Ukrainian Artem Stryzhak (35) pleaded guilty in the U.S. for Nefilim ransomware attacks; he was arrested in Spain in 2024, extradited in April 2025. A 35-year-old Ukrainian, Artem Aleksandrovych Stryzhak (35), pleaded guilty in the U.S. for Nefilim ransomware attacks.…
Quantum Readiness Begins Now
A concise guide for security leaders on deploying quantum-safe encryption today, covering performance, crypto-agility, NIST standards, and flexible PQC and QKD options This article has been indexed from Industry Trends & Insights Read the original article: Quantum Readiness Begins…
SideWinder APT Hackers Attacking Indian Entities by Masquerading as the Income Tax Department of India
The campaign is run by the SideWinder advanced persistent threat group and aims to plant a silent Windows backdoor on victim machines. Once active, the malware can steal files, capture data and give remote control to the attacker. Each attack…
Nissan Confirms Data Breach Following Unauthorized Access to Red Hat Servers
Nissan Motor Corporation has publicly confirmed a significant data breach stemming from unauthorized access to Red Hat servers. Managed by a third-party contractor responsible for developing a customer management system. The incident exposed personal information for approximately 21,000 Nissan Fukuoka…
Microsoft Brokering File System Vulnerability Let Attackers Escalate Privileges
Microsoft has patched a significant use-after-free vulnerability in its Brokering File System (BFS) driver, tracked as CVE-2025-29970. The flaw enables local attackers to escalate privileges on Windows systems running isolated or sandboxed applications, making it a notable concern for enterprise…
PoC Exploit Released for Use-After-Free Vulnerability in Linux Kernel’s POSIX CPU Timers Implementation
A proof-of-concept (PoC) exploit has been publicly released for CVE-2025-38352, a race condition vulnerability affecting the Linux kernel’s POSIX CPU timer implementation. The flaw enables attackers to trigger use-after-free conditions in kernel memory, potentially leading to privilege escalation and system…
Rising Tides: When Cybersecurity Becomes Personal – Inside the Work of an OSINT Investigator
Shannon Miller shares her approach to creating domestic safety and a call to the cyber community to help reduce harm. The post Rising Tides: When Cybersecurity Becomes Personal – Inside the Work of an OSINT Investigator appeared first on SecurityWeek.…
Best of 2025: Inside the Minds of Cybercriminals: A Deep Dive into Black Basta’s Leaked Chats
The leaked internal chat communications of the Black Basta ransomware group offer an unprecedented view into how cybercriminals operate, plan attacks, and evade detection. The Veriti Research team analyzed these chat logs, revealing our favorite exploits, security measures they bypass,…
Hackers Hit French Police Systems
The French Interior Ministry recently acknowledged that hackers successfully infiltrated the CHEOPS portal, a centralized system used to manage classified police records and criminal processing data. This article has been indexed from CyberMaterial Read the original article: Hackers Hit French…
Ombudsman Office Cyber Data Theft
The Office of the Ombudsman has confirmed it is managing a financially motivated ransomware attack that may have resulted in the unauthorized acquisition of data. This article has been indexed from CyberMaterial Read the original article: Ombudsman Office Cyber Data…
North Korea Crypto Theft And Fake IT
North Korea has reached a historic milestone in its cyber warfare efforts, with hackers linked to the regime stealing a record 2.02 billion dollars in cryptocurrency during 2025. This surge in value, which includes a massive 1.5 billion dollar breach…
Denmark Blames Russia For Attack
The Danish Defence Intelligence Service recently identified specific Russian-backed groups, Z-Pentest and NoName057(16), as the entities responsible for attacking water utilities and launching distributed denial-of-service strikes. These incidents were strategically timed to disrupt local elections and draw public attention, reflecting…
Cyber Briefing: 2025.12.22
Active VPN exploits, Cisco zero-days, emergency Microsoft fixes, major public sector breaches, global cyber arrests, and state-backed attacks dominated. This article has been indexed from CyberMaterial Read the original article: Cyber Briefing: 2025.12.22
Defect Report in Software Testing: Best Practices for QA and Developers
Defects are an unavoidable part of software development. But when they slip into production and reach your customers, the consequences go beyond poor user experience — they can damage your brand’s credibility. That’s why every defect must be logged and…
ATM Hackers Using ‘Ploutus’ Malware Charged in US
US charged 54 individuals, including leaders and members of the Venezuelan crime syndicate Tren de Aragua. The post ATM Hackers Using ‘Ploutus’ Malware Charged in US appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Phishing Campaign Leverages Trusted Google Cloud Automation Capabilities to Evade Detection
This report describes a phishing campaign in which attackers impersonate legitimate Google generated messages by abusing Google Cloud Application Integration to distribute malicious emails that appear to originate from trusted Google infrastructure. The emails mimic routine enterprise notifications such as…
Price Drop: This Complete Ethical Hacking Bundle is Now $33
Get a comprehensive, potentially lucrative ethical hacking education with 18 courses on today’s top tools and tech. This bundle is just $34.97 for a limited time. The post Price Drop: This Complete Ethical Hacking Bundle is Now $33 appeared first…
Arcane Werewolf Hacker Group Added Loki 2.1 Malware Toolkit to their Arsenal
The threat actor group known as Arcane Werewolf, also tracked as Mythic Likho, has refreshed its attack capabilities by deploying a new version of its custom malware called Loki 2.1. During October and November 2025, researchers observed this group launching…
Docker Open Sources Production-Ready Hardened Images for Free
Docker has announced a significant shift in its container security strategy, making its Docker Hardened Images (DHI) freely available to all developers. Previously a commercial-only offering, DHI provides a set of secure, minimal, and production-ready container images. By releasing these under an Apache…
Sleeping Bouncer Vulnerability Impacts Motherboards from Gigabyte, MSI, ASRock and ASUS
A significant security vulnerability has emerged affecting motherboards from Gigabyte, MSI, ASRock, and ASUS. Riot Games analysts and researchers identified a critical flaw during their ongoing investigation into gaming system security. The vulnerability, termed “Sleeping Bouncer,” exploits a weakness in…
Best of 2025: Scattered Spider Targets Aflac, Other Insurance Companies
Fresh off a series of recent attacks targeting major retail companies in the United States and the UK, the notorious Scattered Spider cybercrime group is now targeting insurance companies, and earlier this month apparently bagged a high-profile victim in Aflac.…
Monitoring Tool Nezha Abused For Stealthy Post-Exploitation Access
Open-source server monitoring tool, Nezha, is being exploited by attackers for remote system control This article has been indexed from www.infosecurity-magazine.com Read the original article: Monitoring Tool Nezha Abused For Stealthy Post-Exploitation Access
IT Security News Hourly Summary 2025-12-22 15h : 11 posts
11 posts were published in the last hour 14:2 : Pornhub tells users to expect sextortion emails after data exposure 14:2 : 54 Charged in US Over ATM Attacks Involving ‘Ploutus’ Malware 14:2 : Zero Trust AI Security: The Comprehensive…
Pornhub tells users to expect sextortion emails after data exposure
Users affected by the data breach may be contacted directly by cybercriminals, Pornhub warns. This article has been indexed from Malwarebytes Read the original article: Pornhub tells users to expect sextortion emails after data exposure