Tech companies around the world issue record levels of debt as they spend hundreds of billions on data centres to power AI This article has been indexed from Silicon UK Read the original article: AI Drives Tech Debt Issuance To…
U.S. CISA adds a flaw in Digiever DS-2105 Pro to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Digiever DS-2105 Pro flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Digiever DS-2105 Pro vulnerability, tracked as CVE-2023-52163 (CVSS Score of 8.8), to its Known…
Huawei’s HarmonyOS Crosses 27 Million User Mark
Huawei’s self-developed HarmonyOS has more than 27 million users, as China-developed OS competes with iOS, Android This article has been indexed from Silicon UK Read the original article: Huawei’s HarmonyOS Crosses 27 Million User Mark
Firewalla expands AP7 control and MSP management with app 1.67 update
Firewalla has announced Firewalla App version 1.67, a major upgrade that focuses on enterprise-grade Wi-Fi security, deeper access point control, and more flexible management for MSPs, small businesses, and advanced home users. The new release features expanded support for Enterprise…
Spotify music library scraped, DDoS disrupts French postal services, Fake delivery sites hit holiday shoppers
Spotify music library scraped DDoS disrupts France’s postal and banking services Fake delivery websites hit holiday shoppers Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs…
IT Security News Hourly Summary 2025-12-23 09h : 10 posts
10 posts were published in the last hour 8:2 : Minister Confirms UK Foreign Office Hacked 8:2 : From cheats to exploits: Webrat spreading via GitHub 8:2 : Spotify Music Library With 86M Music Files Scraped by Hacktivist Group 8:2…
Minister Confirms UK Foreign Office Hacked
Government minister confirms Foreign Office hacked in October, after report of data theft by group backed by Chinese state This article has been indexed from Silicon UK Read the original article: Minister Confirms UK Foreign Office Hacked
From cheats to exploits: Webrat spreading via GitHub
We dissect the new Webrat campaign where the Trojan spreads via GitHub repositories, masquerading as critical vulnerability exploits to target cybersecurity researchers. This article has been indexed from Securelist Read the original article: From cheats to exploits: Webrat spreading via…
Spotify Music Library With 86M Music Files Scraped by Hacktivist Group
The shadow library known as Anna’s Archive has executed a massive scrape of Spotify, releasing a torrent collection containing approximately 86 million audio tracks and metadata for 256 million songs. The group, which typically focuses on archiving academic papers and…
Hackers Using ClickFix Technique to Hide Images within the Image Files
Threat actors have evolved their attack strategies by combining the deceptive ClickFix social engineering lure with advanced steganography techniques to conceal malicious payloads within PNG image files. This sophisticated approach, discovered by Huntress analysts, represents a significant shift in how…
CISA Adds Digiever Authorization Vulnerability to KEV List Following Active Exploitation
A critical vulnerability affecting Digiever DS-2105 Pro network video recorders was added to the Known Exploited Vulnerabilities (KEV) catalog on December 22, 2025, following evidence of active exploitation in the wild. CVE-2023-52163 is a missing authorization vulnerability in Digiever DS-2105…
Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances
A critical security vulnerability has been disclosed in the n8n workflow automation platform that, if successfully exploited, could result in arbitrary code execution under certain circumstances. The vulnerability, tracked as CVE-2025-68613, carries a CVSS score of 9.9 out of a…
Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component
A comprehensive analysis and assessment of a critical severity vulnerability with low likelihood of mass exploitation This article has been indexed from WeLiveSecurity Read the original article: Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component
3.5 Million Affected by University of Phoenix Data Breach
The University of Phoenix is one of the many victims of the recent Oracle EBS hacking campaign attributed to the Cl0p ransomware group. The post 3.5 Million Affected by University of Phoenix Data Breach appeared first on SecurityWeek. This article…
Weak enforcement keeps PCI DSS compliance low
Payment card breaches continue to surface across industries, even after years of investment in security standards. A new study links this pattern to enforcement, showing that PCI DSS compliance trails behind HIPAA, GDPR, and the EU’s NIS2 Directive. A compliance…
FCC Bans Foreign-Made Drones and Key Parts Over U.S. National Security Risks
The U.S. Federal Communications Commission (FCC) on Monday announced a ban on all drones and critical components made in a foreign country, citing national security concerns. To that end, the agency has added to its Covered List Uncrewed aircraft systems…
Formal proofs expose long standing cracks in DNSSEC
DNSSEC is meant to stop attackers from tampering with DNS answers. It signs records so resolvers can verify that data is authentic and unchanged. Many security teams assume that if DNSSEC validation passes, the answer can be trusted. New academic…
Malicious NPM Package with 56K Downloads Steals WhatsApp Messages
A dangerous npm package named “lotusbail” has been stealing WhatsApp messages and user data from thousands of developers worldwide. The package, which has been downloaded over 56,000 times, disguises itself as a legitimate WhatsApp Web API library while secretly running…
Cyberattack Disrupts France’s Postal Service and Banking During Christmas Rush
A cyberattack knocked France’s national postal service offline, blocking and delaying package deliveries and online payments. The post Cyberattack Disrupts France’s Postal Service and Banking During Christmas Rush appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Cloud security is stuck in slow motion
Cloud environments are moving faster than the systems meant to protect them. A new Palo Alto Networks study shows security teams struggling to keep up with development cycles, growing cloud sprawl, and attacker tactics that now compress breaches into minutes…
AI code looks fine until the review starts
Software teams have spent the past year sorting through a rising volume of pull requests generated with help from AI coding tools. New research puts numbers behind what many reviewers have been seeing during work. The research comes from CodeRabbit…
Cybersecurity jobs available right now: December 23, 2025
Application Security Architect ARRISE | UAE | Hybrid – View job details As an Application Security Architect, you will define and mature the application security architecture strategy, standards, and guardrails across products and platforms. You will lead threat modeling and…
What Does it Take to Manage Cloud Risk?
Learn why hybrid and multi-cloud environments are vital for IT and business success from our 2025 Trend Micro Defenders Survey. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: What Does it Take…
Model Context Protocol (MCP) Vulnerability Assessment in a Post-Quantum Setting
Explore MCP vulnerabilities in a post-quantum world. Learn about PQC solutions, zero-trust architecture, and continuous monitoring for AI infrastructure security. The post Model Context Protocol (MCP) Vulnerability Assessment in a Post-Quantum Setting appeared first on Security Boulevard. This article has…