Latest Cybersecurity News and Articles
23 December 2025
Italy’s antitrust authority fined Apple $116 million after determining that operating one of its privacy features restricted App Store competition.
The post Italy Antitrust Agency Fines Apple $116 Million Over Privacy Feature; Apple Announces Appeal appeared first on SecurityWeek.
23 December 2025
Authorities in Senegal, Ghana, Benin, and Cameroon dismantled BEC, ransomware, and other cyber-fraud networks.
The post 574 Arrested, $3 Million Seized in Crackdown on African Cybercrime Rings appeared first on SecurityWeek.
23 December 2025
The U.S. Justice Department (DoJ) on Monday announced the seizure of a web domain and database that it said was used to further a criminal scheme designed to target and defraud Americans by means of bank account takeover fraud.
The domain in question, web3adspanels[.]org, was used as a backend web panel to host and manipulate illegally harvested bank login credentials. Users to the website are
23 December 2025
A critical security vulnerability has been disclosed in the n8n workflow automation platform that, if successfully exploited, could result in arbitrary code execution under certain circumstances.
The vulnerability, tracked as CVE-2025-68613, carries a CVSS score of 9.9 out of a maximum of 10.0. The package has about 57,000 weekly downloads, according to statistics on npm.
"Under certain
23 December 2025
The University of Phoenix is one of the many victims of the recent Oracle EBS hacking campaign attributed to the Cl0p ransomware group.
The post 3.5 Million Affected by University of Phoenix Data Breach appeared first on SecurityWeek.
23 December 2025
The U.S. Federal Communications Commission (FCC) on Monday announced a ban on all drones and critical components made in a foreign country, citing national security concerns.
To that end, the agency has added to its Covered List Uncrewed aircraft systems (UAS) and UAS critical components produced in a foreign country, and all communications and video surveillance equipment and services pursuant
23 December 2025
A cyberattack knocked France’s national postal service offline, blocking and delaying package deliveries and online payments.
The post Cyberattack Disrupts France’s Postal Service and Banking During Christmas Rush appeared first on SecurityWeek.
22 December 2025
Cybersecurity researchers have disclosed details of a new malicious package on the npm repository that works as a fully functional WhatsApp API, but also contains the ability to intercept every message and link the attacker's device to a victim's WhatsApp account.
The package, named "lotusbail," has been downloaded over 56,000 times since it was first uploaded to the registry by a user named "
22 December 2025
Shannon Miller shares her approach to creating domestic safety and a call to the cyber community to help reduce harm.
The post Rising Tides: When Cybersecurity Becomes Personal – Inside the Work of an OSINT Investigator appeared first on SecurityWeek.
22 December 2025
The suspects are leaders and members of the Venezuelan crime syndicate Tren de Aragua.
The post 54 Charged in US Over ATM Attacks Involving ‘Ploutus’ Malware appeared first on SecurityWeek.
22 December 2025
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Dec. 20, 2025 –Listen to the podcast David Braue, Editor-At-Large for Cybercrime Magazine, joined host Scott Schober in a recent episode on the Cybercrime Magazine Podcast to discuss Australia’s world-first teen social media
The post A Page From Australia’s Cybersecurity Playbook: Pentesting Our Kids appeared first on Cybercrime Magazine.
22 December 2025
A recent MacSync Stealer version no longer requires users to directly interact with the terminal for execution.
The post MacSync macOS Malware Distributed via Signed Swift Application appeared first on SecurityWeek.
22 December 2025
The cybersecurity startup will use the funds to accelerate platform improvements, global expansion, and partnerships.
The post Gambit Cyber Raises $3.4 Million in Seed Funding appeared first on SecurityWeek.
22 December 2025
Cyber threats last week showed how attackers no longer need big hacks to cause big damage. They’re going after the everyday tools we trust most — firewalls, browser add-ons, and even smart TVs — turning small cracks into serious breaches.
The real danger now isn’t just one major attack, but hundreds of quiet ones using the software and devices already inside our networks. Each trusted system can
22 December 2025
As the internet becomes an essential part of daily life, its environmental footprint continues to grow.
Data centers, constant connectivity, and resource-heavy browsing habits all contribute to energy consumption and digital waste. While individual users may not see this impact directly, the collective effect of everyday browsing is significant.
Choosing a browser designed with
22 December 2025
Artem Stryzhak pleaded guilty to conspiracy to commit computer fraud after he was extradited earlier this year.
The post Ukrainian Nefilim Ransomware Affiliate Pleads Guilty in US appeared first on SecurityWeek.
22 December 2025
The critical-severity bug in the Fireware OS’s iked process leads to unauthenticated remote code execution.
The post WatchGuard Patches Firebox Zero-Day Exploited in the Wild appeared first on SecurityWeek.
22 December 2025
The British government is investigating a “cyber incident” following news reports that hackers linked to China have gained access to thousands of confidential documents.
The post UK Government Acknowledges It Is Investigating Cyber Incident After Media Reports appeared first on SecurityWeek.
22 December 2025
Threat actors have been observed leveraging malicious dropper apps masquerading as legitimate applications to deliver an Android SMS stealer dubbed Wonderland in mobile attacks targeting users in Uzbekistan.
"Previously, users received 'pure' Trojan APKs that acted as malware immediately upon installation," Group-IB said in an analysis published last week. "Now, adversaries increasingly deploy
20 December 2025
Threat hunters have discerned new activity associated with an Iranian threat actor known as Infy (aka Prince of Persia), nearly five years after the hacking group was observed targeting victims in Sweden, the Netherlands, and Turkey.
"The scale of Prince of Persia's activity is more significant than we originally anticipated," Tomer Bar, vice president of security research at SafeBreach, said