Google is shutting down its dark web report feature in January
Google is discontinuing its “dark web report” security tool, stating that it wants to focus on other tools it believes are more helpful. Google’s dark…
Month: December 2025
Frogblight Android Malware Spoofs Government Sites to Collect SMS and Device Details
Kaspersky security researchers have uncovered a sophisticated Android banking Trojan called Frogblight that targets Turkish users by impersonating legitimate government applications. First detected in August…
New SantaStealer malware steals data from browsers, crypto wallets
A new malware-as-a-service (MaaS) information stealer named SantaStealer is being advertised on Telegram and hacker forums as operating in memory to avoid file-based detection. According…
AI Pentesting Tool That Autonomously Identifies and Exploits Code Vulnerabilities
Keygraph has unveiled Shannon, a fully autonomous artificial intelligence pentester designed to discover and execute real exploits in web applications. Unlike conventional vulnerability scanners that generate…
Wireshark 4.6.2 Released With Crash Vulnerability Fixes and Protocol Updates
Wireshark, the world’s leading network protocol analyzer, has released version 4.6.2 with critical security updates and important bug fixes. The update addresses compatibility issues, resolves…
PornHub extorted after hackers steal Premium member activity data
Adult video platform PornHub is being extorted by the ShinyHunters extortion gang after the search and watch history of its Premium members was reportedly stolen…
Critical pgAdmin Vulnerability Let Attackers Execute Shell Commands on the Host
A severe security vulnerability has been uncovered in pgAdmin 4, the popular open-source PostgreSQL database management tool. Tracked as CVE-2025-13780, this critical flaw allows attackers…
xHunt APT Exploits Microsoft Exchange and IIS to Deploy Custom Backdoors
xHunt, a sophisticated cyber-espionage group with a laser focus on organizations in Kuwait, has continued to demonstrate advanced capabilities in infiltrating critical infrastructure. The group’s…
Nvidia buys AI developer to expand open-source AI push
Nvidia has acquired AI software firm SchedMD as the chip designer doubles down on open-source technology and steps up investments in the artificial intelligence ecosystem…
Apache StreamPark Vulnerability Let Attackers Access Sensitive Data
A critical security vulnerability has been discovered in Apache StreamPark that could allow attackers to decrypt sensitive information and gain unauthorized system access. The vulnerability…
PCPcat Malware Leverages React2Shell Vulnerability to Breach 59,000+ Servers
A sophisticated attack campaign attributed to a group identifying as “PCP” has compromised 59,128 servers in less than 48 hours by exploiting critical Next.js vulnerabilities.…
Federal chief AI officer roles set to go to existing APS staffers
A government mandate to appoint chief AI officers by July next year appears set to be fulfilled by incorporating the responsibilities into an existing senior…