Liquidator of Google Russia seeks seizure of assets in France to recoup €110m dividend paid out by subsidiary in December 2021 This article has been indexed from Silicon UK Read the original article: Google’s Defunct Russia Arm Targets Company’s French…
Pro-Russia Hacktivist Support: Ukrainian Faces US Charges
Ukrainian Victoria Dubranova, 33, faces US charges for aiding pro-Russia hacktivist groups CARR and NoName057(16) in global cyberattacks. A Ukrainian woman, Victoria Dubranova (33), has been charged in the US for allegedly aiding the pro-Russia hacktivist groups Cyber Army of…
Threat Actors Leverage ChatGPT to Attack Mac Devices With AMOS InfoStealer
A new AMOS InfoStealer campaign is abusing trust in ChatGPT to infect Mac devices under the guise of simple troubleshooting help. Victims search for a fix to a sound problem, click a sponsored ChatGPT result, and are shown what looks…
F5 strengthens ADSP with enhanced API discovery and threat detection
F5 unveiled enhancements to the F5 Application Delivery and Security Platform (ADSP). The latest updates focus on strengthening API discovery capabilities, improving threat detection, and optimizing network connectivity. These updated capabilities are in the latest 7.0 release of F5 Distributed…
Apple’s Cook Meets With US Lawmakers To Oppose Safety Bill
Apple chief executive Tim Cook meets with members of US House to argue against children’s safety legislation This article has been indexed from Silicon UK Read the original article: Apple’s Cook Meets With US Lawmakers To Oppose Safety Bill
Hackers Infiltrate VS Code Marketplace with 19 Malicious Extensions Posing as PNG File
Security researchers have uncovered a significant threat targeting developers through the VS Code Marketplace. A coordinated campaign involving 19 malicious extensions has been actively infiltrating the platform, with the attack remaining undetected since February 2025. These deceptive extensions carry hidden…
CloudCasa adds SMB support and compression controls for Kubernetes backup
CloudCasa announced the latest enhancements to its CloudCasa platform, adding support for accessing backup storage using SMB (Server Message Block) file-sharing protocol and support for user-selectable compression of backup data. These enhancements complement CloudCasa’s support for NFS backup storage introduced…
Black Duck Signal applies LLM intelligence to code and supply chain risk
Black Duck announced the launch of Black Duck Signal, a transformative agentic AI solution engineered to secure software at the speed of AI-powered development. Signal combines Black Duck’s 20 years of software security expertise and intellectual property with LLM-powered software…
Coupang CEO resigns, hactivists target US infrastructure, Israeli cybersecurity hits record funding
CEO of retail giant Coupang resigns Pro-Russia hactivists target US infrastructure Israeli cybersecurity funding hits record Huge thanks to our episode sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first cybersecurity company backed by OpenAI.…
IT Security News Hourly Summary 2025-12-11 09h : 7 posts
7 posts were published in the last hour 8:2 : Mandating Security by Design: Sekoia’s Blueprint for the EU Cyber Resilience Act 8:2 : Amazon, Microsoft To Spend $50bn In India 8:2 : EU Cyber Resilience Act (CRA) – Overview…
Mandating Security by Design: Sekoia’s Blueprint for the EU Cyber Resilience Act
Introduction The European Union (EU) continues to solidify its cybersecurity landscape through ambitious, horizontal regulations. In addition to the NIS 2 Directive and the Digital Operational Resilience Act (DORA), the Cyber Resilience Act (CRA) establishes a comprehensive framework aimed at…
Amazon, Microsoft To Spend $50bn In India
Two tech giants to spend combined $50bn in south Asian country on AI, cloud infrastructure, as Intel pledges support for chipmaking plan This article has been indexed from Silicon UK Read the original article: Amazon, Microsoft To Spend $50bn In…
EU Cyber Resilience Act (CRA) – Overview
What is the Cyber Resilience Act – CRA The Cyber Resilience Act is the first European regulation to set a mandatory minimum level of cyber security for all connected products available on the EU market – something that did not exist…
It didn’t take long: CVE-2025-55182 is now under active exploitation
Threat actors are now exploiting CVE-2025-55182, and attacks are poised to grow. Here’s what you need to know about the vulnerability, how our honeypots are being targeted, what malware is being deployed, and how to protect your systems. This article…
Google Patches Mysterious Chrome Zero-Day Exploited in the Wild
The Chrome zero-day does not have a CVE and it’s unclear who reported it and which browser component it affects. The post Google Patches Mysterious Chrome Zero-Day Exploited in the Wild appeared first on SecurityWeek. This article has been indexed…
40 open-source tools redefining how security teams secure the stack
Open source security software has become a key way for teams to get flexibility, transparency, and capability without licensing costs. The free tools in this roundup address problems security teams deal with, from managing large environments to catching misconfigurations and…
Bugcrowd unveils AI tools to accelerate triage and strengthen preemptive security
Bugcrowd has launched new platform functionality, Bugcrowd AI Triage Assistant and Bugcrowd AI Analytics, to bring speed and intelligence and insights to the process of building security resilience. Combined with the general availability of AI Connect, these new capabilities enable…
Active Attacks Exploit Gladinet’s Hard-Coded Keys for Unauthorized Access and Code Execution
Huntress is warning of a new actively exploited vulnerability in Gladinet’s CentreStack and Triofox products stemming from the use of hard-coded cryptographic keys that have affected nine organizations so far. “Threat actors can potentially abuse this as a way to…
LLM vulnerability patching skills remain limited
Security teams are wondering whether LLMs can help speed up patching. A new study tests that idea and shows where the tools hold up and where they fall short. The researchers tested LLMs from OpenAI, Meta, DeepSeek, and Mistral to…
644K+ Websites at Risk Due to Critical React Server Components Flaw
The Shadowserver Foundation has issued an urgent update regarding the critical “React2Shell” vulnerability, identifying a massive attack surface that remains exposed to potential exploitation. Following targeted improvements to their scanning infrastructure on December 8, 2025, researchers discovered that over 644,000…
New “Spiderman” Phishing Kit Lets Hackers Build Fake Bank Login Pages Instantly
A sophisticated phishing toolkit dubbed “Spiderman” has emerged as a significant threat to European banking customers, enabling cybercriminals to create convincing fake login pages for dozens of financial institutions with just a few clicks. This development marks a dangerous evolution…
Security Alert: 19 Fake PNG Extensions Found in VS Code Marketplace
ReversingLabs (RL) researchers have identified a sophisticated supply chain campaign involving 19 malicious Visual Studio Code (VS Code) extensions. The campaign, which has been active since February 2025 and was uncovered on December 2, 2025, leverages the trust inherent in…
Password habits are changing, and the data shows how far we’ve come
In this Help Net Security video, Andréanne Bergeron, Security Researcher at Flare, explains how changes in user habits, policy shifts, and new tools have shaped password security over nearly twenty years. She walks through research based on leaked passwords from…
Windows Defender Firewall Service Vulnerability Let Attackers Disclose Sensitive Data
A critical information disclosure vulnerability in Windows Defender Firewall Service, which could allow authorized attackers to access sensitive heap memory on affected systems. The vulnerability, tracked as CVE-2025-62468, was assigned an Important severity rating and released on December 9, 2025.…