14 Malicious NuGet Packages Found Stealing Crypto Wallets and Ad Data
ReversingLabs discovers 14 malicious NuGet packages, including Netherеum.All, using homoglyphs and fake downloads to steal crypto wallets and Google Ads data.
Border Patrol Bets on Small Drones to Expand US Surveillance Reach
Federal records show CBP is moving from testing small drones to making them standard surveillance tools, expanding a network that can follow activity in real time and extend well beyond the border.
New ClickFix Attack Uses Fake Browser Fix to Install DarkGate Malware
Researchers at Point Wild have discovered a new ClickFix attack campaign that tricks users into manually installing DarkGate malware via fake browser extension alerts. Learn how this attack bypasses security by using the Windows Run box and how you can…
GNV ferry fantastic under cyberattack probe amid remote hijack fears
French prosecutors probe a suspected cyberattack on GNV ferry Fantastic, raising concerns of a possible remote hijack. French prosecutors are investigating a suspected cyberattack on the GNV ferry Fantastic, raising fears of a potential remote hijack. The ferry Fantastic sails between Sète and North Africa, and French authorities are investigating a suspected attempt to compromise […]
Askul data breach exposed over 700,000 records after ransomware attack
Askul disclosed that an October RansomHouse ransomware attack compromised over 700,000 records at the Japanese e-commerce and logistics firm. Askul is a Japanese e-commerce and logistics company best known for supplying office products, stationery, IT equipment, and everyday business consumables to companies and consumers. It operates large-scale fulfillment and delivery services across Japan and is […]
Opinion – China’s Expanding Security Footprint in Africa
The trajectory of China as a long-term player in Africa’s security will be shaped by both its global ambitions and the continent’s own agency.
Russian state hackers targeted Western critical infrastructure for years, Amazon says
Amazon disclosed a years-long Russian state-backed cyber campaign targeting Western critical infrastructure from 2021 to 2025. Amazon Threat Intelligence reports a long-running Russian state-backed campaign (2021–2025) targeting Western critical infrastructure. Threat actors shifted from exploiting vulnerabilities to abusing misconfigured network edge devices, enabling credential theft and lateral movement with lower risk. The researchers linked the […]
Microsoft Will Finally Kill an Encryption Cipher That Enabled a Decade of Windows Hacks
The weak RC4 for administrative authentication has been a hacker holy grail for decades.
U.S. CISA adds a flaw in multiple Fortinet products to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a vulnerability impacting multiple products to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability, tracked as CVE-2025-59718 (CVSS Score of 9.1), to its Known Exploited Vulnerabilities (KEV) catalog. Threat actors started exploiting two critical flaws, tracked as CVE-2025-59718 and CVE-2025-59719 (CVSS score of 9.1), […]
A cyber attack hit Petróleos de Venezuela (PDVSA) disrupting export operations
A cyber attack hit Petróleos de Venezuela (PDVSA), Venezuela’s state-owned oil company, over the weekend, disrupting its export operations. Venezuela’s state oil company PDVSA was hit by a cyberattack over the weekend that disrupted export operations. The company says the incident only affected some administrative systems and did not impact operations. “Thanks to the expertise […]