Latest Cybersecurity News and Articles
31 December 2025
The European Space Agency is conducting an investigation and says external science servers have been compromised.
The post European Space Agency Confirms Breach After Hacker Offers to Sell Data appeared first on SecurityWeek.
31 December 2025
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) on Tuesday removed three individuals linked to the Intellexa Consortium, the holding company behind a commercial spyware known as Predator, from the specially designated nationals list.
The names of the individuals are as follows -
Merom Harpaz
Andrea Nicola Constantino Hermes Gambazzi
Sara Aleksandra Fayssal Hamou
30 December 2025
The Cyber Security Agency of Singapore (CSA) has issued a bulletin warning of a maximum-severity security flaw in SmarterTools SmarterMail email software that could be exploited to achieve remote code execution.
The vulnerability, tracked as CVE-2025-52691, carries a CVSS score of 10.0. It relates to a case of arbitrary file upload that could enable code execution without requiring any
30 December 2025
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Dec. 30, 2025 –Read the full story in Government Technology Dan Lohrmann, internationally recognized cybersecurity leader, technologist, keynote speaker and author covered “The Top 26 Security Predictions for 2026” in Government Technology
The post The Top Cybersecurity Predictions For 2026 appeared first on Cybercrime Magazine.
30 December 2025
The total disclosed value for all the cybersecurity M&A deals announced in 2025 exceeded $84 billion.
The post 8 Cybersecurity Acquisitions Surpassed $1 Billion Mark in 2025 appeared first on SecurityWeek.
30 December 2025
The threat actor known as Silver Fox has turned its focus to India, using income tax-themed lures in phishing campaigns to distribute a modular remote access trojan called ValleyRAT (aka Winos 4.0).
"This sophisticated attack leverages a complex kill chain involving DLL hijacking and the modular Valley RAT to ensure persistence," CloudSEK researchers Prajwal Awasthi and Koushik Pal said in an
30 December 2025
The threat actor uses a signed driver file containing two user-mode shellcodes to execute its ToneShell backdoor.
The post Chinese APT Mustang Panda Caught Using Kernel-Mode Rootkit appeared first on SecurityWeek.
30 December 2025
Artificial intelligence (AI) is making its way into security operations quickly, but many practitioners are still struggling to turn early experimentation into consistent operational value. This is because SOCs are adopting AI without an intentional approach to operational integration. Some teams treat it as a shortcut for broken processes. Others attempt to apply machine learning to problems
30 December 2025
Roughly 30,000 Korean Air employees had their data stolen by hackers in a breach at former subsidiary KC&D.
The post Korean Air Data Compromised in Oracle EBS Hack appeared first on SecurityWeek.
30 December 2025
The Chinese hacking group known as Mustang Panda has leveraged a previously undocumented kernel-mode rootkit driver to deliver a new variant of backdoor dubbed TONESHELL in a cyber attack detected in mid-2025 targeting an unspecified entity in Asia.
The findings come from Kaspersky, which observed the new backdoor variant in cyber espionage campaigns mounted by the hacking group targeting
29 December 2025
KrebsOnSecurity.com celebrates its 16th anniversary today! A huge "thank you" to all of our readers -- newcomers, long-timers and drive-by critics alike. Your engagement this past year here has been tremendous and truly a salve on a handful of dark days. Happily, comeuppance was a strong theme running through our coverage in 2025, with a primary focus on entities that enabled complex and globally-dispersed cybercrime services.
29 December 2025
It took Sax well over a year to complete its investigation after detecting hackers on its network.
The post Top US Accounting Firm Sax Discloses 2024 Data Breach Impacting 220,000 appeared first on SecurityWeek.
29 December 2025
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Dec. 29, 2025 –Read the full story in The Independent As 2025 winds down, business leaders and executives will feel it has been a particularly expensive year as the cost of employment
The post How 2025 Became The Year Of The Cyberattack For British Businesses appeared first on Cybercrime Magazine.
29 December 2025
Last week’s cyber news in 2025 was not about one big incident. It was about many small cracks opening at the same time. Tools people trust every day behave in unexpected ways. Old flaws resurfaced. New ones were used almost immediately.
A common theme ran through it all in 2025. Attackers moved faster than fixes. Access meant for work, updates, or support kept getting abused. And damage did not
29 December 2025
Tracked as CVE-2020-12812, the exploited FortiOS flaw allows threat actors to bypass two-factor authentication.
The post Fortinet Warns of New Attacks Exploiting Old Vulnerability appeared first on SecurityWeek.
29 December 2025
The ecommerce giant will provide purchase vouchers to the 33.7 million individuals impacted by the incident.
The post Coupang to Issue $1.17 Billion in Vouchers Over Data Breach appeared first on SecurityWeek.
29 December 2025
Hackers stole names, addresses, Social Security numbers, ID numbers, and medical and health insurance information from Aflac’s systems.
The post 22 Million Affected by Aflac Data Breach appeared first on SecurityWeek.
29 December 2025
The ‘download’ button on the official EmEditor website served a malicious installer.
The post Infostealer Malware Delivered in EmEditor Supply Chain Attack appeared first on SecurityWeek.
29 December 2025
A recently disclosed security vulnerability in MongoDB has come under active exploitation in the wild, with over 87,000 potentially susceptible instances identified across the world.
The vulnerability in question is CVE-2025-14847 (CVSS score: 8.7), which allows an unauthenticated attacker to remotely leak sensitive data from the MongoDB server memory. It has been codenamed MongoBleed.
"A flaw
29 December 2025
Cybersecurity researchers have disclosed details of what has been described as a "sustained and targeted" spear-phishing campaign that has published over two dozen packages to the npm registry to facilitate credential theft.
The activity, which involved uploading 27 npm packages from six different npm aliases, has primarily targeted sales and commercial personnel at critical