Emergence of the Dark_Nexus IoT Botnet: A New Threat to Cybersecurity Cybersecurity experts have unveiled a sophisticated new IoT botnet known as “dark_nexus,” which is leveraging compromised smart devices to launch distributed denial-of-service (DDoS) attacks. This emerging threat can be triggered on demand through platforms offering DDoS-for-hire services, placing numerous…
Topics: Fraud Management & Cybercrime, Fraud Risk Management, Ransomware Additional Coverage: SudamericaData Leak, RaccoonO365 Arrest, and Nefilim Case Update By Pooja Tikekar (@PoojaTikekar) • December 25, 2025 Image: Shutterstock/ISMG Every week, the Information Security Media Group provides a roundup of global cybersecurity incidents and data breaches. In this edition, a…
LastPass to Pay Up to $24 Million Following Data Breach Settlement LastPass, a well-known password management service, has reached a settlement agreement valued at up to $24 million in response to a lawsuit arising from a significant data breach. The settlement entails a direct payout of $8.2 million to address…
Google has distributed critical security updates addressing seven vulnerabilities in its Chrome browser, one of which is a high-severity zero-day exploit currently being weaponized in the wild. This vulnerability, identified as CVE-2023-6345, is classified as an integer overflow flaw within Skia, an open-source 2D graphics library frequently utilized in web…
As hospitals globally grapple with the ongoing coronavirus pandemic, cybercriminals are intensifying their attacks on vulnerable healthcare institutions. The latest report from Palo Alto Networks reveals that threat actors are exploiting this crisis, targeting organizations at the forefront of pandemic response with ransomware and data-stealing malware. According to the report…
Uber’s Concealed Data Breach Exposed Personal Information of 57 Million Users Uber Technologies Inc. has found itself in the spotlight yet again, this time due to revelations surrounding a significant data breach that took place in October 2016. The company has acknowledged that the breach compromised the personal data of…
Fraud Management & Cybercrime, Fraud Risk Management Experts Warn AI-Driven Scams May Soon Surpass Human Tactics in Effectiveness Suparna Goswami (gsuparna) • December 24, 2025 Jorij Abraham, Managing Director, Global Anti-Scam Alliance Despite massive scam losses reaching $442 billion across 42 countries last year, many individuals remain confident in their…
South Korea implements facial recognition for SIM registration to mitigate phone scams Increased mobile fraud severity has prompted regulators to enforce stricter verification measures Security lapses in telecommunications have led authorities to redefine account approval processes In a significant policy shift, South Korea is enhancing the mobile account registration process…
A critical security vulnerability affecting Apache ActiveMQ has recently been revealed, with threat actors actively exploiting it to deploy a new Go-based botnet named GoTitan alongside a remote access tool called PrCtrl Rat. This latter program facilitates remote control of compromised systems. The assaults are centered around a remote code…
