MongoDB Unveils Enhanced Security Features at Developer Conference In a recent developer conference held in New York, MongoDB announced the upcoming release of its database management software, MongoDB 4.2, which will introduce several advanced features, most notably Field Level Encryption (FLE), Distributed Transactions, and Wildcard Indexes. These enhancements aim to…
Artificial Intelligence & Machine Learning, Cybercrime, Fraud Management & Cybercrime Chinese Developer Linked to Coupang Data Breach Investigation Mathew J. Schwartz (euroinfosec) • December 2, 2025 Image: Shutterstock South Korea’s leading e-commerce platform, Coupang, has reported a substantial data breach that potentially exposed the personal data of 33.7 million customers—a…
AT&T Reaches Settlement in Major Data Breach Case In a significant development for consumers, AT&T has announced the finalization of its settlement related to a series of data breaches that affected its customers. This settlement, which totals up to $177 million, will provide affected individuals with compensation ranging from $100…
In a recent advisory, cybersecurity and intelligence agencies from the United States and allied nations have alerted users of Ubiquiti EdgeRouters to strengthen their security measures. This advisory follows the disruption of a botnet named MooBot, which consisted of compromised routers and was dismantled by law enforcement during an operation…
Cybersecurity analysts have recently identified a new malware strain dubbed “Raindrop” as part of the SolarWinds supply chain attack, a significant breach that was uncovered late last year. This fourth strain adds to the existing suite of malicious tools, including Sunspot, Sunburst (also referred to as Solorigate), and Teardrop, all…
The Information Commissioner’s Office (ICO) of the UK has levied a groundbreaking fine of £183 million against British Airways for insufficient data protection in a substantial security breach that compromised the personal information of approximately half a million customers. This incident, which unfolded last year, involved unauthorized access to sensitive…
Endpoint Security, Governance & Risk Management, Internet of Things Security Hackers Could Manipulate Settings of At-Home Life 2000 Ventilation System Marianne Kolbasuk McGee (HealthInfoSec) • December 1, 2025 The FDA has issued a “permanent recall” alert regarding Baxter’s Life 2000 ventilation system, attributed to a cyber vulnerability that endangers patient…
Recent investigations have uncovered two distinct cyber espionage groups allegedly linked to China: UNC5325 and UNC3886, both exploiting vulnerabilities in Ivanti Connect Secure VPN appliances. UNC5325 is reported to have utilized the critical vulnerability tracked as CVE-2024-21893, distributing various malware strains, including LITTLELAMB.WOOLTEA and PITDOG, among others. According to Mandiant,…
A major phishing campaign has recently been identified, targeting businesses worldwide and successfully circumventing Microsoft Office 365’s Advanced Threat Protection (ATP). This offensive has reportedly led to the credentials of over a thousand corporate employees being compromised, with origins traced back to August of the previous year. According to a…
