Latest Cybersecurity News and Articles
17 December 2025
The malware provides full device control and real-time surveillance capabilities like those of advanced spyware.
The post New $150 Cellik RAT Grants Android Control, Trojanizes Google Play Apps appeared first on SecurityWeek.
17 December 2025
The perimeter is gone. Credentials are no longer sufficient. And security can no longer rely on static controls in a dynamic threat environment.
The post Five Cybersecurity Predictions for 2026: Identity, AI, and the Collapse of Perimeter Thinking appeared first on SecurityWeek.
17 December 2025
Modern security teams often feel like they’re driving through fog with failing headlights. Threats accelerate, alerts multiply, and SOCs struggle to understand which dangers matter right now for their business. Breaking out of reactive defense is no longer optional. It’s the difference between preventing incidents and cleaning up after them.
Below is the path from reactive firefighting to a
17 December 2025
Led by Bain Capital Ventures, the investment round brings the total raised by the company to $146.5 million.
The post Adaptive Security Raises $81 Million in Series B Funding appeared first on SecurityWeek.
17 December 2025
The threat actor known as Jewelbug has been increasingly focusing on government targets in Europe since July 2025, even as it continues to attack entities located in Southeast Asia and South America.
Check Point Research is tracking the cluster under the name Ink Dragon. It's also referenced by the broader cybersecurity community under the names CL-STA-0049, Earth Alux, and REF7707. The
17 December 2025
The malware hijacks purchase commissions, tracks users, removes security headers, injects hidden iframes, and bypasses CAPTCHA.
The post GhostPoster Firefox Extensions Hide Malware in Icons appeared first on SecurityWeek.
17 December 2025
LKQ said the personal information of thousands of individuals was compromised as a result of the hacker attack.
The post Auto Parts Giant LKQ Confirms Oracle EBS Breach appeared first on SecurityWeek.
17 December 2025
A new campaign named GhostPoster has leveraged logo files associated with 17 Mozilla Firefox browser add-ons to embed malicious JavaScript code designed to hijack affiliate links, inject tracking code, and commit click and ad fraud.
The extensions have been collectively downloaded over 50,000 times, according to Koi Security, which discovered the campaign. The add-ons are no longer available.
17 December 2025
The startup takes an agentic approach to preventing vulnerability exploitation by uncovering exposure across assets.
The post Dux Emerges From Stealth Mode With $9 Million in Funding appeared first on SecurityWeek.
16 December 2025
From open source libraries to AI-powered coding assistants, speed-driven development is introducing new third-party risks that threat actors are increasingly exploiting.
The post From Open Source to OpenAI: The Evolution of Third-Party Risk appeared first on SecurityWeek.
16 December 2025
An ongoing campaign has been observed targeting Amazon Web Services (AWS) customers using compromised Identity and Access Management (IAM) credentials to enable cryptocurrency mining.
The activity, first detected by Amazon's GuardDuty managed threat detection service and its automated security monitoring systems on November 2, 2025, employs never-before-seen persistence techniques to hamper
16 December 2025
Cybersecurity researchers have discovered a new malicious NuGet package that typosquats and impersonates the popular .NET tracing library and its author to sneak in a cryptocurrency wallet stealer.
The malicious package, named "Tracer.Fody.NLog," remained on the repository for nearly six years. It was published by a user named "csnemess" on February 26, 2020. It masquerades as "Tracer.Fody,"
16 December 2025
Closed CISO communities act as an information exchange, advice center, pressure valve, and safe haven from critical oversight.
The post CISO Communities – Cybersecurity’s Secret Weapon appeared first on SecurityWeek.
16 December 2025
The e-commerce and logistics company was targeted by the RansomHouse ransomware group in October.
The post 700,000 Records Compromised in Askul Ransomware Attack appeared first on SecurityWeek.
16 December 2025
Direct navigation -- the act of visiting a website by manually typing a domain name in a web browser -- has never been riskier: A new study finds the vast majority of "parked" domains -- mostly expired or dormant domain names, or common misspellings of popular websites -- are now configured to redirect visitors to sites that foist scams and malware.
16 December 2025
The fresh investment comes less than six months after the startup’s seed funding announcement.
The post Echo Raises $35 Million in Series A Funding appeared first on SecurityWeek.
16 December 2025
The company plans to accelerate product development, scale go-to-market efforts, and hire new talent.
The post Verisoul Raises $8.8 Million for Fraud Prevention appeared first on SecurityWeek.
16 December 2025
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Dec. 16, 2025 –Read the full story from BreachLock Integrating LLMs (large language models) with enterprise applications enables organizations to directly embed LLMs into operations for a wide range of use cases.
The post The Risks of Integrating LLMs into Enterprise Apps appeared first on Cybercrime Magazine.
16 December 2025
After years of exploiting zero-day and n-day vulnerabilities, Russian state-sponsored threat actors are shifting to misconfigured devices.
The post Amazon: Russian Hackers Now Favor Misconfigurations in Critical Infrastructure Attacks appeared first on SecurityWeek.
16 December 2025
Amazon's threat intelligence team has disclosed details of a "years-long" Russian state-sponsored campaign that targeted Western critical infrastructure between 2021 and 2025.
Targets of the campaign included energy sector organizations across Western nations, critical infrastructure providers in North America and Europe, and entities with cloud-hosted network infrastructure. The activity has