In response to emerging security concerns, Google has underscored the importance of using HTTPS by marking all non-HTTPS websites as ‘Not Secure’ in its Chrome 68 browser update. This shift aims to enhance the security landscape for internet users. Additionally, the upgraded version addresses critical vulnerabilities that may put private…
Data Breach Notification, Data Security, Healthcare Data Breach At National Accident Health Exposes Medical Information of 181,000 Individuals Marianne Kolbasuk McGee (HealthInfoSec) • December 15, 2025 The NAHGA has issued notifications to 181,000 individuals regarding an April breach that may have compromised their medical claims data. (Image: NAHGA) A breach…
In a significant cybersecurity breach, the adult video platform PornHub has fallen victim to extortion attempts from the ShinyHunters hacking group. This follows the reported theft of search and viewing history concerning PornHub’s Premium members, which stemmed from a recent compromise of analytics provider Mixpanel. Last week, PornHub issued a…
Recent reports have detailed a sophisticated cybersecurity incident affecting Ivanti Connect Secure (ICS) VPN appliances, where suspected nation-state actors have exploited two critical zero-day vulnerabilities since early December 2023. The vulnerabilities, identified as CVE-2023-46805 and CVE-2024-21887, have enabled attackers to deploy multiple malware families, allowing them to bypass authentication mechanisms…
New Linux Malware Targets VoIP Systems to Steal Call Metadata Cybersecurity experts have identified a novel strain of Linux malware named “CDRThief,” specifically engineered to exploit vulnerabilities in voice over IP (VoIP) softswitches. This malware aims to extract sensitive phone call metadata from compromised systems, raising significant concerns for businesses…
Microsoft has disclosed its ongoing efforts to phase out the RC4 cryptographic algorithm, a challenge that has persisted for over a decade. According to Steve Syfuhs, who leads the Windows Authentication team at Microsoft, eliminating an algorithm that has been a part of operating systems for the last 25 years…
T-Mobile Confirms Data Breach Affecting Up to 2 Million Customers T-Mobile has announced a significant security breach on its U.S. servers, revealing that sensitive personal information for nearly 2 million customers may have been compromised. The incident occurred on August 20, and T-Mobile disclosed that the exposed data includes names,…
In a significant revelation that raises alarms for professionals regarding online privacy, cybersecurity researcher Bob Diachenko, in collaboration with nexos.ai, uncovered an unsecured MongoDB database on November 23, 2025. This massive dataset, consisting of approximately 16 terabytes (TB) of information, was left exposed on the internet, revealing an astonishing 4.3…
Malicious GitHub Repository Impersonating CVE-2025-55182 Scanner Exposed A GitHub repository masquerading as a vulnerability scanner for CVE-2025-55182, commonly known as “React2Shell,” was recently uncovered as a source of malware. The project, titled React2shell-scanner, was associated with the GitHub user niha0wa but has been removed from the platform after community alerts…
