Sekoia.io delivered its technology and expertise to the NATO CCDCOE’s Crossed Swords 2025 (XS25) exercise to gather critical insights and validate our defensive capabilities in a military-grade environment. Hosted by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) in…
Phantom Stealer Targeting Users to Steal Sensitive Data
Sophisticated malware employs a multi-stage infection chain and advanced evasion techniques to exfiltrate sensitive information. Phantom, a sophisticated stealer malware variant, is conducting targeted attacks to harvest sensitive data from infected systems, including passwords, browser cookies, credit card information, and…
Critical Apache Commons Text Flaw Lets Hackers Execute Remote Code
A critical remote code execution vulnerability has been discovered in Apache Commons Text, affecting all versions prior to 1.10.0. The flaw, tracked as CVE-2025-46295, poses a significant security risk to organizations relying on the widely-used Java library for text manipulation…
Chinese Ink Dragon Breaches European Government Networks, Affecting Asia and South America
Ink Dragon, a Chinese espionage group, has significantly expanded its operational reach from Southeast Asia and South America into European government networks, according to ongoing research by Check Point Research. The threat actor employs a methodical approach that combines strategic…
Hackers Actively Exploit SonicWall SMA1000 Zero-Day to Escalate Privileges
SonicWall has issued an urgent security advisory warning of active exploitation of a local privilege escalation vulnerability affecting its SMA1000 appliances. The flaw, tracked as CVE-2025-40602, enables attackers with management console access to gain elevated privileges and potentially achieve complete…
New Reports Reveal WAFs Are Ineffective Against Latest React2Shell Exploit
TEL AVIV, Israel, Dec. 17, 2025 Miggo Security has released a comprehensive benchmark study revealing critical gaps in Web Application Firewall (WAF) protection, with the discovery of React2Shell (CVE-2025-55182) serving as a stark real-world validation of these vulnerabilities. The research, titled…
2026 Cyber Predictions: Accelerating AI, Data Sovereignty, and Architecture Rationalization
2026 marks a critical turning point for cybersecurity leaders as AI-driven threats, data sovereignty mandates, and hybrid infrastructure risks reshape the CISO agenda. Discover the strategic priorities that will define tomorrow’s security posture. The post 2026 Cyber Predictions: Accelerating AI, Data Sovereignty, and Architecture Rationalization appeared first on Security…
Push Security detects and blocks malicious copy-and-paste activity
Push Security announced the release of a new feature designed to tackle one of the fastest-growing cyber threats: ClickFix-style attacks. The company’s latest innovation, malicious copy-and-paste detection, blocks users from copying malicious scripts in their web browser, preventing them from…
Kimsuky Spreads DocSwap Android Malware via QR Phishing Posing as Delivery App
The North Korean threat actor known as Kimsuky has been linked to a new campaign that distributes a new variant of Android malware called DocSwap via QR codes hosted on phishing sites mimicking Seoul-based logistics firm CJ Logistics (formerly CJ…
Positive trends related to public IP ranges from the year 2025, (Thu, Dec 18th)
Since the end of the year is quickly approaching, it is undoubtedly a good time to look back at what the past twelve months have brought to us… And given that the entire cyber security profession is about protecting various…
Man Charged After £1.5m Crypto Robbery In Oxford
Man charged after masked raiders entered vehicle in Oxford, stole £450,000 watch and forced victim to transfer cryptocurrency This article has been indexed from Silicon UK Read the original article: Man Charged After £1.5m Crypto Robbery In Oxford
Stanford Finds China’s Open Source Models ‘Catch Up’ To US
Stanford study warns that China’s open source models have caught up or pulled ahead of those from US, advises engagement This article has been indexed from Silicon UK Read the original article: Stanford Finds China’s Open Source Models ‘Catch Up’…
Kimwolf Android Botnet Hijacked 1.8 Million Android Devices Worldwide
A massive botnet targeting Android devices has emerged as one of the most significant threats in the cybersecurity landscape today. Named Kimwolf, this sophisticated malware has compromised approximately 1.8 million Android devices worldwide, including smart TVs, set-top boxes, tablets, and…
Let’s Encrypt Unveils New “Generation Y” Root and 45-Day Certificates
Let’s Encrypt, the nonprofit certificate authority powering free TLS/SSL certificates for millions of websites, announced sweeping updates to its issuance policies. The changes introduce a new “Generation Y” root hierarchy, deprecate TLS client authentication, and progressively shorten certificate lifetimes to…
FTC orders crypto to pay, New exploit of React2Shell, Ukraine fraud ring take down
FTC orders crypto to pay New exploit of React2Shell Ukraine-based fraud ring taken down Huge thanks to our sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first cybersecurity company backed by OpenAI. In deepfake scams,…
IT Security News Hourly Summary 2025-12-18 09h : 9 posts
9 posts were published in the last hour 8:2 : SoundCloud Cyberattack Leaves 28M Users Exposed 8:2 : AUTOSUR – 487,226 breached accounts 7:32 : Kimwolf Android Botnet Compromises 1.8 Million Devices Worldwide 7:32 : Cybercriminals Registering Fake Shopping Domains…
SoundCloud Cyberattack Leaves 28M Users Exposed
The breach has already triggered widespread chaos across the platform, with users worldwide reporting connection failures and cryptic error messages. The post SoundCloud Cyberattack Leaves 28M Users Exposed appeared first on TechRepublic. This article has been indexed from Security Archives…
AUTOSUR – 487,226 breached accounts
In March 2025, the French vehicle inspection company AUTOSUR suffered a data breach exposing over 10M customer records, though only 487k unique email addresses were present. The compromised data included names, phone numbers, physical addresses, and vehicle details such as…
Kimwolf Android Botnet Compromises 1.8 Million Devices Worldwide
A newly discovered Android botnet dubbed “Kimwolf” has silently compromised over 1.8 million devices globally, primarily targeting Android TV boxes in residential networks. The massive operation, which at one point saw its command-and-control (C2) domain surpass Google in global popularity…
Cybercriminals Registering Fake Shopping Domains to Target Users This Holiday Season
As the global holiday shopping season reaches its peak, cybersecurity researchers have uncovered a massive, industrialized operation designed to defraud consumers through a sophisticated network of counterfeit e-commerce sites. In a report released in November 2025, PreCrime™ Labs, the research…
Hackers Actively Target Cisco and Palo Alto VPN Gateways to Steal Login Credentials
Cybersecurity researchers at GreyNoise have identified a large-scale, coordinated campaign targeting enterprise VPN authentication systems. The attackers are systematically attempting to breach Cisco SSL VPN and Palo Alto Networks GlobalProtect services through credential-based attacks rather than exploiting specific vulnerabilities. The…
Microsoft 365 Outage Disrupts Teams, Outlook, and Copilot in Japan and China
Thousands of users across Japan and China experienced significant disruptions to Microsoft 365 services on Thursday morning due to a critical routing issue affecting the company’s infrastructure. The outage affected essential workplace tools, including Teams, Outlook, OneDrive, and Copilot, resulting…
Critical Node.js Library Flaw Lets Hackers Execute Remote Commands on Windows
A severe command injection vulnerability has been discovered in systeminformation, a widely-used Node.js library for retrieving system information. The flaw, tracked as CVE-2025-68154, allows attackers to execute arbitrary commands on Windows systems when applications pass user input to the vulnerable…
China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear
The critical zero-day is tracked as CVE-2025-20393 and it impacts Secure Email Gateway and Secure Email and Web Manager appliances. The post China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear appeared first on SecurityWeek. This article has been indexed from…