Author: PulauWin

Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading

December 14, 2025 add comment
The threat actor known as Storm-0249 is likely shifting from its role as an initial access broker to adopt a combination of more advanced tactics like domain spoofing, DLL... Read more »
Internet Security

Experts found an unsecured 16TB database containing 4.3B professional records

December 14, 2025 add comment
An open 16TB database exposed 4.3B professional records. It was unsecured and only closed after researchers alerted the owner. A 16TB unsecured MongoDB database exposed about 4.3 billion professional... Read more »
Help Net Security

Week in review: 40 open-source tools securing the stack, invisible IT to be the next workplace priority

December 14, 2025 add comment
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 40 open-source tools redefining how security teams secure the stack Open source security software... Read more »

ThreatsDay Bulletin: Spyware Alerts, Mirai Strikes, Docker Leaks, ValleyRAT Rootkit — and 20 More Stories

December 13, 2025 add comment
This week’s cyber stories show how fast the online world can turn risky. Hackers are sneaking malware into movie downloads, browser add-ons, and even software updates people trust. Tech... Read more »
Internet Security

Germany calls in Russian Ambassador over air traffic control hack claims

December 13, 2025 add comment
Germany summoned Russia’s ambassador over alleged cyberattacks on air traffic control and a disinformation campaign ahead of national elections. Germany summoned Russia’s ambassador after accusing Moscow of cyber attacks... Read more »
Internet Security

U.S. CISA adds Google Chromium and Sierra Wireless AirLink ALEOS flaws to its Known Exploited Vulnerabilities catalog

December 13, 2025 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium and Sierra Wireless AirLink ALEOS flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency... Read more »
Internet Security

Emergency fixes deployed by Google and Apple after targeted attacks

December 13, 2025 add comment
Google and Apple issued emergency updates to address zero-day flaws exploited in attacks targeting an unknown number of users. Apple and Google have both pushed out urgent security updates... Read more »
Internet Security

Notepad++ fixed updater bugs that allowed malicious update hijacking

December 12, 2025 add comment
Notepad++ addressed an updater vulnerability that allows attackers hijack update traffic due to weak file authentication. Notepad++ addressed a flaw in its updater that allowed attackers to hijack update... Read more »
The Hacker News

NANOREMOTE Malware Uses Google Drive API for Hidden Control on Windows Systems

December 12, 2025 add comment
Cybersecurity researchers have disclosed details of a new fully-featured Windows backdoor called NANOREMOTE that uses the Google Drive API for command-and-control (C2) purposes. According to a report from Elastic... Read more »
Security of TechRepublic

OT Security Lessons from 2025: Why Essential Eight Needs an OT Lens

December 12, 2025 add comment
OT security risks are rising as attackers target the IT–OT boundary. See why Essential Eight uplift needs an OT translation and what CIOs should focus on in 2026. The... Read more »
Subscribe to our Newsletter