A survey of 1,942 IT and IT security practitioners finds nearly half (47%) work for organizations that have experienced a data breach or cyberattack in the past 12 months that involved a third-party that has access to their network. The…
China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware
A China-linked advanced persistent threat (APT) group has been attributed to a highly-targeted cyber espionage campaign in which the adversary poisoned Domain Name System (DNS) requests to deliver its signature MgBot backdoor in attacks targeting victims in Türkiye, China, and…
Cyber Briefing: 2025.12.26
MacSync bypasses macOS security as browser and supply-chain malware spread, ransomware hits utilities, breaches surface, and courts and Interpol act. This article has been indexed from CyberMaterial Read the original article: Cyber Briefing: 2025.12.26
Popular NPM Package lotusbail Exposed as Trojan Stealing WhatsApp Chats
Koi Security uncovers lotusbail, a malicious npm package with 56K downloads that steals WhatsApp messages and installs a persistent backdoor. Learn how to protect your data. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and…
Aflac confirms June data breach affecting over 22 million customers
A June data breach exposed the personal information of more than 22 million Aflac customers, the company confirmed. A data breach in June exposed the information of more than 22 million Aflac customers, according to a new statement from the…
The Architect’s Guide to Logging
Every developer and architect thinks they understand logging until they’re staring at a production issue at 3:00 a.m. Realizing that their logs lack context, have no defined structure, and they’re sifting through a wall of text, desperately looking for that…
WordPress Vulnerability Scanner Reveals How Exposed Your Website Really Is
WordPress powers about 43% of all websites worldwide. This makes it an indispensable platform for organizations of all sizes. Unfortunately, that popularity also makes WordPress a prime target for attackers. Hundreds of thousands of WordPress sites get hacked each year,…
Best of 2025: Oracle Hack: From ‘Deny-Deny-Deny’ to ‘Oops-Oops-Oops’
Classic “wordplay:” Larry’s PR angels desperately dance on the head of a pin. The post Best of 2025: Oracle Hack: From ‘Deny-Deny-Deny’ to ‘Oops-Oops-Oops’ appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read the original…
IT Security News Hourly Summary 2025-12-26 15h : 7 posts
7 posts were published in the last hour 14:2 : These are the cybersecurity stories we were jealous of in 2025 14:2 : PayPal Subscriptions Exploited in Sophisticated Email Scam 13:32 : Malicious Npm Package Steals Whatsapp 13:32 : Romanian…
These are the cybersecurity stories we were jealous of in 2025
The very best reporting and investigative journalism from our friends at other publications. This article has been indexed from Security News | TechCrunch Read the original article: These are the cybersecurity stories we were jealous of in 2025
PayPal Subscriptions Exploited in Sophisticated Email Scam
Hackers have found a clever way to misuse PayPal’s legitimate email system to send authentic looking phishing scams that are able to bypass security filters and look genuine to the end users. Over the last few weeks, users are complaining…
Malicious Npm Package Steals Whatsapp
A fraudulent package discovered in the Node Package Manager registry has been posing as a legitimate utility for interacting with the WhatsApp Web API. This article has been indexed from CyberMaterial Read the original article: Malicious Npm Package Steals Whatsapp
Romanian Water Agency Ransomware Hit
Over the weekend, Romanian cybersecurity authorities identified a significant security breach affecting the majority of the national water authority’s digital infrastructure. This article has been indexed from CyberMaterial Read the original article: Romanian Water Agency Ransomware Hit
Court Clears Former Vastaamo CEO
The legal proceedings followed one of the most significant cybercrimes in Finnish history, where private therapy records were accessed and leaked. Initially, a lower court had found Tapio guilty of violating data protection regulations, specifically citing a lack of proper…
Man Charged In Fraudulent Id Market
Zahid Hasan of Dhaka, Bangladesh, faces a nine-count federal indictment in the District of Montana involving the transfer of false identification, passport misuse, and social security fraud. If convicted on the primary counts, Hasan faces a maximum of 15 years…
Interpol Action Breaks Ransomware
The international law enforcement effort focused heavily on African nations to combat the rapid growth of sophisticated cyberattacks targeting the energy and financial sectors. In Senegal, authorities successfully froze accounts to stop a 7.9 million dollar wire transfer intended for…
TrustWallet Chrome Extension Hacked – Users Reporting Millions in Losses
Many Trust Wallet users saw their wallets drained of over $7 million after a security breach in the Chrome browser extension version 2.68.0, released on December 24, 2025. Blockchain investigator ZachXBT first flagged the incident on X, noting a surge…
IoT Hack
Someone hacked an Italian ferry. It looks like the malware was installed by someone on the ferry, and not remotely. This article has been indexed from Schneier on Security Read the original article: IoT Hack
IT Security News Hourly Summary 2025-12-26 12h : 1 posts
1 posts were published in the last hour 11:2 : Spotify cracks down on unlawful scraping of 86 million songs
Spotify cracks down on unlawful scraping of 86 million songs
Spotify shut down accounts after Anna’s Archive scraped and published data on 86 million songs, confirming action against unlawful scraping. Spotify disabled user accounts after an open-source group published files containing 86 million songs scraped from the platform. The group,…
Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection
A critical security flaw has been disclosed in LangChain Core that could be exploited by an attacker to steal sensitive secrets and even influence large language model (LLM) responses through prompt injection. LangChain Core (i.e., langchain-core) is a core Python…
Top Data Breaches in 2025 [Month-wise]
A data breach. Headlines scream, investors and customers panic, fingers get pointed, and goodwill gets affected. Do you know how much a data breach can affect a company? Data breaches… The post Top Data Breaches in 2025 [Month-wise] appeared first…
Fortinet VPN exploit, Google gmail change, Aflac breach update
Active exploitation of Fortinet VPN bypass utility observed Google possibly allowing users to change default gmail address June Aflac attack resulted in data theft Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers…
Were the records of 200 million Pornhub users stolen by hackers?
Yes, records belonging to approximately 200 million Pornhub premium users have been stolen by hackers. Even though authorities revealed the cyber incident earlier this month,… The post Were the records of 200 million Pornhub users stolen by hackers? appeared first…