Google-owned Wiz discovers 4.75 million exposed records in AI social network Moltbook, including 1.5M API tokens and plaintext OpenAI keys—all because Row Level Security was never enabled on the “vibe-coded” platform.
Chinese state-sponsored threat actors hijacked Notepad++ update infrastructure for nearly six months, deploying a sophisticated custom backdoor called Chrysalis to selectively targeted victims.
A newly formed Russian hacktivist alliance called Russian Legion has launched OpDenmark, a coordinated cyberattack campaign against Danish critical infrastructure in retaliation for the country’s 1.5 billion DKK military aid package to Ukraine.
The tables have turned: BreachForums, one of the largest dark web marketplaces for stolen data, has been breached. A disgruntled insider leaked the real identities of nearly 324,000 cybercriminals, including email addresses, IP addresses, and connections to notorious groups like ShinyHunters.
State-sponsored hackers exploited SonicWall’s MySonicWall cloud breach to launch a ransomware attack affecting 74 US banks and credit unions, compromising data of over 400,000 individuals. The attack demonstrates how third-party security breaches can cascade into devastating downstream attacks.
Nike confirms it is investigating a potential breach after the World Leaks ransomware gang claimed to have stolen 1.4 TB of corporate data. The group, a rebrand of Hunters International, has targeted major organizations including the U.S. Marshals Service and Tata Technologies.
Russian state-sponsored threat actors launched coordinated cyberattacks against Poland’s energy sector on December 29, 2025, targeting over 30 wind and solar farms, a manufacturing company, and a major combined heat and power (CHP) plant that serves nearly 500,000 people, according to CERT Polska. The attacks aimed to cause sabotage during a period of severe winter…
CVE-2025-0921 in Iconics Suite SCADA allows attackers to exploit privileged file operations to corrupt critical system binaries and crash Windows systems through symbolic link attacks.
A global study by OMICRON reveals critical cybersecurity weaknesses in power grid OT networks, including unpatched devices, weak segmentation, and asset blind spots that leave critical infrastructure vulnerable to attack.
Google Threat Intelligence reveals widespread exploitation of CVE-2025-8088 by Russian APT groups, Chinese actors, and cybercriminals. The WinRAR path traversal flaw enables payload delivery via the Windows Startup folder, with active campaigns targeting Ukraine, LATAM, and financial sectors.
