MuddyWater Deploys UDPGangster Backdoor in Targeted Turkey-Israel-Azerbaijan Campaign
Dec 08, 2025Ravie LakshmananNetwork Security / Vulnerability The Iranian hacking group known as MuddyWater has been observed leveraging a new...
Month: December 2025
Apple and Google Alert Users Worldwide After New Spyware Activity Surfaces
Image: Zulfugar Karimov/Unsplash Apple and Google confirmed last week that they have issued a new round of threat notifications to...
Microsoft Gives All Eligible PCs the Green Light for Windows 11 25H2
Image: Sunrise King/Unsplash Following the end of support for Windows 10, Microsoft is making a concerted effort to move its...
Strengthening Fraud Prevention with Real-Time Mobile Identity Signals
Fraud is growing faster than businesses can keep up with, especially as customers move more of their interactions into digital...
You can’t secure what you can’t see: the data challenge
The tidal wave of data Data is undoubtedly a key asset today, but all it takes is a breach to...
Security Affairs newsletter Round 553 by Pierluigi Paganini – INTERNATIONAL EDITION
Security Affairs newsletter Round 553 by Pierluigi Paganini – INTERNATIONAL EDITION Pierluigi Paganini December 07, 2025 A new round of...
Porsche outage in Russia serves as a reminder of the risks in connected vehicle security
Porsche outage in Russia serves as a reminder of the risks in connected vehicle security Pierluigi Paganini December 07, 2025...
The State of the 2025 Cyber Workforce: Skills Gaps, AI Opportunity and Economic Strain
Over the past few years, I have learned quite a bit about the cyber workforce from the annual ISC2 workforce...
Inside Shanya, a packer-as-a-service fueling modern attacks
We have covered packer-as-a-service offerings from the computer underworld in the past, previously dissecting impersonation campaigns and the rise of...
This Week in Scams: Phony AI Ads, Apple Account Takeover Attempts, and a PlayStation Scam
For this week in scams, we have fake AI-generated shopping images that could spoil your holidays, scammers use an Apple...
Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs
Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs Pierluigi Paganini December 06, 2025 A hacking campaign is targeting...
Drones to Diplomas: How Russia’s Largest Private University is Linked to a $25M Essay Mill
A sprawling academic cheating network turbocharged by Google Ads that has generated nearly $25 million in revenue has curious ties...
Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks
Dec 06, 2025Ravie LakshmananAI Security / Vulnerability Over 30 security vulnerabilities have been disclosed in various artificial intelligence (AI)-powered Integrated...
Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation
Dec 06, 2025Ravie LakshmananVulnerability / Patch Management The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday formally added a...
Critical React Server Components Vulnerability CVE-2025-55182: What Security Teams Need to Know
Main Takeaways:CVE-2025-55182 is a critical (CVSS 10.0) pre-authentication remote code execution vulnerability affecting React Server Components used in React.js, Next.js,...
