has been using Group Policy to deploy cyberespionage tools on governmental networks.
The post Chinese APT ‘LongNosedGoblin’ Targeting Asian Governments appeared first on SecurityWeek.
19 December 2025
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Dec. 19, 2025 –Read the Full Story in Business Observer Global cybercrime is projected to cost $10.5 trillion this year, around three times, or 3X more, than the $3 trillion estimated a
The post What’s In A Company Name? 10X Your Cybersecurity appeared first on Cybercrime Magazine.
19 December 2025
Millions of developers can now use the secure, production-ready images made by Docker.
The post Docker Makes 1,000 Hardened Images Free and Open Source appeared first on SecurityWeek.
19 December 2025
The exchange has been allegedly involved in laundering money for ransomware groups and other transnational cybercriminal organizations.
The post US Shuts Down Crypto Exchange E-Note, Charges Russian Administrator appeared first on SecurityWeek.
19 December 2025
Downloaded from a code library, the information pertains to current and former staff and affiliates, and to alumni and students.
The post University of Sydney Data Breach Affects 27,000 Individuals appeared first on SecurityWeek.
19 December 2025
Linked to the Aisuru IoT botnet, Kimwolf was seen launching over 1.7 billion DDoS attack commands and increasing its C&C domain’s popularity.
The post ‘Kimwolf’ Android Botnet Ensnares 1.8 Million Devices appeared first on SecurityWeek.
19 December 2025
WatchGuard has released fixes to address a critical security flaw in Fireware OS that it said has been exploited in real-world attacks.
Tracked as CVE-2025-14733 (CVSS score: 9.3), the vulnerability has been described as a case of out-of-bounds write affecting the iked process that could allow a remote unauthenticated attacker to execute arbitrary code.
"This vulnerability affects both the
19 December 2025
Authorities in Nigeria have announced the arrest of three "high-profile internet fraud suspects" who are alleged to have been involved in phishing attacks targeting major corporations, including the main developer behind the RaccoonO365 phishing-as-a-service (PhaaS) scheme.
The Nigeria Police Force National Cybercrime Centre (NPF–NCCC) said investigations conducted in collaboration with
19 December 2025
Data from Chainalysis and Amazon offers a glimpse into North Korea’s cyber activities surrounding cryptocurrency theft and fake IT workers.
The post North Korea’s Digital Surge: $2B Stolen in Crypto as Amazon Blocks 1,800 Fake IT Workers appeared first on SecurityWeek.
19 December 2025
Certain motherboard models from vendors like ASRock, ASUSTeK Computer, GIGABYTE, and MSI are affected by a security vulnerability that leaves them susceptible to early-boot direct memory access (DMA) attacks across architectures that implement a Unified Extensible Firmware Interface (UEFI) and input–output memory management unit (IOMMU).
UEFI and IOMMU are designed to enforce a security
18 December 2025
A previously undocumented China-aligned threat cluster dubbed LongNosedGoblin has been attributed to a series of cyber attacks targeting governmental entities in Southeast Asia and Japan.
The end goal of these attacks is cyber espionage, Slovak cybersecurity company ESET said in a report published today. The threat activity cluster has been assessed to be active since at least September 2023.
"
18 December 2025
ASRock, Asus, Gigabyte, and MSI motherboards are vulnerable to early-boot DMA attacks.
The post UEFI Vulnerability in Major Motherboards Enables Early-Boot Attacks appeared first on SecurityWeek.
18 December 2025
Tracked as CVE-2025-37164, the critical flaw could allow unauthenticated, remote attackers to execute arbitrary code.
The post HPE Patches Critical Flaw in IT Infrastructure Management Software appeared first on SecurityWeek.
18 December 2025
Hewlett Packard Enterprise (HPE) has resolved a maximum-severity security flaw in OneView Software that, if successfully exploited, could result in remote code execution.
The critical vulnerability, assigned the CVE identifier CVE-2025-37164, carries a CVSS score of 10.0. HPE OneView is an IT infrastructure management software that streamlines IT operations and controls all systems via a
18 December 2025
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Dec. 18, 2025 –Watch the YouTube video Evolving market dynamics are changing the way cybersecurity providers reach potential customers, according to research from a McKinsey study in Cybercrime Magazine’s Cybersecurity Market Report 2025-2026, published last
The post Non-CISO Cybersecurity Spending Rising Sharply appeared first on Cybercrime Magazine.
18 December 2025
Tracked as CVE-2025-59374, the issue is a software backdoor implanted in Asus Live Update in a supply chain attack.
The post CISA Warns of Exploited Flaw in Asus Update Tool appeared first on SecurityWeek.