MuddyWater cyber campaign adds new backdoors in latest wave of attacks
ESET researchers say an Iran aligned threat group is refining its playbook again, and the latest activity shows how much its tactics have shifted. MuddyWater…
Month: December 2025
How the RAC offers a shorter road to recovery
Thank you for joining! Access your Pro+ Content below. 2 December 2025 How the RAC offers a shorter road to recovery Share this item with…
Glassworm Malware Targets OpenVSX and Microsoft Visual Studio with 24 New Malicious Packages
Security threats rarely adhere to holiday schedules, and while developers may take time off, malicious actors are working overtime. A significant new wave of software…
Sonesta International Hotels Implements Industry-Leading Cloud Security Through AccuKnox Collaboration
Travel and hospitality industry leader Sonesta International Hotels partners with AccuKnox to deploy Zero Trust Integrated Application and Cloud Security [ASPM and CNAPP (Cloud Native…
Apache Struts Flaw Allows Attackers to Launch Disk Exhaustion Attacks
A new security flaw has been found in Apache Struts, a popular open‑source web application framework used by many companies worldwide. The issue, tracked as CVE‑2025‑64775,…
Google Patches 107 Android Flaws, Including Two Framework Bugs Exploited in the Wild
Dec 02, 2025Ravie LakshmananMobile Security / Vulnerability Google on Monday released monthly security updates for the Android operating system, including two vulnerabilities that it said…
South Korea’s Coupang took 5 months to spot data leak affecting over 33 million people
South Korea’s president ordered on Tuesday swift action to penalise those responsible for a major data leak at e-commerce giant Coupang affecting more than 33…
Google Patches Android 0-Day Vulnerabilities Exploited in the Wild
Google has released critical security updates to address multiple zero-day vulnerabilities affecting Android devices worldwide. The December 2025 security bulletin reveals that threat actors are…
Google Fixes Android Zero-Day Flaws Actively Exploited in the Wild
Google has released critical security patches addressing two high-severity zero-day vulnerabilities in Android that are currently being exploited in limited, targeted attacks. The vulnerabilities, disclosed…
Attackers keep finding new ways to fool AI
AI development keeps accelerating while the safeguards around it move on uneven ground, according to The International AI Safety Report. Security leaders are being asked…
Critical SQL Injection Flaw Hits Devolutions Server
A batch of new vulnerabilities in Devolutions Server targets organizations that depend on the platform to manage privileged accounts, passwords, and sensitive authentication data. Devolutions…
OpenVPN Vulnerabilities Let Hackers Triggers Dos Attack and Bypass Security Checks
OpenVPN has released critical security updates for its 2.6 stable and 2.7 development branches, addressing three vulnerabilities that could lead to local denial-of-service (DoS), security…