Breach lingered for months before stronger signature checks shut the door A state-sponsored cyber criminal compromised Notepad++’s update service in 2025, according to the project’s author.… This article has been indexed from The Register – Security Read the original article:…
Category: EN
How state-sponsored attackers hijacked Notepad++ updates
Suspected Chinese state-sponsored attackers hijacked the Notepad++ update mechanism by compromising the software project’s shared hosting server and intercepting and redirecting update traffic destined for notepad-plus-plus.org, the software’s maintainer Don Ho confirmed on Monday. The attack timeline In early December…
Securing the Mid-Market Across the Complete Threat Lifecycle
For mid-market organizations, cybersecurity is a constant balancing act. Proactive, preventative security measures are essential to protect an expanding attack surface. Combined with effective protection that blocks threats, they play a critical role in stopping cyberattacks before damage is done.…
⚡ Weekly Recap: Proxy Botnet, Office Zero-Day, MongoDB Ransoms, AI Hijacks & New Threats
Every week brings new discoveries, attacks, and defenses that shape the state of cybersecurity. Some threats are stopped quickly, while others go unseen until they cause real damage. Sometimes a single update, exploit, or mistake changes how we think about…
Open Vsx Supply Chain Attack Spreads Glassworm
Cybersecurity researchers recently identified a supply chain attack on the Open VSX Registry where hackers hijacked a developer’s account to distribute malicious updates. This article has been indexed from CyberMaterial Read the original article: Open Vsx Supply Chain Attack Spreads…
Nationstates Confirms Breach Shuts Site
The browser-based government simulation game NationStates recently experienced a significant data breach after a vulnerability reporter accessed and copied sensitive information from its production server. This article has been indexed from CyberMaterial Read the original article: Nationstates Confirms Breach Shuts…
Crypto Investor Loses Millions To Scam
An Ethereum investor recently lost $12.4 million in a sophisticated address poisoning scam after accidentally sending funds to a fraudulent wallet that mimicked a frequent contact. This article has been indexed from CyberMaterial Read the original article: Crypto Investor Loses…
Cyberattacks Disrupt Polish Energy Sites
CERT Polska reported that a coordinated wave of cyberattacks on December 29, 2025, targeted more than thirty renewable energy sites, a manufacturer, and a major combined heat and power plant. This article has been indexed from CyberMaterial Read the original…
Arrests Trigger Scam Worker Exodus
Recent law enforcement actions against two major network leaders in Cambodia have triggered a massive release of thousands of laborers from illicit scam compounds. This article has been indexed from CyberMaterial Read the original article: Arrests Trigger Scam Worker Exodus
Chrome Ad Blocker Caught Hijacking Amazon Affiliate Links
A Chrome extension posing as an Amazon ad blocker was found secretly hijacking affiliate links to redirect commissions to its developer. The post Chrome Ad Blocker Caught Hijacking Amazon Affiliate Links appeared first on eSecurity Planet. This article has been…
Top 10 Cyber Risk Management and GRC Companies in the UK and Globally
Cyber risk management and Governance, Risk, and Compliance (GRC) have become central to how organisations protect data, meet regulatory obligations, and maintain operational resilience. As cyber threats grow more sophisticated and regulatory scrutiny increases, organisations must demonstrate not only that…
Bitbucket Alternatives in 2026
Developers from around the world have known Bitbucket for years as one of the best Git repositories, especially for those working within the Atlassian ecosystem. It was released in 2008, but in 2026, it remains a crucial tool for many…
Span Cyber Security Arena 2026: Only 10 days left to secure early bird tickets
With preparations well underway, Span Cyber Security Arena 2026 is set to return for its third edition, bringing together domestic and international experts in cyber security. As in previous years, the conference is designed for everyone involved in that area…
Fancy Bear Exploits Microsoft Office Flaw in Ukraine, EU Cyber-Attacks
Russia-linked hacking group Fancy Bear is exploiting a brand-new vulnerability in Microsoft Office, CERT-UA says This article has been indexed from www.infosecurity-magazine.com Read the original article: Fancy Bear Exploits Microsoft Office Flaw in Ukraine, EU Cyber-Attacks
Microsoft Moves Closer to Disabling NTLM
The next major Windows Server and Windows releases will have the deprecated authentication protocol disabled by default. The post Microsoft Moves Closer to Disabling NTLM appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
Over 1,400 MongoDB Databases Ransacked by Threat Actor
Of 3,100 unprotected MongoDB instances, half remain compromised, most of them by a single threat actor. The post Over 1,400 MongoDB Databases Ransacked by Threat Actor appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Cyber Insights 2026: Malware and Cyberattacks in the Age of AI
Security leaders share how artificial intelligence is changing malware, ransomware, and identity-led intrusions, and how defenses must evolve. The post Cyber Insights 2026: Malware and Cyberattacks in the Age of AI appeared first on SecurityWeek. This article has been indexed…
ICE and Qatari Security Forces at the Winter Olympics Put Italians on Edge
The influx of security personnel from around the world is sparking concern among Italians ahead of the Milano Cortina Olympic Games. This article has been indexed from Security Latest Read the original article: ICE and Qatari Security Forces at the…
Nation-state hack exploited hosting infrastructure to hijack Notepad++ updates
Notepad++ maintainer says nation-state attackers hijacked the app’s update system by redirecting traffic at the hosting provider level. The Notepad++ maintainer revealed that nation-state hackers compromised the hosting provider’s infrastructure, redirecting update traffic to malicious servers. The attack did not…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 82
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter KONNI Adopts AI to Generate PowerShell Backdoors Who Operates the Badbox 2.0 Botnet? Weaponized in China, Deployed in India:…