Category: SecurityNews
-
Interpol-led action decrypts 6 ransomware strains, arrests hundreds
An Interpol-coordinated initiative called Operation Sentinel led to the arrest of 574 individuals and the recovery of $3 million linked to business email compromise, extortion, and ransomware incidents. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/interpol-led-action-decrypts-6-ransomware-strains-arrests-hundreds/
-
CISA flags ASUS Live Update CVE, but the attack is years old
An ASUS Live Update vulnerability tracked as CVE-2025-59374 has been making the rounds in infosec feeds, with some headlines implying recent or ongoing exploitation. A closer look, however, shows the CVE documents a historic supply-chain attack in an End-of-Life (EoL) software product, not a new attack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-flags-asus-live-update-cve-but-the-attack-is-years-old/
-
Cyber spies use fake New Year concert invites to target Russian military
The campaign surfaced earlier in October after researchers at the New York-based cybersecurity firm Intezer identified a malicious XLL file uploaded to VirusTotal, first from Ukraine and later from Russia. First seen on therecord.media Jump to article: therecord.media/cyber-spies-fake-new-year-concert-russian-phishing
-
South Korea to require facial recognition for new mobile numbers
South Korea will begin requiring facial recognition when signing up for a new mobile phone number in a bid to fight scams, the Ministry of Science and ICT announced. First seen on therecord.media Jump to article: therecord.media/south-korea-facial-recognition-phones
-
Hacktivists scrape 86M Spotify tracks, claim their aim is to preserve culture
Tags: unclassifiedAnna’s Archive’s idealism doesn’t quite survive its own blog post First seen on theregister.com Jump to article: www.theregister.com/2025/12/22/hacktivists_scrape_songs_spotify/
-
Ukrainian National Pleads Guilty in Nefilim Ransomware Conspiracy
Ukrainian man pleads guilty in United States to deploying Nefilim ransomware in global extortion scheme targeting companies across multiple countries. First seen on hackread.com Jump to article: hackread.com/ukrainian-national-pleads-guilty-nefilim-ransomware/
-
Urban VPN Proxy Spies on AI Chatbot Conversations
Browser Tools Capture Chatbot Data, Sell to Data Broker: Koi Security. A browser extension promising a free clientless VPN for Chrome users has been harvesting conversations from artificial intelligence chatbot platforms and selling the data to third-party brokers. The data collection operates independently of the VPN functionality itself. First seen on govinfosecurity.com Jump to article:…
-
Insiders Become Prime Targets for Cybercriminals
Cybercriminals are increasingly recruiting insiders to bypass security controls across banks, telecoms, and technology firms. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/insiders-become-prime-targets-for-cybercriminals/
-
Uzbek Users Under Attack by Android SMS Stealers
Telegram users in Uzbekistan are being targeted with Android SMS stealer malware, and what’s worse, the attackers are improving their methods. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/uzbek-users-android-sms-stealers
-
Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens
Cybersecurity researchers have disclosed details of a new malicious package on the npm repository that works as a fully functional WhatsApp API, but also contains the ability to intercept every message and link the attacker’s device to a victim’s WhatsApp account.The package, named “lotusbail,” has been downloaded over 56,000 times since it was first uploaded…
-
86% Surge in Fake Delivery Websites Hits Shoppers During Holiday Rush
NordVPN has warned that malicious postal service websites have surged by 86% over the past month, targeting holiday delivery tracking First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/surge-fake-delivery-holidays/
-
AI security is fundamentally a cloud infrastructure problem, Palo Alto Networks says
Companies should prioritize identity security and integrate cloud monitoring into the SOC, according to the security firm. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ai-security-cloud-infrastructure-palo-alto-networks/808510/
-
CISA warns of continued threat activity linked to Brickstorm malware
Officials provided additional evidence showing its ability to maintain persistence and evade defenses. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-warns-of-continued-threat-activity-linked-to-brickstorm-malware/808499/
-
Scammers use AI to make fake art seem real
Human-in-the-loop isn’t enough: New attack turns AI safeguards into exploitsAI startups leak sensitive credentials on GitHub, exposing models and training dataAI hallucinations lead to a new cyber threat: Slopsquatting First seen on csoonline.com Jump to article: www.csoonline.com/article/4110618/scammers-use-ai-to-make-fake-art-seem-real.html
-
Pirate activists have copied Spotify’s entire music library
Don’t give hacktivists what they really wantHacktivism’s reemergence explained: Data drops and defacements for social justiceLondon internet attack highlights confusing hacktivism movement First seen on csoonline.com Jump to article: www.csoonline.com/article/4110569/pirate-activists-have-copied-spotifys-entire-music-library.html
-
Judge rules that NSO cannot continue to install spyware via WhatsApp pending appeal
NSO Group had sought to stay the order pending a decision on its appeal in the case, which centers on allegations that it targeted 1,400 WhatsApp users with its powerful zero-click Pegasus spyware in 2019. First seen on therecord.media Jump to article: therecord.media/judge-rules-nso-cannot-continue-whatsapp-spyware
-
Conman and wannabe MI6 agent must repay £125k to romance scam victim
Tags: scamJudge says former most-wanted fugitive Mark Acklom will likely never return to the UK First seen on theregister.com Jump to article: www.theregister.com/2025/12/22/career_conman_and_wannabe_mi6/
-
Frogblight Malware Targets Android Users With Fake Court and Aid Apps
Kaspersky warns of ‘Frogblight,’ a new Android malware draining bank accounts in Turkiye. Learn how this ‘court case’ scam steals your data and how to stay safe. First seen on hackread.com Jump to article: hackread.com/frogblight-malware-android-fake-court-aid-apps/
-
AI Safety Prompts Abused to Trigger Remote Code Execution
Researchers demonstrated how AI safety approval prompts can be manipulated to trigger remote code execution. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/artificial-intelligence/ai-safety-prompts-abused-to-trigger-remote-code-execution/
-
Nefilim ransomware hacker pleads guilty to computer fraud
A Ukrainian national pleaded guilty in U.S. federal court to one charge stemming from attacks using Nefilim ransomware on companies in the U.S., Canada and Australia. First seen on therecord.media Jump to article: therecord.media/nefilim-ransomware-hacker-fraud
-
Stealka Stealer: Fake-Roblox-Mods und Cheats plündern Krypto-Wallets
Stealka Stealer ist eine neue Windows-Malware, die sich als Roblox-Mod oder Cheat tarnt und Browserdaten sowie Krypto-Wallets plündert. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/malware/stealka-stealer-fake-roblox-mods-und-cheats-pluendern-krypto-wallets-324529.html
-
Ukrainian hacker pleads guilty to Nefilim Ransomware attacks in U.S.
Ukrainian Artem Stryzhak (35) pleaded guilty in the U.S. for Nefilim ransomware attacks; he was arrested in Spain in 2024, extradited in April 2025. A 35-year-old Ukrainian, Artem Aleksandrovych Stryzhak (35), pleaded guilty in the U.S. for Nefilim ransomware attacks. The Ukrainian citizen was arrested in Spain in 2024 and extradited to the US in…
-
WatchGuard Fixes Firewall Zero-Day Being Actively Exploited
Scans Count 117,000 Unpatched Firewalls Running Vulnerable Version of Fireware OS. Attackers are actively attempting to exploit a now patched, zero-day vulnerability in WatchGuard Firebox firewalls, tracked as CVE-2025-14733, that can be used to remotely execute code. Scans show that over 115,000 of these edge devices remain internet-connected, unpatched and at risk. First seen on…
-
125,000 WatchGuard Firewalls Vulnerable to Remote Attacks
A critical zero-day flaw is being actively exploited to remotely compromise more than 125,000 WatchGuard Firebox firewalls. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/125000-watchguard-firewalls-vulnerable-to-remote-attacks/
-
Malicious npm package steals WhatsApp accounts and messages
A malicious package in the Node Package Manager (NPM) registry poses as a legitimate WhatsApp Web API library to steal WhatsApp messages, collect contacts, and gain access to the account. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/malicious-npm-package-steals-whatsapp-accounts-and-messages/
-
Romanian water authority hit by ransomware attack over weekend
Romanian Waters (AdministraÈ›ia NaÈ›ională Apele Române), the country’s water management authority, was hit by a ransomware attack over the weekend. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/romanian-water-authority-hit-by-ransomware-attack-over-weekend/
-
Gesetzentwurf zu Vorratsdatenspeicherung: Neuer Anlauf für den digitalen Zombie
Die Regierung startet einen neuen Anlauf zur anlasslosen Speicherung von Verbindungsdaten. Die IT-Wirtschaft kritisiert die Pläne als unverhältnismäßig. First seen on golem.de Jump to article: www.golem.de/news/gesetzentwurf-veroeffentlicht-regierung-treibt-vorratsdatenspeicherung-voran-2512-203533.html
-
Best of 2025: Inside the Minds of Cybercriminals: A Deep Dive into Black Basta’s Leaked Chats
The leaked internal chat communications of the Black Basta ransomware group offer an unprecedented view into how cybercriminals operate, plan attacks, and evade detection. The Veriti Research team analyzed these chat logs, revealing our favorite exploits, security measures they bypass, and the defenses they fear most. Veriti Research analyzed these chat communications, exposing: Targeted Exploits:..…
-
Sicherheit von Large-Language-Models
Die Sicherheitsforscher von Check Point Software Technologies und der kürzlich akquirierten KI-Sicherheitsfirma Lakera fassen die Lage rund um die Sicherheit von Large-Language-Models zusammen. Über 60 Prozent der Angriffsversuche waren System-Prompt-Leakages, um die Verhaltensregeln des KI-Models zu testen und abzuleiten, wo sich Schwachstellen befinden. Die wichtigsten Ergebnisse daraus: 60 Prozent aller Angriffsversuche wollten ‘System Prompt Leakage”…