On December 18, 2025, cybersecurity firm Darktrace unveiled new findings regarding a perilous variant of BeaverTail malware, classified as a JavaScript-based information stealer. This malware, associated with North Korea’s infamous Lazarus Group, is part of a growing wave of cyber-attacks directed at the financial and cryptocurrency sectors. The research, disseminated…
The tech world is grappling with the fallout from the latest data vulnerability concerning Facebook users. A recent investigation highlights a significant security breach involving the quiz app NameTests, which reportedly exposed the personal information of up to 120 million users over several years. This revelation comes on the heels…
To stay updated on cybersecurity topics, explore: Blockchain & Cryptocurrency, Cryptocurrency Fraud, and Fraud Management & Cybercrime. Also: Terra Founder Do Kwon Sentenced to 15 Years in Prison Rashmi Ramesh ( rashmiramesh_) • December 18, 2025 Image: Shutterstock In its weekly roundup of cybersecurity incidents involving digital assets, Information Security…
The final deadline is approaching for US customers of AT&T to claim compensation in a significant data breach settlement, set for December 18. This settlement, amounting to $177 million, arises from allegations that AT&T failed to safeguard customer data during two separate incidents. Customers may be eligible for compensation of…
Zero-Day Vulnerability Discovered in Apache OfBiz ERP System A serious zero-day vulnerability has been identified in Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system. This flaw poses significant risks as it could potentially allow attackers to bypass essential authentication safeguards. The vulnerability is classified as CVE-2023-51467, linked specifically to…
Recent research has uncovered four new variants of HTTP request smuggling attacks that pose threats to a range of widely used web and HTTP proxy servers. Amit Klein, Vice President of Security Research at SafeBreach, shared these findings at the Black Hat security conference, emphasizing that vulnerabilities in web servers…
AI Face-Swapping App Linked to Cybercrime in Southeast Asia The artificial intelligence application Haotian, designed for face-swapping capabilities, has emerged as a major player in the realm of online fraud. This Chinese-language app has reportedly generated millions of dollars by providing its technology through platforms like Telegram, facilitating integration with…
Data Breach at Typeform Exposes User Information Typeform, a prominent data collection firm based in Spain, has reported a data breach that has potentially compromised the information of some users. This incident was identified on June 27, prompting the company to conduct a comprehensive forensic investigation to ascertain the breach’s…
Fraud Management & Cybercrime, Governance & Risk Management, Multi-factor & Risk-based Authentication Practical Steps to Enhance Security and Resilience Sean D. Mack • December 17, 2025 Image: Shutterstock Leaders of small and mid-sized enterprises (SMEs) frequently assert, “We’re too small to be a target.” This misconception endangers their organizations, especially…
