Security researchers from Hunt.io and Acronis Threat Research Unit have uncovered a sophisticated network of operational infrastructure controlled by North Korean state-sponsored threat actors Lazarus and Kimsuky. The collaborative investigation revealed previously undocumented connections between these groups’ campaigns, exposing active…
RansomHouse RaaS Enhances Double Extortion with Data Theft and Encryption
RansomHouse, a ransomware-as-a-service (RaaS) operation managed by the threat group Jolly Scorpius, has significantly enhanced its encryption capabilities, marking a critical escalation in the threat landscape. Recent analysis of RansomHouse binaries reveals a sophisticated upgrade from basic linear encryption to…
INE Security Expands Across Middle East and Asia to Accelerate Cybersecurity Upskilling
Cary, North Carolina, USA, 18th December 2025, CyberNewsWire INE Security Expands Across Middle East and Asia to Accelerate Cybersecurity Upskilling on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses. This article has been indexed from…
Your car’s web browser may be on the road to cyber ruin
Study finds built-in browsers across gadgets often ship years out of date Web browsers for desktop and mobile devices tend to receive regular security updates, but that often isn’t the case for those that reside within game consoles, televisions, e-readers,…
Client ID Metadata Documents (CIMD): The Future of MCP Authentication
Struggling with MCP authentication? The November 2025 spec just changed everything. CIMD replaces DCR’s complexity with a simple URL-based approach—no registration endpoints, no client ID sprawl, built-in identity verification. Here’s your complete implementation guide with production code. The post Client…
IT Security News Hourly Summary 2025-12-18 21h : 7 posts
7 posts were published in the last hour 20:3 : FBI Confirms 630 Million Stolen Passwords 20:3 : Stolen IAM Drives AWS Crypto Mining 20:3 : 20 Million Hit By Prosper Data Breach 20:3 : Cyber Briefing: 2025.12.18 20:3 :…
FBI Confirms 630 Million Stolen Passwords
The cybersecurity landscape has faced a series of alarming developments this week, culminating in the FBI’s announcement regarding a massive cache of stolen data. Investigators discovered 630 million passwords stored on hardware confiscated from an individual hacker, highlighting the scale…
Stolen IAM Drives AWS Crypto Mining
Security researchers recently identified a fast-moving threat actor that specializes in hijacking AWS accounts to mine cryptocurrency. This article has been indexed from CyberMaterial Read the original article: Stolen IAM Drives AWS Crypto Mining
20 Million Hit By Prosper Data Breach
Prosper Marketplace first detected the cyberattack on September 1, though a subsequent investigation determined that hackers had access to their systems between June and August 2025. This article has been indexed from CyberMaterial Read the original article: 20 Million Hit…
Cyber Briefing: 2025.12.18
SantaStealer malware, China-linked espionage, AWS IAM abuse, major SSN breaches, mass password leaks, and state cyber interference dominated. This article has been indexed from CyberMaterial Read the original article: Cyber Briefing: 2025.12.18
New SantaStealer Malware Targets Data
A Russian-speaking developer is currently promoting SantaStealer through a subscription model, offering a basic package for 175 dollars and a premium version for 300 dollars per month. This article has been indexed from CyberMaterial Read the original article: New SantaStealer…
Cybersecurity Marketing Trends for 2026
Buyer Shifts, Growth Opportunities, and How Marketers Win in a New Security Era The post Cybersecurity Marketing Trends for 2026 appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: Cybersecurity Marketing Trends…
ICE Seeks Cyber Upgrade to Better Surveil and Investigate Its Employees
The agency plans to renew a sweeping cybersecurity contract that includes expanded employee monitoring as the government escalates leak investigations and casts internal dissent as a threat. This article has been indexed from Security Latest Read the original article: ICE…
Adios 2025, you won’t be missed
This week, Joe laments on 2025, and what we can think of in 2026 in the wild world of cybersecurity. This article has been indexed from Cisco Talos Blog Read the original article: Adios 2025, you won’t be missed
Lazarus Group Embed New BeaverTail Variant in Developer Tools
North Korea’s Lazarus Group deploys a new BeaverTail variant to steal credentials and crypto using fake job lures, dev tools, and smart contracts. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and More Read the…
DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists
Resecurity reports a Q4 2025 surge in criminal use of DIG AI on Tor, enabling scalable illicit activity and posing new risks ahead of major 2026 events. During Q4 2025, Resecurity observed a notable increase in malicious actors utilizing DIG…
Crypto crooks co-opt stolen AWS creds to mine coins
‘Within 10 minutes of gaining initial access, crypto miners were operational’ Your AWS account could be quietly running someone else’s cryptominer. Cryptocurrency thieves are using stolen Amazon account credentials to mine for coins at the expense of AWS customers, abusing…
New Udados Botnet Launches Massive HTTP Flood DDoS Attacks Targeting Tech Sector
A newly identified botnet malware family, dubbed “Udados,” has emerged as a significant threat to the Technology and Telecommunications sectors, orchestrating high-volume HTTP flood Distributed Denial-of-Service (DDoS) attacks. According to ANY.RUN sandbox analysis, the botnet leverages infected hosts to execute…
TruffleNet and Cloud Abuse at Scale: An Identity Architecture Failure
The recent TruffleNet campaign, first documented by Fortinet, highlights a familiar and uncomfortable truth for security leaders: some of the most damaging cloud attacks aren’t exploiting zero-day vulnerabilities. They’re exploiting identity models that were never designed for the scale and…
The Ultra-Realistic AI Face Swapping Platform Driving Romance Scams
Capable of creating “nearly perfect” face swaps during live video chats, Hoatian has made millions, mainly via Telegram. But its main channel vanished after WIRED’s inquiry into scammers using the app. This article has been indexed from Security Latest Read…
Salt Security Unveils its “12 Months of Innovation”
Salt Security has unveiled its “12 Months of Innovation” recap, a holiday-inspired look at the company’s product, partnership, and research momentum across 2025. As organisations raced to adopt AI agents, MCP servers and cloud-native architectures, Salt delivered an unmatched innovation…
Kim’s crypto thieving reached a record $2B in 2025
ByBit attack doing some seriously heavy lifting North Korea’s yearly cryptocurrency thefts have accelerated, with Kim’s state-backed cybercriminals plundering just over $2 billion worth of tokens in 2025.… This article has been indexed from The Register – Security Read the…
New Microsoft e-book: 3 reasons point solutions are holding you back
Explore the new Microsoft e-book on how a unified, AI-ready platform delivers speed, resilience, and measurable security gains. The post New Microsoft e-book: 3 reasons point solutions are holding you back appeared first on Microsoft Security Blog. This article has…
China-Aligned Threat Group Uses Windows Group Policy to Deploy Espionage Malware
A previously undocumented China-aligned threat cluster dubbed LongNosedGoblin has been attributed to a series of cyber attacks targeting governmental entities in Southeast Asia and Japan. The end goal of these attacks is cyber espionage, Slovak cybersecurity company ESET said in…