Latest news as of 12/29/2025, 11:46:31 AM
Dark Reading
In the latest attacks against the vendor's SMA1000 devices, threat actors have chained a new zero-day flaw with a critical vulnerability disclosed earlier this year.
Bleeping Computer
Hackers gained access to an online coding repository belonging to the University of Sydney and stole files with personal information of staff and students. [...]
Bleeping Computer
The Clop ransomware gang is targeting Internet-exposed Gladinet CentreStack file servers in a new data theft extortion campaign. [...]
The Register
Study finds built-in browsers across gadgets often ship years out of date Web browsers for desktop and mobile devices tend to receive regular security updates, but that often isn't the case for those that reside within game consoles, televisions, e-readers, cars, and other devices. These outdated, embedded browsers can leave you open to phishing and other security vulnerabilities.…
The Register
'Within 10 minutes of gaining initial access, crypto miners were operational' Your AWS account could be quietly running someone else's cryptominer. Cryptocurrency thieves are using stolen Amazon account credentials to mine for coins at the expense of AWS customers, abusing their Elastic Container Service (ECS) and their Elastic Compute Cloud (EC2) resources, in an ongoing operation that started on November 2.…
The Hacker News
A previously undocumented China-aligned threat cluster dubbed LongNosedGoblin has been attributed to a series of cyber attacks targeting governmental entities in Southeast Asia and Japan. The end goal of these attacks is cyber espionage, Slovak cybersecurity company ESET said in a report published today. The threat activity cluster has been assessed to be active since at least September 2023. "
The Register
ByBit attack doing some seriously heavy lifting North Korea's yearly cryptocurrency thefts have accelerated, with Kim's state-backed cybercriminals plundering just over $2 billion worth of tokens in 2025.…
Bleeping Computer
An automated campaign is targeting multiple VPN platforms, with credential-based attacks being observed on Palo Alto Networks GlobalProtect and Cisco SSL VPN. [...]
Bleeping Computer
Law enforcement has seized the servers and domains of the E-Note cryptocurrency exchange, allegedly used by cybercriminal groups to launder more than $70 million. [...]
Bleeping Computer
NIS2 puts identity and access controls under the spotlight, with weak passwords and poor authentication now a compliance risk. Specops Software explains how to align password policies and MFA with NIS2 requirements. [...]