Author: Andy Stern
-
Major drug research company confirms cyberattack compromised employee and partner data
Indiana-based Inotiv said it was still evaluating the hack’s impact on its business. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/inotiv-confirm-cyberattack-data-theft/807277/
-
Marquis Software Breach Affects Over 780,000 Nationwide
A data breach at Marquis Software Solutions due to a firewall flaw has affected over 780,000 people across the US First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/marquis-software-breach/
-
Privacy concerns raised as Grok AI found to be a stalker’s best friend
Grok, the AI chatbot developed by Elon Musk’s xAI, has been found to exhibit more alarming behaviour – this time revealing the home addresses of ordinary people upon request. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/privacy-concerns-raised-as-grok-ai-found-to-be-a-stalkers-best-friend
-
Kritische Lücke in OpenAI Codex CLI: Unsichtbarer Lieferketten-Angriff gefährdete Entwickler weltweit
Die Security-Forscher von Check Point Research (CPR), der Analyseabteilung von Check Point Software Technologies Ltd. (NASDAQ: CHKP), haben eine schwerwiegende Verwundbarkeit im Command-Line-Tool OpenAI Codex CLI entdeckt. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/kritische-luecke-in-openai-codex-cli-unsichtbarer-lieferketten-angriff-gefaehrdete-entwickler-weltweit/a43095/
-
Thales Luna HSMs erhalten NATO Secret-Klassifizierung
Tags: complianceFür Unternehmen heißt das, dass die heutigen Sicherheits- und Compliance-Anforderungen erfüllt und gleichzeitig die Bereitschaft für die kryptografischen Standards von morgen aufgebaut werden. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/thales-luna-hsms-erhalten-nato-secret-klassifizierung/a43090/
-
Proofpoint CEO On Closing ‘Watershed’ $1.8B Hornetsecurity Deal, IPO Plans
Proofpoint’s acquisition of Microsoft 365 security specialist Hornetsecurity”, a $1.8 billion deal completed Monday”, sets the stage for massive new MSP opportunities with Proofpoint in the U.S. along with a possible IPO for the company in 2026, Proofpoint CEO Sumit Dhawan tells CRN. First seen on crn.com Jump to article: www.crn.com/news/security/2025/proofpoint-ceo-on-closing-watershed-1-8b-hornetsecurity-deal-ipo-plans
-
INE Earns G2 Winter 2026 Badges Across Global Markets
Tags: usaCary, North Carolina, USA, 8th December 2025, CyberNewsWire First seen on hackread.com Jump to article: hackread.com/ine-earns-g2-winter-2026-badges-across-global-markets/
-
The State of Ransomware in Healthcare 2025 von Sophos – Ransomware verliert im Gesundheitswesen an Wirkungskraft
First seen on security-insider.de Jump to article: www.security-insider.de/ransomware-angriffe-gesundheitswesen-sophos-studie-a-b5d7f5906c04cff44e58424d125f9724/
-
Oh Crap, Kohler’s Toilet Cameras Aren’t Really EndEnd Encrypted
Plus: The Trump administration declines to issue sanctions over Salt Typhoon’s hacking spree, officials warn of a disturbingly stealthy Chinese malware specimen, and more. First seen on wired.com Jump to article: www.wired.com/story/security-news-this-week-oh-crap-kohlers-toilet-cameras-arent-really-end-to-end-encrypted/
-
INE Earns G2 Winter 2026 Badges Across Global Markets
Tags: usaCary, North Carolina, USA, 8th December 2025, CyberNewsWire First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/ine-earns-g2-winter-2026-badges-across-global-markets/
-
Three hacking groups, two vulnerabilities and all eyes on China
What does it mean that three separate China-linked groups all moved on the same SharePoint vulnerabilities at nearly the same time? First seen on therecord.media Jump to article: therecord.media/three-hacking-groups-two-vulnerabilities-china-microsoft
-
How Agentic BAS AI Turns Threat Headlines Into Defense Strategies
Picus Security explains why relying on LLM-generated attack scripts is risky and how an agentic approach maps real threat intel to safe, validated TTPs. Their breakdown shows how teams can turn headline threats into reliable defense checks without unsafe automation. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/how-agentic-bas-ai-turns-threat-headlines-into-defense-strategies/
-
US Contributes to 44% of Cyber Attacks; Public Administration Targeted for Financial Gains
Global cybercrime is accelerating toward a projected cost of 15.63 trillion dollars by 2029, up from an estimated 10.5 trillion dollars today, as criminals exploit new technologies faster than businesses can defend against them. Yet 59% of organisations say they suffered at least one successful cyber attack in the past 12 months, and one in…
-
Operation Kitten: Hacktivist Groups Targeting Israel with Cyberattacks
A new platform known as the “kitten” project has emerged as a coordination hub for hacktivist campaigns targeting Israel, operating at the intersection of cyber activism and state-aligned influence. While the operators publicly deny direct ties to Iran, technical evidence and infrastructure traces indicate a close relationship with an Iranian cybersecurity ecosystem and pro-Iranian hacktivist…
-
Kyocera claims 5.2 Gbps underwater laser data blast in lab tests
Tags: dataJapanese outfit aims to improve comms for aquatic drones First seen on theregister.com Jump to article: www.theregister.com/2025/12/08/kyocera_underwater_multigigabit_comms/
-
Phishing-Boom: Onlinebetrug nimmt vor Weihnachten zu
Die Zeit rund um Black Friday und Cyber Monday bringt jedes Jahr steigende Verkaufszahlen im Netz. Mit dem wachsenden Interesse an Angeboten steigt jedoch auch die Gefahr, Opfer eines digitalen Betrugs zu werden. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/phishing-boom-onlinebetrug-weihnachten
-
Exposing the Core Functionalities of QuasarRAT: Encrypted Configuration and Obfuscation Techniques
In the second installment of the >>Advent of Configuration Extraction
-
Download: Evaluating Password Monitoring Vendors
Organizations using Active Directory must update their password policies to block and detect compromised passwords. However, comparing vendors in this area can be challenging. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/08/download-evaluating-password-monitoring-vendors/
-
NVIDIA and Lakera AI Propose Unified Framework for Agent Safety
NVIDIA and Lakera AI have introduced a groundbreaking unified security and safety framework designed to address the emerging challenges posed by autonomous AI agents in enterprise environments. This collaborative effort represents a significant step forward in making agentic systems AI systems capable of independent planning, tool use, and multi-step task execution safer and more secure…
-
Exposing the Core Functionalities of QuasarRAT: Encrypted Configuration and Obfuscation Techniques
In the second installment of the >>Advent of Configuration Extraction
-
Hackers Exploit Multiple Ad Networks to Distribute Triada Malware to Android Users
Adex, the anti-fraud and traffic-quality platform operating under AdTech Holding, has successfully identified and neutralized a sophisticated, multi-year malware operation linked to the infamous Triada Trojan. This campaign, which has persistently targeted the mobile advertising ecosystem, underscores the evolving dangers of supply-chain attacks in the digital ad space. According to industry data released alongside the…
-
Hackers Exploit Delivery Receipts in Messaging Apps to Steal Users’ Private Information
A critical security vulnerability has been discovered affecting billions of WhatsApp and Signal users worldwide. Researchers found that hackers can exploit delivery receipts to secretly monitor user activity, track daily routines, and drain battery life, all without leaving any visible trace.”‹ The attack, called >>Careless Whisper,
-
KI schafft neue Sicherheitsrisiken für OT-Netzwerke
Sicherheitsbehörden sehen in der vermehrten Nutzung von KI eine Gefahr für die Sicherheit von OT-Systemen.Die Sicherheit der Betriebstechnik (Operational Technology OT) in kritischen Infrastrukturen ist seit Jahren ein immer wiederkehrendes Thema. Nach Ansicht von Sicherheitsorganisationen könnte die vermehrte Nutzung von KI in der OT die Lage noch verschlimmern.Die US-Cybersicherheitsbehörde CISA hat deshalb vor kurzem gemeinsam…
-
NVIDIA and Lakera AI Propose Unified Framework for Agent Safety
NVIDIA and Lakera AI have introduced a groundbreaking unified security and safety framework designed to address the emerging challenges posed by autonomous AI agents in enterprise environments. This collaborative effort represents a significant step forward in making agentic systems AI systems capable of independent planning, tool use, and multi-step task execution safer and more secure…
-
Apple, Google, and Samsung May Soon Activate Always-On GPS in India
India’s government is considering a controversial proposal that could require smartphone manufacturers to enable satellite location tracking on all devices permanently. The plan has sparked significant backlash from major tech companies, including Apple, Google, and Samsung, who argue the measure poses serious privacy and security risks. The proposal originates in India’s telecom industry, specifically the…
-
UK moves to strengthen undersea cable defenses as Russian snooping ramps up
Atlantic Bastion combines AI systems with warships to counter increased surveillance First seen on theregister.com Jump to article: www.theregister.com/2025/12/08/uk_subsea_cables_defense/
-
Datacenters are hoarding grid power just in case, says Uptime Institute
Tags: unclassifiedReport warns over-reserved capacity is blocking new connections First seen on theregister.com Jump to article: www.theregister.com/2025/12/08/uptime_institute_datacenter_grid/
-
X shuts down European Commission ad account after Euro120M fine announcement
Tags: unclassifiedBrussels accused of using Ad Composer quirk to post link disguised as a video First seen on theregister.com Jump to article: www.theregister.com/2025/12/08/x_european_commission_ad/
-
AWS: China-linked threat actors weaponized React2Shell hours after disclosure
Multiple China-linked threat actors began exploiting the CVE-2025-55182, aka React2Shell flaw, within hours, AWS Security warns. Multiple China-linked threat actors began exploiting the CVE-2025-55182, also known as the React2Shell flaw, within hours, according to AWS Security. The researchers confirmed that this vulnerability doesn’t affect AWS services, however they opted to share threat intelligence data to…
-
Indien plant Zwang-App auf jedem Smartphone Apple stellt sich quer
Tags: appleFirst seen on t3n.de Jump to article: t3n.de/news/indien-zwang-app-smartphone-1719766/