Latest Cybersecurity News and Articles
02 December 2025
When familiar security concepts carry unfamiliar meanings for different audiences, teams talk past each other without even realizing it. This silent disconnect weakens communication, clarity, and outcomes.
The post The Great Disconnect: Unmasking the ‘Two Separate Conversations’ in Security appeared first on SecurityWeek.
02 December 2025
Cybersecurity researchers have disclosed details of an npm package that attempts to influence artificial intelligence (AI)-driven security scanners.
The package in question is eslint-plugin-unicorn-ts-2, which masquerades as a TypeScript extension of the popular ESLint plugin. It was uploaded to the registry by a user named "hamburgerisland" in February 2024. The package has been downloaded
02 December 2025
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Dec. 2, 2025 – Read the full story in Bolde The working world is far weirder, cooler, and more creative than anyone tells you. Behind the scenes, there are people making real
The post Ethical Hacker: Coolest Job In 2026 appeared first on Cybercrime Magazine.
02 December 2025
The extensions were seen profiling users, reading cookie data to create unique identifiers, and executing payloads with browser API access.
The post Chrome, Edge Extensions Caught Tracking Users, Creating Backdoors appeared first on SecurityWeek.
02 December 2025
Israeli entities spanning academia, engineering, local government, manufacturing, technology, transportation, and utilities sectors have emerged as the target of a new set of attacks undertaken by Iranian nation-state actors that have delivered a previously undocumented backdoor called MuddyViper.
The activity has been attributed by ESET to a hacking group known as MuddyWater (aka Mango
02 December 2025
The Swiss cybersecurity firm will scale its R&D, sales and marketing teams as it pursues expansion across Europe.
The post Saporo Raises $8 Million for Identity Security Platform appeared first on SecurityWeek.
02 December 2025
The Codex CLI vulnerability tracked as CVE-2025-61260 can be exploited for command execution.
The post Vulnerability in OpenAI Coding Agent Could Facilitate Attacks on Developers appeared first on SecurityWeek.
02 December 2025
Security leaders discuss the Coupang data breach, which affected approximately 34 million customers.
02 December 2025
Vulnerability management is a core component of every cybersecurity strategy. However, businesses often use thousands of software without realising it (when was the last time you checked?), and keeping track of all the vulnerability alerts, notifications, and updates can be a burden on resources and often leads to missed vulnerabilities.
Taking into account that nearly 10% of
02 December 2025
Names, addresses, email addresses, and phone numbers were compromised in a five-month-long data breach.
The post Personal Information of 33.7 Million Stolen From Coupang appeared first on SecurityWeek.
02 December 2025
Google warns that two out of the 107 vulnerabilities patched in Android this month have been exploited in limited, targeted attacks.
The post Android’s December 2025 Updates Patch Two Zero-Days appeared first on SecurityWeek.
02 December 2025
Google on Monday released monthly security updates for the Android operating system, including two vulnerabilities that it said have been exploited in the wild.
The patch addresses a total of 107 security flaws spanning different components, including Framework, System, Kernel, as well as those from Arm, Imagination Technologies, MediaTek, Qualcomm, and Unison.
The two high-severity shortcomings
01 December 2025
India's telecommunications ministry has reportedly asked major mobile device manufacturers to preload a government-backed cybersecurity app named Sanchar Saathi on all new phones within 90 days.
According to a report from Reuters, the app cannot be deleted or disabled from users' devices.
Sanchar Saathi, available on the web and via mobile apps for Android and iOS, allows users to report
01 December 2025
A threat actor known as ShadyPanda has been linked to a seven-year-long browser extension campaign that has amassed over 4.3 million installations over time.
Five of these extensions started off as legitimate programs before malicious changes were introduced in mid-2024, according to a report from Koi Security, attracting 300,000 installs. These extensions have since been taken down.
"These
01 December 2025
A recent press release by VPN.com reveals that the development of artificial intelligence (AI), robotics and neural implants are creating additional identification security concerns.
01 December 2025
Recent research by VPN.com finds that the development of artificial intelligence (AI), robotics and neural implants are creating additional identification security concerns.
01 December 2025
Two technologies — one for public safety, one for controlled entry — show why trust in facial recognition must be earned, not assumed.
The post Facial Recognition’s Trust Problem appeared first on SecurityWeek.
01 December 2025
Cryptomixer was targeted by law enforcement in Operation Olympia for facilitating cybercrime and money laundering.
The post $29 Million Worth of Bitcoin Seized in Cryptomixer Takedown appeared first on SecurityWeek.
01 December 2025
Albiriox is a banking trojan offered under a malware-as-a-service model for $720 per month.
The post New Albiriox Android Malware Developed by Russian Cybercriminals appeared first on SecurityWeek.
01 December 2025
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Dec. 1, 2025 – Read the full Government Technology story At a time when AI spending is soaring, even raising fears of an AI bubble, what’s happening now and what’s ahead for cybersecurity
The post Cybersecurity Budgets: What the Data Says About 2026 appeared first on Cybercrime Magazine.