Top 10 financial services stories of 2025
Large financial service companies often drive the enterprise IT sector, with the ability to invest large amounts to pioneer the use of certain technologies. The…
Month: December 2025
U.S. CISA adds a flaw in Digiever DS-2105 Pro to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a flaw in Digiever DS-2105 Pro to its Known Exploited Vulnerabilities catalog Pierluigi Paganini December 23, 2025 U.S. Cybersecurity and Infrastructure Security…
Malicious Chrome Extensions as VPN Intercept User Traffic to Steal Credentials
Two fake Chrome extensions named “Phantom Shuttle” are deceiving thousands of users by posing as legitimate VPN services while secretly intercepting their web traffic and…
Shinhan Card Data Breach Affects 192,000 Merchants
The Shinhan Card data breach has exposed the personal information of approximately 192,000 card merchants, the South Korea–based financial services company confirmed on Tuesday. The…
How Wallarm Redefines Agentic AI Security — API Security
Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that…
A critical flaw in Windows Imaging Component
ESET researchers examined CVE‑2025‑50165, a serious Windows vulnerability described to grant remote code execution by merely opening a specially crafted JPG file – one of…
Threat Actors Weaponizing Nezha Monitoring Tool as Remote Access Trojan
Researchers at Ontinue’s Cyber Defense Center have uncovered a significant threat as attackers exploit Nezha, a legitimate open-source server monitoring tool, for post-exploitation access. The…
Cloud security is stuck in slow motion
Cloud environments are moving faster than the systems meant to protect them. A new Palo Alto Networks study shows security teams struggling to keep up…
Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances
Dec 23, 2025Ravie LakshmananVulnerability / Workflow Automation A critical security vulnerability has been disclosed in the n8n workflow automation platform that, if successfully exploited, could…
CISA Adds Digiever Authorization Vulnerability to KEV List Following Active Exploitation
A critical vulnerability affecting Digiever DS-2105 Pro network video recorders was added to the Known Exploited Vulnerabilities (KEV) catalog on December 22, 2025, following evidence…
Weak enforcement keeps PCI DSS compliance low
Payment card breaches continue to surface across industries, even after years of investment in security standards. A new study links this pattern to enforcement, showing…
FCC Bans Foreign-Made Drones and Key Parts Over U.S. National Security Risks
Dec 23, 2025Ravie LakshmananCybersecurity / Surveillance The U.S. Federal Communications Commission (FCC) on Monday announced a ban on all drones and critical components made in…