All Recent Posts

Internet Security

Porsche outage in Russia serves as a reminder of the risks in connected vehicle security

December 7, 2025 add comment
Hundreds of Porsche cars in Russia became undrivable due to a malfunction in their factory-installed satellite security system, owners say. Hundreds of Porsche cars in Russia became undrivable after... Read more »
Help Net Security

Week in review: React, Node.js flaw patched, ransomware intrusion exposes espionage foothold

December 7, 2025 add comment
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Creative cybersecurity strategies for resource-constrained institutions In this Help Net Security interview, Dennis Pickett,... Read more »
Internet Security

Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs

December 6, 2025 add comment
A hacking campaign is targeting GlobalProtect logins and scannig SonicWall APIs since December 2, 2025. A campaign began on December 2 targeting Palo Alto GlobalProtect portals with login attempts... Read more »

ShadyPanda Turns Popular Browser Extensions with 4.3 Million Installs Into Spyware

December 6, 2025 add comment
A threat actor known as ShadyPanda has been linked to a seven-year-long browser extension campaign that has amassed over 4.3 million installations over time. Five of these extensions started... Read more »

Malicious Rust Crate Delivers OS-Specific Malware to Web3 Developer Systems

December 6, 2025 add comment
Cybersecurity researchers have discovered a malicious Rust package that’s capable of targeting Windows, macOS, and Linux systems, and features malicious functionality to stealthily execute on developer machines by masquerading... Read more »
Internet Security

Maximum-severity XXE vulnerability discovered in Apache Tika

December 6, 2025 add comment
A maximum severity vulnerability in Apache Tika, tracked as CVE-2025-66516 (CVSS score of 10.0), allows XML external entity attacks. CVE-2025-66516 carries a maximum CVSS rating of 10.0 because it... Read more »
Security of TechRepublic

CrowdStrike Identifies New China-Nexus Espionage Actor

December 5, 2025 add comment
CrowdStrike’s investigation shows that WARP PANDA initially infiltrated some victim networks as early as late 2023, later expanding operations. The post CrowdStrike Identifies New China-Nexus Espionage Actor appeared first... Read more »
Security of TechRepublic

Google Rolls Out Chrome 143 Update for Billions Worldwide

December 5, 2025 add comment
Google fixes 13 security vulnerabilities in a December desktop update rolling out to Windows, macOS, and Linux users. The post Google Rolls Out Chrome 143 Update for Billions Worldwide... Read more »
The Hacker News

Brazil Hit by Banking Trojan Spread via WhatsApp Worm and RelayNFC NFC Relay Fraud

December 5, 2025 add comment
The threat actor known as Water Saci is actively evolving its tactics, switching to a sophisticated, highly layered infection chain that uses HTML Application (HTA) files and PDFs to... Read more »
Internet Security

JPCERT/CC Reports Widespread Exploitation of Array Networks AG Gateway Vulnerability

December 5, 2025 add comment
Array Networks AG gateways have been under active exploitation since August 2025 due to a command injection flaw, JPCERT/CC warns. A command injection flaw in Array Networks AG Series... Read more »
Subscribe to our Newsletter