05/69 Tuesday, January 6, 2026 Sedgwick, a global provider of claims management and risk administration services, has disclosed a cybersecurity incident affecting one of its U.S. government contracting units, Sedgwick Government Solutions, after the TridentLocker ransomware group claimed it had accessed and exfiltrated approximately 3.4 GB of data. The incident was publicly disclosed around New […]
04/69 Tuesday, January 6, 2026 Cybersecurity researchers from Check Point have revealed a newly discovered phishing campaign that employs a sophisticated technique by abusing Google Cloud Application Integration, an automation feature provided by Google, to send fraudulent emails to victims. What makes this campaign particularly concerning is that the phishing emails are sent from a […]
03/69 Monday, January 5, 2026 Finnish authorities have seized a cargo vessel and detained its crew following an incident in which an undersea internet cable operated by Elisa, connecting Finland and Estonia, was severed in the early hours of New Year’s Day. Finland’s maritime authorities reported that the vessel was observed dragging its anchor across […]
02/69 Monday, January 5, 2026 Covenant Health, a U.S.-based healthcare organization, disclosed that it suffered a ransomware cyberattack in May 2025, resulting in the unauthorized access to personal and health information of more than 478,000 individuals. Covenant Health provides medical services through hospitals and healthcare facilities across several states, including Massachusetts, Maine, New Hampshire, Pennsylvania, […]
01/69 Monday, January 5, 2026 Recent data from Shadowserver reveals that more than 10,000 Fortinet firewall devices remain exposed to the internet without having applied critical security patches and are actively at risk of exploitation via CVE-2020-12812, a severe vulnerability first disclosed in 2020. Statistics indicate that Asia is the most affected region, with over […]
557/68 Tuesday, December 30, 2025 Emurasoft, the developer of the text and code editor EmEditor, has issued a security warning after discovering a supply chain attack in which attackers modified the “Download Now” button link on the official website. As a result, users who downloaded the software between December 19 at 09:39 and December 22 […]
556/68 Tuesday, December 30, 2025 Blockchain intelligence firm TRM Labs has revealed that vault backups stolen during the 2022 LastPass data breach are still being actively cracked, enabling ongoing cryptocurrency theft through 2025, particularly in cases where users set weak or insufficiently complex master passwords. This incident highlights how a single data breach can create […]
555/68 Tuesday, December 30, 2025 A hacker using the alias “Lovely” has published a database containing more than 2.3 million user records from WIRED[.]com on an underground hacker forum. Verification confirms that the leaked data is authentic and includes over 2.3 million email addresses along with subscriber identification details. Approximately 12% of the records contain […]
554/68 Monday, December 29, 2025 Cybersecurity researchers have identified a malicious NPM package named “Lotusbail”, which has been downloaded more than 56,000 times. The package masquerades as a WhatsApp Web API library built on top of Baileys. While it functions normally for sending and receiving messages, it secretly embeds capabilities to intercept sensitive user data, […]
553/68 Monday, December 29, 2025 A serious security vulnerability has been identified in MongoDB, tracked as CVE-2025-14847, with a CVSS score of 8.7. The flaw could allow unauthenticated remote attackers to read uninitialized heap memory from a MongoDB server. The issue stems from inconsistent handling of the length parameter in MongoDB’s Zlib-based network compression protocol, […]
