Barracuda Networks disclosed a serious cybersecurity incident involving a zero-day vulnerability within its Email Security Gateway (ESG) appliances, allegedly exploited by Chinese threat actors. This vulnerability has been designated as CVE-2023-7102 and has led to the deployment of backdoors on a select number of affected devices. The vulnerability involves an…
Recent disclosures from US intelligence agencies reveal an alarming resurgence of a 12-year-old strain of malware, known as “Taidoor.” This variant is believed to be employed by state-sponsored actors from China, targeting a wide array of institutions, including government bodies, corporations, and think tanks. The malware, which has been active…
On December 18, 2025, cybersecurity firm Darktrace unveiled new findings regarding a perilous variant of BeaverTail malware, classified as a JavaScript-based information stealer. This malware, associated with North Korea’s infamous Lazarus Group, is part of a growing wave of cyber-attacks directed at the financial and cryptocurrency sectors. The research, disseminated…
The tech world is grappling with the fallout from the latest data vulnerability concerning Facebook users. A recent investigation highlights a significant security breach involving the quiz app NameTests, which reportedly exposed the personal information of up to 120 million users over several years. This revelation comes on the heels…
To stay updated on cybersecurity topics, explore: Blockchain & Cryptocurrency, Cryptocurrency Fraud, and Fraud Management & Cybercrime. Also: Terra Founder Do Kwon Sentenced to 15 Years in Prison Rashmi Ramesh ( rashmiramesh_) • December 18, 2025 Image: Shutterstock In its weekly roundup of cybersecurity incidents involving digital assets, Information Security…
The final deadline is approaching for US customers of AT&T to claim compensation in a significant data breach settlement, set for December 18. This settlement, amounting to $177 million, arises from allegations that AT&T failed to safeguard customer data during two separate incidents. Customers may be eligible for compensation of…
Zero-Day Vulnerability Discovered in Apache OfBiz ERP System A serious zero-day vulnerability has been identified in Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system. This flaw poses significant risks as it could potentially allow attackers to bypass essential authentication safeguards. The vulnerability is classified as CVE-2023-51467, linked specifically to…
Recent research has uncovered four new variants of HTTP request smuggling attacks that pose threats to a range of widely used web and HTTP proxy servers. Amit Klein, Vice President of Security Research at SafeBreach, shared these findings at the Black Hat security conference, emphasizing that vulnerabilities in web servers…
AI Face-Swapping App Linked to Cybercrime in Southeast Asia The artificial intelligence application Haotian, designed for face-swapping capabilities, has emerged as a major player in the realm of online fraud. This Chinese-language app has reportedly generated millions of dollars by providing its technology through platforms like Telegram, facilitating integration with…
