Every week brings new discoveries, attacks, and defenses that shape the state of cybersecurity. Some threats are stopped quickly, while others go unseen until they cause real damage. Sometimes a single update, exploit, or mistake changes how we think about…
Open Vsx Supply Chain Attack Spreads Glassworm
Cybersecurity researchers recently identified a supply chain attack on the Open VSX Registry where hackers hijacked a developer’s account to distribute malicious updates. This article has been indexed from CyberMaterial Read the original article: Open Vsx Supply Chain Attack Spreads…
Nationstates Confirms Breach Shuts Site
The browser-based government simulation game NationStates recently experienced a significant data breach after a vulnerability reporter accessed and copied sensitive information from its production server. This article has been indexed from CyberMaterial Read the original article: Nationstates Confirms Breach Shuts…
Crypto Investor Loses Millions To Scam
An Ethereum investor recently lost $12.4 million in a sophisticated address poisoning scam after accidentally sending funds to a fraudulent wallet that mimicked a frequent contact. This article has been indexed from CyberMaterial Read the original article: Crypto Investor Loses…
Cyberattacks Disrupt Polish Energy Sites
CERT Polska reported that a coordinated wave of cyberattacks on December 29, 2025, targeted more than thirty renewable energy sites, a manufacturer, and a major combined heat and power plant. This article has been indexed from CyberMaterial Read the original…
Arrests Trigger Scam Worker Exodus
Recent law enforcement actions against two major network leaders in Cambodia have triggered a massive release of thousands of laborers from illicit scam compounds. This article has been indexed from CyberMaterial Read the original article: Arrests Trigger Scam Worker Exodus
Chrome Ad Blocker Caught Hijacking Amazon Affiliate Links
A Chrome extension posing as an Amazon ad blocker was found secretly hijacking affiliate links to redirect commissions to its developer. The post Chrome Ad Blocker Caught Hijacking Amazon Affiliate Links appeared first on eSecurity Planet. This article has been…
Top 10 Cyber Risk Management and GRC Companies in the UK and Globally
Cyber risk management and Governance, Risk, and Compliance (GRC) have become central to how organisations protect data, meet regulatory obligations, and maintain operational resilience. As cyber threats grow more sophisticated and regulatory scrutiny increases, organisations must demonstrate not only that…
Bitbucket Alternatives in 2026
Developers from around the world have known Bitbucket for years as one of the best Git repositories, especially for those working within the Atlassian ecosystem. It was released in 2008, but in 2026, it remains a crucial tool for many…
Span Cyber Security Arena 2026: Only 10 days left to secure early bird tickets
With preparations well underway, Span Cyber Security Arena 2026 is set to return for its third edition, bringing together domestic and international experts in cyber security. As in previous years, the conference is designed for everyone involved in that area…
Fancy Bear Exploits Microsoft Office Flaw in Ukraine, EU Cyber-Attacks
Russia-linked hacking group Fancy Bear is exploiting a brand-new vulnerability in Microsoft Office, CERT-UA says This article has been indexed from www.infosecurity-magazine.com Read the original article: Fancy Bear Exploits Microsoft Office Flaw in Ukraine, EU Cyber-Attacks
Microsoft Moves Closer to Disabling NTLM
The next major Windows Server and Windows releases will have the deprecated authentication protocol disabled by default. The post Microsoft Moves Closer to Disabling NTLM appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
Over 1,400 MongoDB Databases Ransacked by Threat Actor
Of 3,100 unprotected MongoDB instances, half remain compromised, most of them by a single threat actor. The post Over 1,400 MongoDB Databases Ransacked by Threat Actor appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Cyber Insights 2026: Malware and Cyberattacks in the Age of AI
Security leaders share how artificial intelligence is changing malware, ransomware, and identity-led intrusions, and how defenses must evolve. The post Cyber Insights 2026: Malware and Cyberattacks in the Age of AI appeared first on SecurityWeek. This article has been indexed…
ICE and Qatari Security Forces at the Winter Olympics Put Italians on Edge
The influx of security personnel from around the world is sparking concern among Italians ahead of the Milano Cortina Olympic Games. This article has been indexed from Security Latest Read the original article: ICE and Qatari Security Forces at the…
Nation-state hack exploited hosting infrastructure to hijack Notepad++ updates
Notepad++ maintainer says nation-state attackers hijacked the app’s update system by redirecting traffic at the hosting provider level. The Notepad++ maintainer revealed that nation-state hackers compromised the hosting provider’s infrastructure, redirecting update traffic to malicious servers. The attack did not…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 82
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter KONNI Adopts AI to Generate PowerShell Backdoors Who Operates the Badbox 2.0 Botnet? Weaponized in China, Deployed in India:…
Aisuru Botnet Drives DDoS Attack Volumes to Historic Highs
Currently, the modern internet is characterized by near-constant contention, in which defensive controls are being continuously tested against increasingly sophisticated adversaries. However, there are some instances where even experienced security teams are forced to rethink long-held assumptions about scale and…
Microsoft sets a path to switch off NTLM across Windows
Windows is shifting to a more secure authentication approach, moving away from New Technology LAN Manager (NTLM) and toward stronger, Kerberos-based options. NTLM has been part of Windows for decades and continues to appear in some environments, particularly where legacy…
Arsink Rat Attacking Android Devices to Exfiltrate Sensitive Data and Enable Remote Access
A dangerous Android malware called Arsink RAT has emerged as a serious threat to mobile device security worldwide. This cloud-native Remote Access Trojan gives attackers complete control over infected devices while quietly stealing personal information. The malware spreads through social…
Hackers Attacking MongoDB Instances to Delete Database and Add Ransom Note
Threat actors are actively targeting internet-exposed MongoDB instances in large-scale automated ransomware campaigns. The attacks follow a consistent pattern: attackers scan for unsecured MongoDB databases accessible on the public internet, delete the stored data, and insert ransom notes demanding payment…
How fake party invitations are being used to install remote access tools
“You’re invited!” It sounds friendly, familiar and quite harmless. But in a scam we recently spotted, that simple phrase is being used to trick victims into installing a full remote access tool on… This article has been indexed from Malwarebytes Read the original article: How fake party invitations are being used to…
Japan, Britain to Boost Cybersecurity and Critical Minerals Cooperation as China’s Influence Grows
Japan and Britain agree to accelerate cooperation on cybersecurity and the supply of critical minerals, as China’s influence grows in the region. The post Japan, Britain to Boost Cybersecurity and Critical Minerals Cooperation as China’s Influence Grows appeared first on…
Android RAT Uses Hugging Face to Host Malware
Bitdefender has discovered a new Android malware campaign that uses Hugging Face This article has been indexed from www.infosecurity-magazine.com Read the original article: Android RAT Uses Hugging Face to Host Malware