information security news

Washington Post notifies 10,000 individuals affected in Oracle-linked data theft

AndyC 15 November 2025

Washington Post notifies 10,000 individuals affected in Oracle-linked data theft Pierluigi Paganini November 14, 2025 The Washington Post alerts nearly...

Chrome extension “Safery” steals Ethereum wallet seed phrases

AndyC 14 November 2025

Chrome extension “Safery” steals Ethereum wallet seed phrases Pierluigi Paganini November 13, 2025 Malicious Chrome extension “Safery: Ethereum Wallet” steals...

A new round of Europol’s Operation Endgame dismantled Rhadamanthys, Venom RAT, and Elysium botnet

AndyC 14 November 2025

A new round of Europol’s Operation Endgame dismantled Rhadamanthys, Venom RAT, and Elysium botnet Pierluigi Paganini November 13, 2025 Europol’s...

U.S. CISA adds WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities catalog

AndyC 14 November 2025

U.S. CISA adds WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini November...

Amazon alerts: advanced threat actor exploits Cisco ISE & Citrix NetScaler zero-days

AndyC 14 November 2025

Amazon alerts: advanced threat actor exploits Cisco ISE & Citrix NetScaler zero-days Pierluigi Paganini November 13, 2025 Amazon warns that...

New Danabot Windows version appears in the threat landscape after May disruption

AndyC 13 November 2025

New Danabot Windows version appears in the threat landscape after May disruption Pierluigi Paganini November 12, 2025 DanaBot returns after...

Leading AI companies accidentally leak their passwords and digital keys on GitHub – what you need to know

Australia’s spy chief warns of China-linked threats to critical infrastructure

AndyC 13 November 2025

Australia’s spy chief warns of China-linked threats to critical infrastructure Pierluigi Paganini November 12, 2025 Australia’s spy chief warns China-linked...

Security Blogs

Synology patches critical BeeStation RCE flaw shown at Pwn2Own Ireland 2025

AndyC 13 November 2025

Synology patches critical BeeStation RCE flaw shown at Pwn2Own Ireland 2025 Pierluigi Paganini November 12, 2025 Synology fixed a critical...

$7.3B crypto laundering: ‘Bitcoin Queen’ sentenced to 11 Years in UK

AndyC 13 November 2025

$7.3B crypto laundering: ‘Bitcoin Queen’ sentenced to 11 Years in UK Pierluigi Paganini November 12, 2025 “Bitcoin Queen” Zhimin Qian...

Microsoft Patch Tuesday security updates for November 2025 fixed an actively exploited Windows Kernel bug

AndyC 12 November 2025

Microsoft Patch Tuesday security updates for November 2025 fixed an actively exploited Windows Kernel bug Pierluigi Paganini November 12, 2025...

SAP fixed a maximum severity flaw in SQL Anywhere Monitor

AndyC 12 November 2025

SAP fixed a maximum severity flaw in SQL Anywhere Monitor Pierluigi Paganini November 11, 2025 SAP fixed 19 security issues,...

Fantasy Hub: Russian-sold Android RAT boasts full device espionage as MaaS

AndyC 12 November 2025

Fantasy Hub: Russian-sold Android RAT boasts full device espionage as MaaS Pierluigi Paganini November 11, 2025 Researchers found Fantasy Hub,...

North Korea-linked Konni APT used Google Find Hub to erase data and spy on defectors

AndyC 12 November 2025

North Korea-linked Konni APT used Google Find Hub to erase data and spy on defectors Pierluigi Paganini November 11, 2025...

U.S. CISA adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalog

AndyC 12 November 2025

U.S. CISA adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini November 11, 2025 U.S. Cybersecurity and...

Critical Triofox bug exploited to run malicious payloads via AV configuration

AndyC 12 November 2025

Critical Triofox bug exploited to run malicious payloads via AV configuration Pierluigi Paganini November 11, 2025 Hackers exploited Triofox flaw...

information security news

Washington Post notifies 10,000 individuals affected in Oracle-linked data theft

Chrome extension “Safery” steals Ethereum wallet seed phrases

A new round of Europol’s Operation Endgame dismantled Rhadamanthys, Venom RAT, and Elysium botnet

U.S. CISA adds WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities catalog

Amazon alerts: advanced threat actor exploits Cisco ISE & Citrix NetScaler zero-days

New Danabot Windows version appears in the threat landscape after May disruption

Australia’s spy chief warns of China-linked threats to critical infrastructure

Synology patches critical BeeStation RCE flaw shown at Pwn2Own Ireland 2025

$7.3B crypto laundering: ‘Bitcoin Queen’ sentenced to 11 Years in UK

Microsoft Patch Tuesday security updates for November 2025 fixed an actively exploited Windows Kernel bug

SAP fixed a maximum severity flaw in SQL Anywhere Monitor

Fantasy Hub: Russian-sold Android RAT boasts full device espionage as MaaS

North Korea-linked Konni APT used Google Find Hub to erase data and spy on defectors

U.S. CISA adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalog

Critical Triofox bug exploited to run malicious payloads via AV configuration

Credential stuffing: What it is and how to protect yourself

This month in security with Tony Anscombe – December 2025 edition

A brush with online fraud: What are brushing scams and how do I stay safe?

Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

ESET Threat Report H2 2025

Donate Bitcoin to this address

Donate Ethereum to this address

When the Marketing Graph Becomes the Target Map

Can You Afford the Total Cost of Free Java?

BodySnatcher (CVE-2025-12420): A Broken Authentication and Agentic Hijacking Vulnerability in ServiceNow

ColorTokens Achieves FedRAMP® Moderate ATO for Xshield™

Anthropic releases Cowork – Claude Code directly on your computer

Donate Bitcoin to this address

Donate Ethereum to this address

You may have missed