🦅 The Week in Vulnerabilities: More Than 2,000 New Flaws Emerge 🦅
📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Cyble Vulnerability Intelligence researchers tracked 2,415 vulnerabilities in the last week, a significant increase over even last weeks very high number of new vulnerabilities. The increase signals a heightened risk landscape and expanding attack surface in the current threat environment. Over 300 of the disclosed vulnerabilities already have a publicly available ProofofConcept PoC, significantly increasing the likelihood of realworld attacks. A total of 219 vulnerabilities were rated as critical under the CVSS v3.1 scoring system, while 47 received a critical severity rating based on the newer CVSS v4.0 scoring system. Even after factoring out a high number of Linux kernel and Adobe vulnerabilities chart below, new vulnerabilities reported in the last week were still very ...📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Cyble
IT Vulnerabilities Surge As ICS Flaws Push Weekly Record
IT vulnerabilities and ICS flaws surged past 2,000 in one week, with critical bugs, PoCs, and dark web activity raising risk for enterprises.
📔 Top Ransomware Trends of 2025 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity has selected some of the key ransomware statistics for 2025.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Top Ransomware Trends of 2025
Infosecurity has selected some of the key ransomware statistics for 2025
🦿 SEC Targets Crypto Platforms in Social Media Scam Crackdown 🦿
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
The Securities and Exchange Commission launched an enforcement wave targeting three purported cryptocurrency trading platforms and four investment clubs. The post SEC Targets Crypto Platforms in Social Media Scam Crackdown appeared first on TechRepublic.📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
TechRepublic
SEC Targets Crypto Platforms in Social Media Scam Crackdown
The Securities and Exchange Commission launched an enforcement wave targeting three purported cryptocurrency trading platforms and four investment clubs.
❤1
🖋️ Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Cybersecurity researchers have discovered two malicious Google Chrome extensions with the same name and published by the same developer that come with capabilities to intercept traffic and capture user credentials. The extensions are advertised as a "multilocation network speed test plugin" for developers and foreign trade personnel. Both the browser addons are available for download as of.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🦅 RTO Scam Wave Continues: A Surge in Browser-Based e-Challan Phishing and Shared Fraud Infrastructure 🦅
📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Following our earlier reporting on RTOthemed threats, CRIL observed a renewed phishing wave abusing the eChallan ecosystem to conduct financial fraud. Unlike earlier Android malwaredriven campaigns, this activity relies entirely on browserbased phishing, significantly lowering the barrier for victim compromise. During the course of this research, CRIL also noted that similar fake eChallan scams have been highlighted by mainstream media outlets, including Hindustan Times, underscoring the broader scale and realworld impact of these campaigns on Indian users. The campaign primarily targets Indian vehicle owners via unsolicited SMS messages claiming an overdue traffic fine. The message includes a deceptive URL resembling an official eChallan domain. Once accessed, victims are presented...📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Cyble
RTO Scam Wave Continues
CRIL Uncovers a New Wave of Browser-Based e-Challan Phishing Powered by Shared Fraud Infrastructure.
📢 US small businesses are fighting off a wave of cyber attacks 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
While threats are rising, many small business owners are trying to manage the risk themselves.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
IT Pro
US small businesses are fighting off a wave of cyber attacks
While threats are rising, many small business owners are trying to manage the risk themselves
🦿 Cyberattack Knocks La Poste Offline, Disrupting Postal and Banking Services Across France 🦿
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
La Poste described the situation as a major network incident that affected all of its information systems. The post Cyberattack Knocks La Poste Offline, Disrupting Postal and Banking Services Across France appeared first on TechRepublic.📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
TechRepublic
Cyberattack Knocks La Poste Offline, Disrupting Postal and Banking Services Across France
La Poste described the situation as “a major network incident” that affected all of its information systems.
🦿 UK Government Urged to Review Palantir Contracts After Swiss Security Report 🦿
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
The report warned that sensitive military data shared with Palantir could potentially be accessed by US government bodies, including intelligence services. The post UK Government Urged to Review Palantir Contracts After Swiss Security Report appeared first on TechRepublic.📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
TechRepublic
UK Government Urged to Review Palantir Contracts After Swiss Security Report
The report warned that sensitive military data shared with Palantir could potentially be accessed by US government bodies, including intelligence services.
🖋️ Italy Fines Apple €98.6 Million Over ATT Rules Limiting App Store Competition 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Apple has been fined 98.6 million 116 million by Italy's antitrust authority after finding that the company's App Tracking Transparency ATT privacy framework restricted App Store competition. The Italian Competition Authority Autorit Garante della Concorrenza e del Mercato, or AGCM said the company's "absolute dominant position" in app distribution allowed it to "unilaterally impose".📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🚀 A brush with online fraud: What are brushing scams and how do I stay safe? 🚀
📖 Read more.
🔗 Via "ESET - WeLiveSecurity"
----------
👁️ Seen on @cibsecurity
Have you ever received a package you never ordered? It could be a warning sign that your data has been compromised, with more fraud to follow.📖 Read more.
🔗 Via "ESET - WeLiveSecurity"
----------
👁️ Seen on @cibsecurity
Welivesecurity
A brush with online fraud: What are brushing scams and how do I stay safe?
Have you ever received a package you never ordered? It could be a warning sign that your data has been compromised, with more fraud to follow.
📔 Reworked MacSync Stealer Adopts Quieter Installation Process 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
A newly discovered macOS malware mimics legitimate apps codesigned and notarized by Apple.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Reworked MacSync Stealer Adopts Quieter Installation Process
A newly discovered macOS malware mimics legitimate apps code-signed and notarized by Apple
📔 Clop Ransomware Group Linked to 3.5m University of Phoenix Breach 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
A University of Phoenix data breach affecting nearly 3.5 million individuals has been claimed by the Clop ransomware collective.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Clop Ransomware Group Linked to 3.5m University of Phoenix Breach
A University of Phoenix data breach affecting nearly 3.5 million individuals has been claimed by the Clop ransomware collective
📔 La Poste Still Offline After Major DDoS Attack 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
French postal service warns of major network incident just before Christmas.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
La Poste Still Offline After Major DDoS Attack
French postal service warns of “major network incident” just before Christmas
🖋️ SEC Files Charges Over $14 Million Crypto Scam Using Fake AI-Themed Investment Tips 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The U.S. Securities and Exchange Commission SEC has filed charges against multiple companies for their alleged involvement in an elaborate cryptocurrency scam that swindled more than 14 million from retail investors. The complaint charged crypto asset trading platforms Morocoin Tech Corp., Berge Blockchain Technology Co., Ltd., and Cirkor Inc., as well as investment clubs AI Wealth Inc., Lane.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 ServiceNow to Pay $7.8bn For OT Security Specialist Armis 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
ServiceNow is set to acquire Armis for 7.75bn in a cashonly deal expected to close in the second half of 2026.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
ServiceNow to Pay $7.8bn For OT Security Specialist Armis
ServiceNow is set to acquire Armis for $7.75bn in a cash-only deal expected to close in the second half of 2026
📔 NIST, MITRE Partner on $20m AI Centers For Manufacturing and Cybersecurity 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
NIST and MITRE are collaboratively launching two centers to advance AI security for US manufacturing and critical infrastructure.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
NIST, MITRE Partner on $20m AI Centers For Manufacturing and Cybersecurity
NIST and MITRE are collaboratively launching two centers to advance AI security for US manufacturing and critical infrastructure
❤1
🖋️ Attacks are Evolving: 3 Ways to Protect Your Business in 2026 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Every year, cybercriminals find new ways to steal money and data from businesses. Breaching a business network, extracting sensitive data, and selling it on the dark web has become a reliable payday. But in 2025, the data breaches that affected small and mediumsized businesses SMBs challenged our perceived wisdom about exactly which types of businesses cybercriminals are targeting. .📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
❤2
🖋️ Nomani Investment Scam Surges 62% Using AI Deepfake Ads on Social Media 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The fraudulent investment scheme known as Nomani has witnessed an increase by 62, according to data from ESET, as campaigns distributing the threat have also expanded beyond Facebook to include other social media platforms, such as YouTube. The Slovak cybersecurity company said it blocked over 64,000 unique URLs associated with the threat this year. A majority of the detections originated from.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 Coordinated Scams Target MENA Region With Fake Online Job Ads 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
A coordinated wave of fake online job ads targeting the Middle East and North Africa has been uncovered, exploiting remote work trends.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Coordinated Scams Target MENA Region With Fake Online Job Ads
A coordinated wave of fake online job ads targeting the Middle East and North Africa has been uncovered, exploiting remote work trends
🔥1
🖋️ New MongoDB Flaw Lets Unauthenticated Attackers Read Uninitialized Memory 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
A highseverity security flaw has been disclosed in MongoDB that could allow unauthenticated users to read uninitialized heap memory. The vulnerability, tracked as CVE202514847 CVSS score 8.7, has been described as a case of improper handling of length parameter inconsistency, which arises when a program fails to appropriately tackle scenarios where a length field is inconsistent with the.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity