GhostPairing campaign abuses WhatsApp device linking to hijack accounts
GhostPairing campaign abuses WhatsApp device linking to hijack accounts Pierluigi Paganini December 18, 2025 Attackers abuse WhatsApp’s device-linking feature to...
Year: 2025
2025 Federal Retrospective: The Year of Resilient Innovation
Resiliency has been top of mind in 2025, and recent high-profile CVEs serve as holiday reminders that adversaries aren’t...
The Biggest Cyber Stories of the Year: What 2025 Taught Us
The Biggest Cyber Stories of the Year: What 2025 Taught UsmadhavThu, 12/18/2025 – 10:30 2025 didn’t just test cybersecurity;...
Google releases fast AI model Gemini 3 Flash
A few weeks ago, Google launched the powerful AI model Gemini 3 and now it’s time for a faster variant...
The Case for Dynamic AI-SaaS Security as Copilots Scale
Within the past year, artificial intelligence copilots and agents have quietly permeated the SaaS applications businesses use every day. Tools...
Kimsuky Spreads DocSwap Android Malware via QR Phishing Posing as Delivery App
Dec 18, 2025Ravie LakshmananMalware / Mobile Security The North Korean threat actor known as Kimsuky has been linked to a...
Microsoft December Update Breaks Critical IIS Servers
The security updates delivered through KB5071546 have fundamentally broken Message Queuing (MSMQ) functionality across multiple Windows versions. The post Microsoft...
Chinese Hackers Breach Cisco’s Email Security Systems
The Chinese threat group, tracked as UAT-9686, has deployed a collection of custom-built hacking tools to maintain persistent access to...
SoundCloud Cyberattack Leaves 28M Users Exposed
The breach has already triggered widespread chaos across the platform, with users worldwide reporting connection failures and cryptic error messages....
How CISOs Can Beat the Ransomware Blame Game
Being a CISO is not for the weak-hearted. It’s a stressful role and an innately high-risk position. Around 25% of security...
2026 Cyber Predictions: Accelerating AI, Data Sovereignty, and Architecture Rationalization
2026 promises to be a critical period, marked by the confluence of advanced cyber capabilities driven by AI adoption,...
Smashing Security podcast #448: The Kindle that got pwned
Think your Kindle is harmless? Think again! In this episode, we unpack a Black Hat Europe talk revealing how a...
Private Certificate Authority 101: From Setup to Management
Home » Private Certificate Authority 101: From Setup to Management Introduction Security has become a primary focus in today’s...
CISA Flags Critical ASUS Live Update Flaw After Evidence of Active Exploitation
Dec 18, 2025Ravie LakshmananVulnerability / Software Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical...
Cisco Warns of Active Attacks Exploiting Unpatched 0-Day in AsyncOS Email Security Appliances
Dec 18, 2025Ravie LakshmananVulnerability / Network Security Cisco has alerted users to a maximum-severity zero-day flaw in Cisco AsyncOS software...