WhatsApp, one of the world’s leading messaging applications, boasts a staggering user base exceeding 3 billion. However, its extensive reach has also made it a prime target for cybercriminals. Recently, researchers uncovered a new form of account hijacking termed “GhostPairing,” allowing attackers to link their browsers to unsuspecting users’ WhatsApp…
GitHub Vulnerability Exposes Over 15,000 Go Repositories to Repojacking Attacks Recent research has unveiled that more than 15,000 Go module repositories on GitHub are at risk of repojacking attacks, a significant cybersecurity concern. Jacob Baines, Chief Technology Officer at VulnCheck, reported that over 9,000 of these vulnerabilities stem from changes…
In an era where technology is deeply integrated into healthcare, the introduction of smart eyewear, such as the Meta-AI Ray-Ban glasses, has sparked significant privacy and security concerns. Garrett Zickgraf, a cybersecurity expert with LBMC, highlighted that these glasses are equipped with microphones and cameras, enabling them to connect to…
Cybercrime, Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Vercel Issues Warning: Two Additional Vulnerabilities in React Server Components Urgently Require Patching Mathew J. Schwartz (@euroinfosec) • December 15, 2025 Image: Shutterstock/React/ISMG Experts warn that the React2Shell vulnerability is being exploited en masse by state-sponsored attackers connected to China, North…
Google’s Practices Under Scrutiny by EU Regulators The European Union is intensifying its scrutiny of Google’s competitive tactics with a new investigation focusing on the company’s use of artificial intelligence (AI) in generating search result summaries. This probe aims to determine whether Google has been using content from publishers to…
Australia Shifts to Voluntary AI Framework, Leaving Regulatory Gaps On December 2, 2025, the Australian government unveiled a national strategy that favors voluntary frameworks for artificial intelligence, diverging sharply from its earlier proposal for enforceable regulations. Three months prior, officials had advocated for a set of ten mandatory guardrails designed…
A significant international coalition, encompassing several nations, including the United States, the United Kingdom, and France, alongside major tech companies such as Google, Microsoft, and Meta, has formalized an agreement aimed at combating the misuse of commercial spyware for human rights violations. This initiative, known as the Pall Mall Process,…
Data Privacy, Data Security, Fraud Management & Cybercrime Class Action Lawsuit Claims Web Trackers Misused Patient Data Marianne Kolbasuk McGee (HealthInfoSec) • December 2, 2025 Kaiser Permanente has agreed to pay up to $47.5 million to resolve class action litigation related to its website tracking activities. Kaiser Permanente has reached…
Recent reports indicate a wave of attacks targeting Facebook users through malicious messaging tactics. Threat actors are utilizing a Python-based information stealer identified as Snake, which is specifically engineered to capture user credentials and sensitive information. According to Cybereason researcher Kotaro Ogino, the stolen credentials are sent to various platforms,…
