Latest news as of 12/30/2025, 1:00:31 PM
The Hacker News
If you use a smartphone, browse the web, or unzip files on your computer, you are in the crosshairs this week. Hackers are currently exploiting critical flaws in the daily software we all rely on—and in some cases, they started attacking before a fix was even ready. Below, we list the urgent updates you need to install right now to stop these active threats. ⚡ Threat of the Week Apple and
The Register
Automaker admits raid that crippled its factories in August led to the theft of sensitive payroll data Jaguar Land Rover (JLR) has reportedly told staff the cyber-raid that crippled its operations in August didn't just bring production to a screeching halt – it also walked off with the personal payroll data of thousands of employees.…
Graham Cluley
A 49-year-old man has received a five-and-a-half year jail sentence after admitting to creating detailed video tutorials that showed members of a criminal gang how to infect Android phones with spyware and drain their bank accounts. Read more in my article on the Hot for Security blog.
Bleeping Computer
The French Interior Minister confirmed on Friday that the country's Ministry of the Interior was breached in a cyberattack that compromised e-mail servers. [...]
The Register
Both vendors admit attackers were already exploiting the bugs, with scant detail and quiet hints of spyware-grade abuse. Apple and Google have both issued emergency patches after zero-day bugs were caught being actively exploited in what the companies describe as "sophisticated" real-world attacks.…
The Register
Minister insists 'modest' bill is not an assault on privacy-preserving tech The Danish government wants the public to weigh in on its proposed laws restricting use of VPNs to access certain corners of the internet.…
The Hacker News
Cybersecurity researchers have disclosed details of an active phishing campaign that's targeting a wide range of sectors in Russia with phishing emails that deliver Phantom Stealer via malicious ISO optical disc images. The activity, codenamed Operation MoneyMount-ISO by Seqrite Labs, has primarily singled out finance and accounting entities, with those in the procurement, legal, payroll
The Register
I'm dreaming of a white hat mass It was 40 years ago that four young British hackers set about changing the law, although they didn't know it at the time. It was a cross-platform attack including a ZX Spectrum, a BBC Micro, and a Tatung Einstein slamming British Telecom's Prestel service over dial-up modems at 75 bits per second.… Opinion
Bleeping Computer
Microsoft has confirmed that the December 2025 security updates are breaking Message Queuing (MSMQ) functionality, affecting enterprise applications and Internet Information Services (IIS) websites. [...]
The Hacker News
The pro-Russian hacktivist group known as CyberVolk (aka GLORIAMIST) has resurfaced with a new ransomware-as-a-service (RaaS) offering called VolkLocker that suffers from implementation lapses in test artifacts, allowing users to decrypt files without paying an extortion fee. According to SentinelOne, VolkLocker (aka CyberVolk 2.x) emerged in August 2025 and is capable of targeting both Windows