A well-known banking trojan, Qbot, has resurfaced with enhanced capabilities targeting sectors vital to national security, including government, military, and manufacturing entities across the United States and Europe. Recent research from Check Point Research reveals that this revitalized malware not only seeks to pilfer bank account credentials but also leverages…
In a significant incident highlighting the vulnerabilities within the healthcare sector, Boys Town National Research Hospital has reported a major data breach affecting personal information of over 105,000 individuals. This breach marks a notable event as it is reported to be one of the largest incidents involving data theft in…
Agentic AI, Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development AI Emerges as a Key Focus in Efforts to Mitigate Budget and Staffing Challenges Jennifer Lawinski • December 16, 2025 Minnesota joins a number of U.S. states investing in AI for modernization and cybersecurity risk management in 2026.…
In a significant data breach, activist Emma Best has publicly released over 11,000 private messages from a Twitter group associated with WikiLeaks and its close supporters, dating from 2015 to 2017. This release has exposed the internal discussions of an organization known for disseminating confidential information. The exposed messages had…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime, Network Firewalls, Network Access Control Researchers Sound Alarm Over Misconfigured Customer Network Edge Devices Mathew J. Schwartz (euroinfosec) • December 16, 2025 Image: xfilephotos/Shuttertstock Cybersecurity experts have issued a warning regarding the vulnerabilities posed by misconfigured network edge devices, emphasizing that these…
In a troubling development for the cybersecurity landscape, Visa has alerted the public to a JavaScript web skimmer called Baka. Concurrently, a group of researchers from ETH Zurich has identified a critical authentication vulnerability in Visa’s EMV-enabled payment cards, which could be exploited by cybercriminals to unlawfully extract funds from…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially included a critical vulnerability affecting Microsoft SharePoint Server in its Known Exploited Vulnerabilities (KEV) catalog, highlighting evidence of active exploitation within various environments. This vulnerability, identified as CVE-2023-29357, has garnered a significant CVSS score of 9.8, indicating its severity and…
Malicious GitHub Repository Impersonating CVE-2025-55182 Scanner Exposed A GitHub repository masquerading as a vulnerability scanner for CVE-2025-55182, commonly known as “React2Shell,” was recently uncovered as a source of malware. The project, titled React2shell-scanner, was associated with the GitHub user niha0wa but has been removed from the platform after community alerts…
Cybersecurity professionals have been well aware that cybercriminals would exploit the uncertainty surrounding the COVID-19 pandemic to enhance their cyberattacks. Malicious communications have frequently incorporated COVID-19 themes, leveraging public fear to increase their effectiveness. Though anecdotal evidence has suggested various forms of pandemic-related cyberattacks, concrete data regarding their true impact…
