Latest Cybersecurity News and Articles
02 December 2025
Names, addresses, email addresses, and phone numbers were compromised in a five-month-long data breach.
The post Personal Information of 33.7 Million Stolen From Coupang appeared first on SecurityWeek.
02 December 2025
Google warns that two out of the 107 vulnerabilities patched in Android this month have been exploited in limited, targeted attacks.
The post Android’s December 2025 Updates Patch Two Zero-Days appeared first on SecurityWeek.
02 December 2025
Google on Monday released monthly security updates for the Android operating system, including two vulnerabilities that it said have been exploited in the wild.
The patch addresses a total of 107 security flaws spanning different components, including Framework, System, Kernel, as well as those from Arm, Imagination Technologies, MediaTek, Qualcomm, and Unison.
The two high-severity shortcomings
01 December 2025
India's telecommunications ministry has reportedly asked major mobile device manufacturers to preload a government-backed cybersecurity app named Sanchar Saathi on all new phones within 90 days.
According to a report from Reuters, the app cannot be deleted or disabled from users' devices.
Sanchar Saathi, available on the web and via mobile apps for Android and iOS, allows users to report
01 December 2025
A threat actor known as ShadyPanda has been linked to a seven-year-long browser extension campaign that has amassed over 4.3 million installations over time.
Five of these extensions started off as legitimate programs before malicious changes were introduced in mid-2024, according to a report from Koi Security, attracting 300,000 installs. These extensions have since been taken down.
"These
01 December 2025
A recent press release by VPN.com reveals that the development of artificial intelligence (AI), robotics and neural implants are creating additional identification security concerns.
01 December 2025
Recent research by VPN.com finds that the development of artificial intelligence (AI), robotics and neural implants are creating additional identification security concerns.
01 December 2025
Two technologies — one for public safety, one for controlled entry — show why trust in facial recognition must be earned, not assumed.
The post Facial Recognition’s Trust Problem appeared first on SecurityWeek.
01 December 2025
Cryptomixer was targeted by law enforcement in Operation Olympia for facilitating cybercrime and money laundering.
The post $29 Million Worth of Bitcoin Seized in Cryptomixer Takedown appeared first on SecurityWeek.
01 December 2025
Albiriox is a banking trojan offered under a malware-as-a-service model for $720 per month.
The post New Albiriox Android Malware Developed by Russian Cybercriminals appeared first on SecurityWeek.
01 December 2025
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Dec. 1, 2025 – Read the full Government Technology story At a time when AI spending is soaring, even raising fears of an AI bubble, what’s happening now and what’s ahead for cybersecurity
The post Cybersecurity Budgets: What the Data Says About 2026 appeared first on Cybercrime Magazine.
01 December 2025
Hackers aren’t kicking down the door anymore. They just use the same tools we use every day — code packages, cloud accounts, email, chat, phones, and “trusted” partners — and turn them against us.
One bad download can leak your keys. One weak vendor can expose many customers at once. One guest invite, one link on a phone, one bug in a common tool, and suddenly your mail, chats, repos, and
01 December 2025
The AI browser wars are coming to a desktop near you, and you need to start worrying about their security challenges.
For the last two decades, whether you used Chrome, Edge, or Firefox, the fundamental paradigm remained the same: a passive window through which a human user viewed and interacted with the internet.
That era is over. We are currently witnessing a shift that renders the old
01 December 2025
CISA has added CVE-2021-26829 to its Known Exploited Vulnerabilities (KEV) catalog.
The post CISA Warns of ScadaBR Vulnerability After Hacktivist ICS Attack appeared first on SecurityWeek.
01 December 2025
Michael Clapsis has been sentenced to 7 years and 4 months in prison for stealing sensitive information.
The post Australian Man Sentenced to Prison for Wi-Fi Attacks at Airports and on Flights appeared first on SecurityWeek.
01 December 2025
A new Android malware named Albiriox has been advertised under a malware-as-a-service (MaaS) model to offer a "full spectrum" of features to facilitate on-device fraud (ODF), screen manipulation, and real-time interaction with infected devices.
The malware embeds a hard-coded list comprising over 400 applications spanning banking, financial technology, payment processors, cryptocurrency
01 December 2025
A real estate finance platform announced it experienced a cyberattack.
01 December 2025
The threat actor known as Tomiris has been attributed to attacks targeting foreign ministries, intergovernmental organizations, and government entities in Russia with an aim to establish remote access and deploy additional tools.
"These attacks highlight a notable shift in Tomiris's tactics, namely the increased use of implants that leverage public services (e.g., Telegram and Discord) as
30 November 2025
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalog to include a security flaw impacting OpenPLC ScadaBR, citing evidence of active exploitation.
The vulnerability in question is CVE-2021-26829 (CVSS score: 5.4), a cross-site scripting (XSS) flaw that affects Windows and Linux versions of the software via
28 November 2025
Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply chain compromise on the Python Package Index (PyPI) via a domain takeover attack.
Software supply chain security company ReversingLabs said it found the "vulnerability" in bootstrap files provided by a build and deployment automation tool named "zc.buildout."
"The