How 2025 Became The Year Of The Cyberattack For British Businesses
As 2025 winds down, business leaders and executives will feel it has been a particularly expensive year as the cost of employment shot up, inflation…
Month: December 2025
MongoBleed flaw actively exploited in attacks in the wild
MongoBleed flaw actively exploited in attacks in the wild Pierluigi Paganini December 29, 2025 A recently disclosed MongoDB flaw (MongoBleed) is under active exploitation, with…
Critical ‘MongoBleed’ Flaw Exploited In The Wild To Leak Database Secrets
The cybersecurity world is facing a “Heartbleed” moment for the NoSQL era. A critical vulnerability in MongoDB, the world’s most popular non-relational database, is being…
Korean Air data breach exposes data of thousands of employees
Korean Air experienced a data breach affecting thousands of employees after Korean Air Catering & Duty-Free (KC&D), its in-flight catering supplier and former subsidiary, was…
Critical 0day flaw Exposes 70k XSpeeder Devices as Vendor Ignores Alert – Hackread – Cybersecurity News, Data Breaches, AI, and More
Imagine a master key that opens the front door to 70,000 businesses, but the locksmith refuses to fix the vulnerability. This is exactly what’s happening…
Microsoft Copilot is rolling out GPT 5.2 as “Smart Plus” mode
Microsoft is rolling out GPT 5.2 to Copilot on the web, Windows, and mobile as a free upgrade, and it’ll coexist with the GPT 5.1…
The Worst Hacks of 2025
It was a strange year in cyberspace, as US president Donald Trump and his administration launched foreign policy initiatives and massive changes to the federal…
Malware in 2025 spread far beyond Windows PCs
This blog is part of a series highlighting new and concerning trends we noticed over the last year. Trends matter because they almost always provide…
Fortinet warns of 5-year-old FortiOS 2FA bypass still exploited in attacks
Fortinet has warned customers that threat actors are still actively exploiting a critical FortiOS vulnerability that allows them to bypass two-factor authentication (2FA) when targeting…
The New Surveillance State Is You
Privacy isn’t dead. Just ask Kristi Noem. The Department of Homeland Security secretary has spent 2025 trying to convince the American public that identifying roving…
Grigol Liluashvili Arrested In Georgia Corruption Case
Georgia’s former Head of the State Security Service, Grigol Liluashvili, has been arrested following an investigation into alleged corruption, bribery, and abuse of power. The…
Windows LPE Vulnerabilities via Kernel Drivers and Named Pipes Allows Privilege Escalation
Security researchers are increasingly focusing on privilege escalation attacks through two primary Windows attack surfaces: kernel drivers and named pipes. These vectors exploit fundamental trust…