Security Operations Urgent Patches Released for MongoBleed as Ransomware Groups Exploit Vulnerability to Access Data Mathew J. Schwartz (euroinfosec) • December 30, 2025 Image: Michael Vi/Shutterstock A significant number of MongoDB databases, many of which are accessible on the internet, are currently at risk due to a critical vulnerability known…
Hackers have taken advantage of vulnerabilities in Oracle E-Business Suite during a coordinated global attack. Korean Air has recently reported a data breach impacting approximately 30,000 employees, involving compromised records from a system belonging to a former subsidiary. Detailed information concerning this incident can be found in a comprehensive disclosure.…
Atlassian has issued a critical security warning regarding a significant vulnerability in Confluence Data Center and Server, which poses the risk of substantial data loss if exploited by unauthenticated attackers. The vulnerability, identified as CVE-2023-22518, has been assigned a critical rating of 9.1 on the CVSS scale, categorizing it as…
Chinese Hacking Group Rancor Targets Southeast Asian Governments with Advanced Phishing Campaign Phishing remains a prominent tactic employed by cybercriminals and espionage organizations to infiltrate target systems. Despite advancements in threat detection and increased public awareness over the past decade, sophisticated phishing attacks continue to pose a significant risk to…
Cybersecurity Incident: Mandiant Analyst Data Breach Exposes Sensitive Information A significant cybersecurity breach has reportedly compromised the data of a senior analyst at Mandiant, a Virginia-based cybersecurity firm owned by FireEye. According to sources, an anonymous hacking group claims to have infiltrated Mandiant’s internal networks, allegedly maintaining access since 2016.…
Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development, Recruitment & Reskilling Strategy Three Years Since GenAI’s Launch: Fewer New Roles Than Anticipated Rashmi Ramesh ( rashmiramesh_) • December 30, 2025 Image: TippaPatt/Shutterstock Three years after the public launch of ChatGPT in November 2022, the anticipated revolution in artificial…
By Jenny Lee (December 31, 2025, 01:30 GMT) — A series of significant data breaches in South Korea throughout 2025 has highlighted the fragility of security measures, even among the nation’s most prominent digital platforms. This unsettling series of incidents exposed the vulnerabilities inherent in systems that many consumers trust,…
The Forum of Incident Response and Security Teams (FIRST) has introduced CVSS v4.0, revamping the Common Vulnerability Scoring System standard for the first time in over eight years. This latest iteration follows the release of CVSS v3.0 in June 2015 and seeks to enhance precision in vulnerability assessment across various…
In the latest cybersecurity alert, a critical unpatched zero-day vulnerability has emerged within the Android operating system, the most prevalent mobile OS globally. This vulnerability, discovered by a researcher from Google’s Project Zero team, poses significant risks as it has been actively exploited in the wild by the notorious Israeli…
