Cisco Says Chinese Hackers Are Exploiting Its Customers with a New Zero-Day
Cisco disclosed that Chinese‑linked hackers are exploiting a critical zero‑day vulnerability in its AsyncOS software, specifically targeting the Secure Email Gateway and Secure Email and Web Manager appliances. The flaw, active since at least November 2025, allows full device takeover and persists via backdoors, yet no patch exists. Cisco advises customers to wipe and rebuild compromised appliances as the only immediate remediation. The attack surface is limited to devices with the Spam Quarantine feature enabled and exposed to the internet.
Attackers Use Stolen AWS Credentials in Cryptomining Campaign
Attackers compromised AWS Identity and Access Management (IAM) credentials and used them to launch cryptomining workloads on Amazon EC2 and ECS within ten minutes of initial access. AWS GuardDuty flagged the activity, revealing a coordinated campaign that leveraged dry‑run API...
Afripol Focuses on Regional Cyber Challenges, Deepening Cooperation
Law‑enforcement officials from more than 40 African countries gathered in Algiers for Afripol’s sixth heads‑of‑national‑liaison meeting, focusing on cross‑border cybercrime, equipment standardisation, and investigator training. The forum highlighted a surge in digital adoption that has produced an average of 3,153...
Why a 17-Year-Old Built an AI Model to Expose Deepfake Maps
A California high‑school junior, Vaishnav Anand, built an AI model to detect manipulated satellite imagery after becoming a victim of a personal deepfake. He presented his research at MIT’s IEEE Undergraduate Research Technology Conference, highlighting a largely unexplored field known...
Why You Should Train Your SOC Like a Triathlete
The article likens SOC development to triathlon training, urging teams to boost data coverage, standardize evidence, and apply AI selectively. It highlights that limited retention (7‑14 days) hides attacker dwell time, and that inconsistent log definitions stall investigations. By extending...
Hacking Group Says It’s Extorting Pornhub After Stealing Users’ Viewing Data
Scattered Lapsus$ Hunters, linked to the ShinyHunters gang, announced an extortion attempt against Pornhub after stealing personal data of premium members through a breach at analytics provider Mixpanel. The stolen information includes email addresses, location, and detailed viewing activity such...
ESET Threat Report H2 2025
The second half of 2025 saw AI‑driven malware become operational, highlighted by PromptLock, the first known AI‑generated ransomware. Lumma Stealer’s presence faded dramatically, with detections dropping 86% after its May disruption. CloudEyE (GuLoader) exploded in prevalence, increasing thirty‑fold and serving...
What Is Xfinity xFi Complete? A Complete Guide
Xfinity’s xFi Complete is a premium add‑on for existing Xfinity Internet customers that bundles whole‑home mesh Wi‑Fi, advanced cybersecurity, unlimited data, and automatic gateway upgrades. The service relies on xFi Pods to eliminate dead zones and provides real‑time threat detection...
Data Breach at Credit Check Giant 700Credit Affects at Least 5.6 Million
Credit‑check provider 700Credit disclosed a breach that compromised personal data of at least 5.6 million individuals, including names, addresses, dates of birth and Social Security numbers. The intrusion, traced to an unidentified actor, affected information collected from auto‑dealership customers between May...
We Need a New Type of Cybersecurity Product
The author argues that cybersecurity has failed to demonstrate value because it talks to the wrong audience with the wrong metrics. Instead of chaotic activity logs, security programs need products that convey safety and calm through concise narratives and evidence....
Home Depot Exposed Access to Internal Systems for a Year, Says Researcher
A Home Depot employee inadvertently posted a private GitHub access token, exposing hundreds of internal source‑code repositories and cloud‑based order‑fulfillment and inventory systems for roughly a year. Security researcher Ben Zimmermann discovered the token in early November, tested its privileges,...
Flaw in Photo Booth Maker’s Website Exposes Customers’ Pictures
A security researcher discovered that Hama Film, a photo‑booth maker owned by Vibecast, left customer photos and videos publicly accessible due to a flaw in its file‑storage website. The issue was reported in October, but the company has not remedied...
Black Hat Europe 2025: Was that Device Designed to Be on the Internet at All?
At Black Hat Europe 2025, Zero Science Lab highlighted a building‑management system used in over 1,000 global facilities that runs on an 18‑year‑old, publicly‑exposed software platform riddled with vulnerabilities. The talk traced the problem to a series of acquisitions that left security...
Black Hat Europe 2025: Reputation Matters – Even in the Ransomware Economy
At Black Hat Europe 2025, Max Smeets dissected LockBit’s ransomware‑as‑a‑service operation, revealing 194 affiliates and 80 successful ransom payments between 2022‑2024. He argued that reputation drives both victim and attacker behavior: companies that pay attract more media scrutiny, while ransomware...
Security Flaws in Freedom Chat App Exposed Users’ Phone Numbers and PINs
Freedom Chat, a secure‑messaging app launched in June, was found to expose users' phone numbers and PIN codes through two critical backend flaws. Researcher Eric Daigle demonstrated that nearly 2,000 phone numbers could be enumerated and that PINs were broadcast...
Locks, SOCs and a Cat in a Box: What Schrödinger Can Teach Us About Cybersecurity
The article likens an organization’s unseen breach risk to Schrödinger’s cat, arguing that without active visibility a firm exists in a dual breached‑or‑not state. Recent high‑profile attacks by Scattered Spider on Marks & Spencer and Jaguar Land Rover illustrate long...
The Most Dangerous 6 Weeks of the Year
A wave of cyber‑fraud targets mid‑sized manufacturers during the Thanksgiving‑to‑New Year window, exploiting altered bank routing numbers and rushed wire approvals. Employee distraction, heightened transaction volume, and reduced security staffing combine to create a perfect storm for attackers. Traditional detection tools...
CEO of South Korean Retail Giant Coupang Resigns After Massive Data Breach
Coupang’s chief executive Park Dae‑jun resigned after a data breach that exposed personal information of roughly 34 million South Koreans, about half the nation’s population. The breach, which began in June and was only detected in November, was initially down‑played as...
Seeking Symmetry During ATT&CK® Season: How to Harness Today’s Diverse Analyst and Tester Landscape to Paint a Security Masterpiece
The article maps the sprawling landscape of endpoint‑security analyst reports—from Gartner and Forrester market quadrants to AV‑Comparatives labs and MITRE ATT&CK Evaluations—showing how security leaders can stitch them together into a coherent picture. It likens the process to an artist’s...
Petco Takes Down Vetco Website After Exposing Customers’ Personal Information
Petco’s Vetco Clinics portal was partially taken offline after TechCrunch uncovered an insecure direct object reference (IDOR) that let anyone download PDF records containing owners' personal details and pet medical histories. The vulnerability exposed names, addresses, contact information, vaccination and...
The Big Catch: How Whaling Attacks Target Top Executives
Whaling attacks—spear‑phishing campaigns aimed at C‑suite leaders—are delivering multi‑million‑dollar losses, exemplified by a $8.7 million fraud that crippled Levitas Capital. Executives’ privileged access, time pressure, and public visibility make them prime targets for business‑email‑compromise schemes. The rise of generative AI now...