-
New ErrTraffic service enables ClickFix attacks via fake browser glitches
A new cybercrime tool called ErrTraffic allows threat actors to automate ClickFix attacks by generating 'fake glitches' on compromised websites to lure users into downloading payloads or following malicious instructions
- December 30, 2025
- 04:08 PM
0
-
This PDF editor alternative is only $40 for a lifetime subscription
If you want an alternative to apps like Adobe Acrobat, try PDF Agile instead. PDF Agile is a simple PDF tool that covers everyday editing, conversion, and page management in one, and a lifetime subscription is now only $39.99 (reg. $119).
- December 30, 2025
- 02:06 PM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
European Space Agency confirms breach of "external servers"
The European Space Agency (ESA) confirmed that attackers recently breached servers outside its corporate network, which contained what it described as "unclassified" information on collaborative engineering activities.
- December 30, 2025
- 11:26 AM
- 0
-
Zoom Stealer browser extensions harvest corporate meeting intelligence
A newly discovered campaign, which researchers call Zoom Stealer, is affecting 2.2 million Chrome, Firefox, and Microsoft Edge users through 18 extensions that collect online meeting-related data like URLs, IDs, topics, descriptions, and embedded passwords.
- December 30, 2025
- 10:41 AM
- 0
-
US cybersecurity experts plead guilty to BlackCat ransomware attacks
Two former employees of cybersecurity incident response companies Sygnia and DigitalMint have pleaded guilty to targeting U.S. companies in BlackCat (ALPHV) ransomware attacks in 2023.
- December 30, 2025
- 10:25 AM
- 2
-
CISA orders feds to patch MongoBleed flaw exploited in attacks
CISA ordered U.S. federal agencies to patch an actively exploited MongoDB vulnerability (MongoBleed) that can be exploited to steal credentials, API keys, and other sensitive data.
- December 30, 2025
- 09:40 AM
- 0
-
Forget recurring fees—1TB of Koofr cloud storage is $130 for life
Secure your data in the cloud without shelling out a monthly fee to Apple or Google; this 1TB Koofr plan is just $129.99 for a lifetime of access when you use promo code KOOFR at checkout.
- December 30, 2025
- 07:11 AM
- 0
-
Chinese state hackers use rootkit to hide ToneShell malware activity
A new sample of the ToneShell backdoor, typically seen in Chinese cyberespionage campaigns, has been delivered through a kernel-mode loader in attacks against government organizations.
- December 29, 2025
- 07:08 PM
- 0
-
Coupang to split $1.17 billion among 33.7 million data breach victims
Coupang, the largest retailer in South Korea, announced $1.17 billion (1.685 trillion Won) total compensation for the 33.7 million customers whose information was exposed in the data breach discovered last month.
- December 29, 2025
- 05:27 PM
- 0
-
Hacker arrested for KMSAuto malware campaign with 2.8 million downloads
A Lithuanian national has been arrested for his alleged involvement in infecting 2.8 million systems with clipboard-stealing malware disguised as the KMSAuto tool for illegally activating Windows and Office software.
- December 29, 2025
- 02:25 PM
- 1
-
极速全国最快赛车一分钟+168赛车极速历史数据 实时精准直播赛果 Trust Wallet says 2,596 wallets drained in $7 million crypto theft attack
Trust Wallet says attackers who compromised its browser extension right before Christmas have drained approximately $7 million from nearly 3,000 cryptocurrency wallet addresses.
- December 29, 2025
- 11:43 AM
- 1
-
The Real-World Attacks Behind OWASP Agentic AI Top 10
OWASP's new Agentic AI Top 10 highlights real-world attacks already targeting autonomous AI systems, from goal hijacking to malicious MCP servers. Koi Security breaks down real-world incidents behind multiple categories, including two cases cited by OWASP, showing how agent tools and runtime behavior are being abused.
- December 29, 2025
- 10:00 AM
- 0
-
ChatGPT finally rolls out Thinking time toggle on mobile
OpenAI is rolling out an update to ChatGPT on mobile that finally allows you to select the Thinking time toggle, also called "juice" of the model.
- December 29, 2025
- 10:00 AM
- 0
-
Romanian energy provider hit by Gentlemen ransomware attack
A ransomware attack hit Oltenia Energy Complex (Complexul Energetic Oltenia), Romania's largest coal-based energy producer, on the second day of Christmas, taking down its IT infrastructure.
- December 29, 2025
- 09:26 AM
- 0
-
Former Coinbase support agent arrested for helping hackers
A former Coinbase customer service agent was arrested in India for helping hackers earlier this year steal sensitive customer information from a company database.
- December 29, 2025
- 09:16 AM
- 2
-
Korean Air data breach exposes data of thousands of employees
Korean Air experienced a data breach affecting thousands of employees after Korean Air Catering & Duty-Free (KC&D), its in-flight catering supplier and former subsidiary, was recently hacked.
- December 29, 2025
- 08:08 AM
- 0
-
Microsoft Copilot is rolling out GPT 5.2 as "Smart Plus" mode
Microsoft is rolling out GPT 5.2 to Copilot on the web, Windows, and mobile as a free upgrade, and it'll coexist with the GPT 5.1 model.
- December 29, 2025
- 07:23 AM
- 0
-
Learn Python, C++, and more with this $25 all-in-one coding bundle
Whether you're just starting out with Python or C++, looking to build websites, or eager to dive into machine learning and data visualization, this bundle covers it all. For a limited time, you can get lifetime access to the full bundle for $24.97 (MSRP $260).
- December 29, 2025
- 07:09 AM
- 0
-
Fortinet warns of 5-year-old FortiOS 2FA bypass still exploited in attacks
Fortinet has warned customers that threat actors are still actively exploiting a critical FortiOS vulnerability that allows them to bypass two-factor authentication (2FA) when targeting vulnerable FortiGate firewalls.
- December 29, 2025
- 06:16 AM
- 1
-
体彩168全国极速统一开奖网、168赛车极速历史数据Exploited MongoBleed flaw leaks MongoDB secrets, 87K servers exposed
A severe vulnerability affecting multiple MongoDB versions, dubbed MongoBleed (CVE-2025-14847), is being actively exploited in the wild, with over 80,000 potentially vulnerable servers exposed on the public web.
- December 28, 2025
- 03:38 PM
- 0
0
