A new malware campaign has surfaced that uses GitHub repositories to spread the WebRAT malware by disguising it as proof-of-concept exploits and gaming utilities. The malware targets users searching for game cheats, pirated software, and application patches, particularly for popular…
Five identity-driven shifts reshaping enterprise security in 2026
2026 marks the tipping point when artificial intelligence begins to fundamentally reshape cyber risk. After several years of widespread adoption, AI moves beyond influencing how we work and starts transforming the enterprise itself. AI is now embedded at every layer…
Cyberattack Knocks La Poste Offline, Disrupting Postal and Banking Services Across France
La Poste described the situation as “a major network incident” that affected all of its information systems. The post Cyberattack Knocks La Poste Offline, Disrupting Postal and Banking Services Across France appeared first on TechRepublic. This article has been indexed…
ServiceNow to acquire cybersecurity startup Armis, MacSync Stealer adopts quieter installation, Nissan customer data stolen in Red Hat raid
ServiceNow to acquire cybersecurity startup Armis MacSync Stealer adopts quieter installation Nissan customer data stolen in Red Hat raid Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that…
IT Security News Hourly Summary 2025-12-24 09h : 3 posts
3 posts were published in the last hour 8:2 : The End of AI Theatre: What Business-Ready Technology Looks Like in 2026 8:2 : Stockton Hospital Gets Robotic Operating Theatre 7:31 : Italy Fines Apple €98.6 Million Over ATT Rules…
The End of AI Theatre: What Business-Ready Technology Looks Like in 2026
Tech predictions for 2026 reveal a shift from AI hype to accountability, with focus on real value, human skills, governance, cybersecurity and trust. This article has been indexed from Silicon UK Read the original article: The End of AI Theatre:…
Stockton Hospital Gets Robotic Operating Theatre
University Hospital of North Tees completes £6.5 million project, including robotic theatre for less-invasive surgery This article has been indexed from Silicon UK Read the original article: Stockton Hospital Gets Robotic Operating Theatre
Italy Fines Apple €98.6 Million Over ATT Rules Limiting App Store Competition
Apple has been fined €98.6 million ($116 million) by Italy’s antitrust authority after finding that the company’s App Tracking Transparency (ATT) privacy framework restricted App Store competition. The Italian Competition Authority (Autorità Garante della Concorrenza e del Mercato, or AGCM)…
Evasive Panda APT poisons DNS requests to deliver MgBot
Kaspersky GReAT experts analyze the Evasive Panda APT’s infection chain, including shellcode encrypted with DPAPI and RC5, as well as the MgBot implant. This article has been indexed from Securelist Read the original article: Evasive Panda APT poisons DNS requests…
Operation PCPcat Hacked 59,000+ Next.js/React Servers Within 48 Hours
A massive credential-theft campaign dubbed PCPcat compromised 59,128 Next.js servers in under 48 hours. The operation exploits critical vulnerabilities CVE-2025-29927 and CVE-2025-66478, achieving a 64.6% success rate across 91,505 scanned targets. PCPCat scanners, distributed via react.py malware, probe public Next.js…
Interpol Taken Down 6 Ransomware Variants and Arrested 500+ Suspects
Law enforcement agencies across 19 African nations have achieved a landmark victory against cybercrime. Arresting 574 suspects and dismantling six ransomware variants during Operation Sentinel, a month-long coordinated crackdown that concluded on November 27. The operation, which ran from October…
Ransomware Attack on Romanian Waters Authority – 1,000+ IT Systems Compromised
Romania’s National Administration “Apele Române” (Romanian Waters) disclosed a severe ransomware attack on December 20, 2025. That compromised approximately 1,000 IT systems across the agency and 10 of its 11 regional water basin administrations. The incident affected critical infrastructure responsible…
Conjur: Open-source secrets management and application identity
Conjur is an open-source secrets management project designed for environments built around containers, automation, and dynamic infrastructure. It focuses on controlling access to credentials such as database passwords, API keys, and tokens that applications need at runtime. The project is…
What if your face could say “don’t record me”? Researchers think it’s possible
Phones, smart glasses, and other camera-equipped devices capture scenes that include people who never agreed to be recorded. A newly published study examines what it would take for bystanders to signal their privacy choices directly to nearby cameras. BLINDSPOT system…
Governance maturity defines enterprise AI confidence
AI security has reached a point where enthusiasm alone no longer carries organizations forward. New Cloud Security Alliance research shows that governance has become the main factor separating teams that feel prepared from those that do not. Governance separates confidence…
Critical MongoDB Flaw Leaks Sensitive Data Through zlib Compression
MongoDB has disclosed a critical security vulnerability tracked as CVE-2025-14847 that could allow attackers to extract uninitialized heap memory from database servers without authentication. The flaw, affecting multiple MongoDB versions dating back to v3.6, stems from a client-side exploit in…
WebRAT Malware Campaign Leveraging GitHub-Hosted Proof-of-Concept Code
Cybersecurity specialists from the Solar 4RAYS cyberthreat research center, a division of the Solar Group, have uncovered a dangerous new malware strain dubbed “Webrat.” This sophisticated threat has been identified as a multi-functional remote access tool (RAT) and information stealer…
Operation PCPcat Exploits Next.js and React, Impacting 59,000+ Servers
A sophisticated credential-stealing campaign named “Operation PCPcat” has compromised over 59,000 Next.js servers worldwide, exploiting critical vulnerabilities in the popular React framework to harvest sensitive authentication data at industrial scale. Security researchers discovered the campaign through honeypot monitoring and gained…
“Purifying” photons: Scientists found a way to clean light itself
A new discovery shows that messy, stray light can be used to clean up quantum systems instead of disrupting them. University of Iowa researchers found that unwanted photons produced by lasers can be canceled out by carefully tuning the light…
Counterfeit defenses built on paper have blind spots
Counterfeit protection often leans on the idea that physical materials have quirks no attacker can copy. A new study challenges that comfort by showing how systems built on paper surface fingerprints can be disrupted or bypassed. The research comes from…
Elementary OS 8.1 rolls out with a stronger focus on system security
Elementary OS 8.1 is now available for download and shipping on select hardware from retailers such as Star Labs, Slimbook, and Laptop with Linux. The update arrives after more than a year of refinements based on community feedback and issue…
What happens to enterprise data when GenAI shows up everywhere
Generative AI is spreading across enterprise workflows, shaping how employees create, share, and move information between systems. Security teams are working to understand where data ends up, who can access it, and how its use reshapes security assumptions. This article…
Year End Repeat: Pig Butchering: Operation Shamrock Fights Back
Over the holidays we are rerunning some of our favourite episodes. This one first aired this summer and was one of my first conversations with the fascinating head of Operation Shamrock. We’ll be back with regular programming on January 5th. …
IT Security News Hourly Summary 2025-12-24 06h : 2 posts
2 posts were published in the last hour 5:2 : What are Access Tokens? Complete Guide to Access Token Structure, Usage & Security 4:31 : Медицинская лаборатория Гемотест (Gemotest) – 6,341,495 breached accounts