NDSS 2025 – Automated Data Protection For Embedded Systems Via Data Flow Based Compartmentalization Session 7B: Trusted Hardware and Execution Authors, Creators & Presenters: Zelun Kong (University of Texas at Dallas), Minkyung Park (University of Texas at Dallas), Le Guan…
IT Security News Hourly Summary 2025-12-28 21h : 1 posts
1 posts were published in the last hour 20:2 : Condé Nast faces major data breach: 2.3M WIRED records leaked, 40M more at risk
Condé Nast faces major data breach: 2.3M WIRED records leaked, 40M more at risk
Hacker claims Condé Nast breach, leaking 2.3M WIRED subscriber records and threatening to expose up to 40M more from other brands. A hacker known as “Lovely” claims to have leaked personal data of over 2.3 million Wired.com users. The data…
Amazon Says It Has Disrupted GRU-Linked Cyber Operations Targeting Cloud Customers
Amazon has announced that its threat intelligence division has intervened in ongoing cyber operations attributed to hackers associated with Russia’s foreign military intelligence service, the GRU. The activity targeted organizations using Amazon’s cloud infrastructure, with attackers attempting to gain…
IT Security News Hourly Summary 2025-12-28 18h : 1 posts
1 posts were published in the last hour 16:31 : MongoBleed (CVE-2025-14847) Now Exploited in the Wild: MongoDB Servers at Critical Risk
MongoBleed (CVE-2025-14847) Now Exploited in the Wild: MongoDB Servers at Critical Risk
A high-severity unauthenticated information-leak vulnerability in MongoDB Server, dubbed MongoBleed after the infamous Heartbleed bug, is now being actively exploited in real-world attacks. MongoDB has disclosed CVE-2025-14847, a critical flaw affecting multiple supported and legacy server versions that allows unauthenticated…
Hypervisor Ransomware Attacks Surge as Threat Actors Shift Focus to Virtual Infrastructure
Hypervisors have emerged as a highly important, yet insecure, component in modern infrastructural networks, and attackers have understood this to expand the reach of their ransomware attacks. It has been observed by the security community that the modes of…
Death, torture, and amputation: How cybercrime shook the world in 2025
The human harms of cyberattacks piled up this year, and violence expected to increase The knock-on, and often unintentional, impacts of a cyberattack are so rarely discussed. As an industry, the focus is almost always placed on the economic damage:…
The Top 26 Security Predictions for 2026 (Part 2)
Welcome to the second installment of this comprehensive annual look at global cybersecurity industry prediction reports from the top security vendors, publications and thought leaders. The post The Top 26 Security Predictions for 2026 (Part 2) appeared first on Security…
IT Security News Hourly Summary 2025-12-28 15h : 3 posts
3 posts were published in the last hour 14:2 : UK Report Finds Rising Reliance on AI for Emotional Wellbeing 14:2 : Microsoft Users Warned as Hackers Use Typosquatting to Steal Login Credentials 14:2 : Cellik Android Spyware Exploits Play…
UK Report Finds Rising Reliance on AI for Emotional Wellbeing
Artificial intelligence (AI) is being used to make more accurate predictions about the future and its effects on these predictions are being documented in new research from the United Kingdom’s AI Security Institute. These findings reveal an extraordinary evolution…
Microsoft Users Warned as Hackers Use Typosquatting to Steal Login Credentials
Microsoft account holders are being urged to stay vigilant as cybercriminals increasingly target them through a deceptive tactic known as typosquatting. Attackers are registering look-alike websites and email addresses that closely resemble legitimate Microsoft domains, with the goal of…
Cellik Android Spyware Exploits Play Store Trust to Steal Data
Recently found in the Android platform, remote access trojan named Cellik has been recognized as a serious mobile threat, using the Google Play integration feature to mask itself within legitimate applications to evade detection by security solutions. Cellik is…
Stolen LastPass backups enable crypto theft through 2025
Stolen vault backups from the 2022 LastPass breach are still being cracked, allowing attackers to steal crypto as late as 2025. The blockchain intelligence firm TRM Labs warns that encrypted vault backups stolen in the 2022 LastPass breach are still…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 77
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Choose Your Fighter: A New Stage in the Evolution of Android SMS Stealers in Uzbekistan From Linear to Complex:…
IT Security News Hourly Summary 2025-12-28 12h : 1 posts
1 posts were published in the last hour 11:2 : When Risk Is Fragmented, Strategy Suffers
When Risk Is Fragmented, Strategy Suffers
Risk fragmentation remains one of the most overlooked barriers to effective business performance. It doesn’t show up all… This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and More Read the original article: When Risk Is…
Security Affairs newsletter Round 556 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. LangChain…
Ubisoft Rainbow Six Siege Servers Breach linked to MongoBleed Vulnerability
The chaos surrounding Ubisoft escalated significantly today as the first group of hackers, previously known for silent exploits, initiated a highly visible and disruptive takeover of Rainbow Six Siege servers. Players worldwide are reporting a massive influx of in-game currency,…
Week in review: WatchGuard Firebox firewalls attacked, infosec enthusiasts targeted with fake PoCs
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Building cyber talent through competition, residency, and real-world immersion In this Help Net Security interview, Chrisma Jackson, Director of Cybersecurity & Mission Computing Center and…
A Hacker Tells His Story
This is an interview with former hacker Brian Black. Brian is now on the right side of the battle and bringing his skills to to the fight against hackers. He finds the weaknesses in corporate security so that it can…
IT Security News Hourly Summary 2025-12-28 06h : 1 posts
1 posts were published in the last hour 4:31 : 87,000+ MongoDB Instances Vulnerable to MongoBleed Flaw Exposed Online – PoC Exploit Released
87,000+ MongoDB Instances Vulnerable to MongoBleed Flaw Exposed Online – PoC Exploit Released
A high-severity vulnerability in MongoDB Server that allows unauthenticated remote attackers to siphon sensitive data from database memory. Dubbed “MongoBleed” due to its automated similarities to the infamous Heartbleed bug, the flaw tracks as CVE-2025-14847 and carries a CVSS score…
WIRED – 2,364,431 breached accounts
In December 2025, 2.3M records of WIRED magazine users allegedly obtained from parent company Condé Nast were published online. The most recent data dated back to the previous September and exposed email addresses and display names, as well as, for…