A critical security alert regarding a severe vulnerability in the IBM API Connect platform that could allow remote attackers to bypass authentication mechanisms. Discovered during internal testing, the flaw poses a significant risk to organizations relying on the platform for…
Category: EN
Best of 2025: NOT-So-Great Firewall: China Blocks the Web for 74 Min.
HTTPS connections on port 443 received forged replies. Chinese web users couldn’t access websites outside the People’s Republic yesterday. The outage lasted an hour and a quarter—with no explanation. Nobody’s sure whether it was a mistake or an ominous test of…
FCC Rules Out Foreign Drone Components to Protect National Networks
A decisive step in federal oversight on unmanned aerial technology has been taken by the United States Federal Communications Commission, in a move that is aimed at escalating federal control over unmanned aerial technology. Specifically, the FCC has prohibited…
Airbus Signals Shift Toward European Sovereign Cloud to Reduce Reliance on US Tech Giants
Airbus, the aerospace manufacturer in Europe is getting ready to depend less on big American technology companies like Google and Microsoft. The company wants to rethink how and where it does its important digital work. Airbus is going to…
Researchers Spot Modified Shai-Hulud Worm Testing Payload on npm Registry
Cybersecurity researchers have disclosed details of what appears to be a new strain of Shai Hulud on the npm registry with slight modifications from the previous wave observed last month. The npm package that embeds the novel Shai Hulud strain…
IBM Warns of Critical API Connect Bug Allowing Remote Authentication Bypass
IBM has disclosed details of a critical security flaw in API Connect that could allow attackers to gain remote access to the application. The vulnerability, tracked as CVE-2025-13915, is rated 9.8 out of a maximum of 10.0 on the CVSS…
2 US Cybersecurity Experts Guilty of Extortion Scheme for ALPHV Ransomware
Can you trust your cybersecurity team? A recent federal case reveals how two US-based cybersecurity experts turned into affiliates for the BlackCat ransomware group, extorting over $1.2M in Bitcoin. Read the full story on their 2023 crime spree. This article…
APT36 Malware Campaign Targeting Windows LNK Files to Attack Indian Government Entities
APT36, also known as Transparent Tribe, has launched a new malware campaign that targets Indian government and strategic entities by abusing Windows LNK shortcut files. The attack starts with spear‑phishing emails that carry a ZIP archive named “Online JLPT Exam…
Why Visibility Alone Fails and Context Wins in 2026
For more than a decade, cybersecurity teams have chased visibility through logs, dashboards, alerts, and tools that promised a single pane of glass. And yet, here’s the uncomfortable truth. Security… The post Why Visibility Alone Fails and Context Wins in…
Top Data Breaches of December 2025
December 2025 closed the year with several high-impact data breaches across retail, education, healthcare research, and telecom. These incidents were not driven by a single cause. Some stemmed from misconfigured… The post Top Data Breaches of December 2025 appeared first…
LinkedIn Job Scams
Interesting article on the variety of LinkedIn job scams around the world: In India, tech jobs are used as bait because the industry employs millions of people and offers high-paying roles. In Kenya, the recruitment industry is largely unorganized, so…
30,000 Korean Air Employee Records Stolen as Cl0p Leaks Data Online
Korean Air confirms a major data leak affecting 30,000 staff members after the Cl0p gang targeted a catering partner. Learn what data was stolen and the airline’s response to secure its data. This article has been indexed from Hackread –…
Shai-Hulud Supply Chain Attack Led to $8.5 Million Trust Wallet Heist
The worm exposed Trust Wallet’s Developer GitHub secrets, allowing attackers to publish a backdoor extension and steal funds from 2,520 wallets. The post Shai-Hulud Supply Chain Attack Led to $8.5 Million Trust Wallet Heist appeared first on SecurityWeek. This article…
NeuroSploitv2 – AI-Powered Pentesting Tool With Claude, GPT, and Gemini models to Detect vulnerabilities
NeuroSploitv2 is an AI-powered penetration testing framework that automates critical aspects of offensive security operations through advanced language models. The framework, available on GitHub, integrates with multiple LLM providers, including Claude, GPT, Gemini, and Ollama, to enable specialized vulnerability analysis…
In 2025, age checks started locking people out of the internet
Lawmakers enforced age checks, websites blocked entire countries, and users turned to VPNs to get around them. This article has been indexed from Malwarebytes Read the original article: In 2025, age checks started locking people out of the internet
Fears Mount That US Federal Cybersecurity Is Stagnating—or Worse
Government staffing cuts and instability, including this year’s prolonged shutdown, could be hindering US digital defense and creating vulnerabilities. This article has been indexed from Security Latest Read the original article: Fears Mount That US Federal Cybersecurity Is Stagnating—or Worse
How AI Helps Recover Both Technical Dept & Innovation Debt?
When developers spend large portions of their time on maintenance, the opportunity for new value quietly disappears. Features slow down. Innovation stalls. Teams feel busy…Read More The post How AI Helps Recover Both Technical Dept & Innovation Debt? appeared first…
Discovering the Dimensions of a New Cold War
The United States’ plan for dealing with Putin’s Russia and Xi’s China remains ill-defined among a shifting global order. That must change. This article has been indexed from Security Latest Read the original article: Discovering the Dimensions of a New…
Threat Actors Advertising AI-Enhanced Metamorphic Crypter with Claims of Windows Defender Bypass
Dark web forums have become a marketplace for sophisticated malware tools, with threat actors continuously refining their capabilities to stay ahead of security solutions. The latest concerning development involves an emerging AI-powered crypter service that promises unprecedented evasion abilities, putting…
European Space Agency Confirms Breach After Hacker Offers to Sell Data
The European Space Agency is conducting an investigation and says external science servers have been compromised. The post European Space Agency Confirms Breach After Hacker Offers to Sell Data appeared first on SecurityWeek. This article has been indexed from SecurityWeek…