The very best reporting and investigative journalism from our friends at other publications. This article has been indexed from Security News | TechCrunch Read the original article: These are the cybersecurity stories we were jealous of in 2025
PayPal Subscriptions Exploited in Sophisticated Email Scam
Hackers have found a clever way to misuse PayPal’s legitimate email system to send authentic looking phishing scams that are able to bypass security filters and look genuine to the end users. Over the last few weeks, users are complaining…
Malicious Npm Package Steals Whatsapp
A fraudulent package discovered in the Node Package Manager registry has been posing as a legitimate utility for interacting with the WhatsApp Web API. This article has been indexed from CyberMaterial Read the original article: Malicious Npm Package Steals Whatsapp
Romanian Water Agency Ransomware Hit
Over the weekend, Romanian cybersecurity authorities identified a significant security breach affecting the majority of the national water authority’s digital infrastructure. This article has been indexed from CyberMaterial Read the original article: Romanian Water Agency Ransomware Hit
Court Clears Former Vastaamo CEO
The legal proceedings followed one of the most significant cybercrimes in Finnish history, where private therapy records were accessed and leaked. Initially, a lower court had found Tapio guilty of violating data protection regulations, specifically citing a lack of proper…
Man Charged In Fraudulent Id Market
Zahid Hasan of Dhaka, Bangladesh, faces a nine-count federal indictment in the District of Montana involving the transfer of false identification, passport misuse, and social security fraud. If convicted on the primary counts, Hasan faces a maximum of 15 years…
Interpol Action Breaks Ransomware
The international law enforcement effort focused heavily on African nations to combat the rapid growth of sophisticated cyberattacks targeting the energy and financial sectors. In Senegal, authorities successfully froze accounts to stop a 7.9 million dollar wire transfer intended for…
TrustWallet Chrome Extension Hacked – Users Reporting Millions in Losses
Many Trust Wallet users saw their wallets drained of over $7 million after a security breach in the Chrome browser extension version 2.68.0, released on December 24, 2025. Blockchain investigator ZachXBT first flagged the incident on X, noting a surge…
IoT Hack
Someone hacked an Italian ferry. It looks like the malware was installed by someone on the ferry, and not remotely. This article has been indexed from Schneier on Security Read the original article: IoT Hack
IT Security News Hourly Summary 2025-12-26 12h : 1 posts
1 posts were published in the last hour 11:2 : Spotify cracks down on unlawful scraping of 86 million songs
Spotify cracks down on unlawful scraping of 86 million songs
Spotify shut down accounts after Anna’s Archive scraped and published data on 86 million songs, confirming action against unlawful scraping. Spotify disabled user accounts after an open-source group published files containing 86 million songs scraped from the platform. The group,…
Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection
A critical security flaw has been disclosed in LangChain Core that could be exploited by an attacker to steal sensitive secrets and even influence large language model (LLM) responses through prompt injection. LangChain Core (i.e., langchain-core) is a core Python…
Top Data Breaches in 2025 [Month-wise]
A data breach. Headlines scream, investors and customers panic, fingers get pointed, and goodwill gets affected. Do you know how much a data breach can affect a company? Data breaches… The post Top Data Breaches in 2025 [Month-wise] appeared first…
Fortinet VPN exploit, Google gmail change, Aflac breach update
Active exploitation of Fortinet VPN bypass utility observed Google possibly allowing users to change default gmail address June Aflac attack resulted in data theft Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers…
Were the records of 200 million Pornhub users stolen by hackers?
Yes, records belonging to approximately 200 million Pornhub premium users have been stolen by hackers. Even though authorities revealed the cyber incident earlier this month,… The post Were the records of 200 million Pornhub users stolen by hackers? appeared first…
Post-Quantum Cryptographic Algorithm Integration with Model Context Protocol.
Learn how to integrate post-quantum cryptographic algorithms with Model Context Protocol (MCP) for robust AI infrastructure security against quantum computing threats. The post Post-Quantum Cryptographic Algorithm Integration with Model Context Protocol. appeared first on Security Boulevard. This article has been…
Privacy-Preserving Biometric Verification with Handwritten Inputs
Explore privacy-preserving biometric verification techniques using handwritten inputs. Learn about securing sensitive data with homomorphic encryption and zero-knowledge proofs for authentication. The post Privacy-Preserving Biometric Verification with Handwritten Inputs appeared first on Security Boulevard. This article has been indexed from…
LLMs can assist with vulnerability scoring, but context still matters
Every new vulnerability disclosure adds another decision point for already stretched security teams. A recent study explores whether LLMs can take on part of that burden by scoring vulnerabilities at scale. While the results show promise in specific areas, consistent…
Critical LangChain Vulnerability Allows Attackers to Steal Sensitive Secrets
A critical security vulnerability in LangChain, one of the world’s most widely deployed AI frameworks, enables attackers to extract environment variable secrets and, through a serialization injection flaw, potentially achieve code execution. The vulnerability, identified as CVE-2025-68664, affects the core…
Parrot 7.0 Released with New Penetration Testing and AI Tools
Parrot OS 7.0, codenamed Echo, launches as a complete system rewrite based on Debian 13, bringing KDE Plasma 6, Wayland by default, and fresh penetration testing tools, including a dedicated AI category. This release emphasizes lightweight theming and community-driven spins,…
From AI to cyber risk, why IT leaders are anxious heading into 2026
Cybersecurity threats are shaping IT planning for 2026, with AI maturity and regulation emerging as another major source of disruption, according to a global survey from Veeam. Veeam surveyed 250 senior IT and business decision-makers worldwide to understand how they…
The next big IT security battle is all about privileged access
Leostream predicts changes in Identity and Access Management (IAM) and Privileged Access Management (PAM) in 2026 driven by new realities of cybersecurity, hybridization, AI, and more. Passwordless moves from pilot to production In 2026, passwordless authentication will shift from isolated…
The Ransomware Ecosystem: An Encore Holiday Episode
Jim takes a break for some R&R during the holidays and shares his favorite podcast episodes from the year. He acknowledges that some listeners might have heard these episodes already, while others may find them new. The podcast’s production is…
IT Security News Hourly Summary 2025-12-26 06h : 1 posts
1 posts were published in the last hour 5:2 : Utair – 401,400 breached accounts