Latest Internet & Cybersecurity News
Trusted Insiders Emerge as Top Cybersecurity Threat
2025's most notable cyber takedowns highlight a shift from external attackers to malicious insiders, with several high-profile cases involving employees selling sensitive data to nation-state actors and cybercriminals. Organizations are urged to strengthen internal security protocols to counter this growing risk .
€300 Million International Credit Card Fraud Ring Dismantled
A multinational operation dismantled a credit card fraud ring that operated from 2016 to 2021, targeting 19 million customers globally. The group used fake subscriptions to siphon funds, marking one of the largest coordinated takedowns of the year .
Coupang Data Breach Exposes 33.7 Million Customers
South Korean retailer Coupang confirmed a breach affecting nearly 34 million customers, with personal data including names, emails, and addresses compromised. The attackers had access since June 2025, making it one of the largest breaches in the country's history .
Ransomware Attack Shuts Down OnSolve CodeRED Emergency System
A ransomware attack forced Crisis24 to decommission the legacy environment of the OnSolve CodeRED emergency notification system, compromising user data and disrupting nationwide emergency alerts. The company is rebuilding the platform in a new environment .
G7 Releases Collective Cyber Incident Response Guidelines
The G7 Cyber Expert Group published new principles for collective cyber incident response and recovery in the financial sector, emphasizing cross-border cooperation and information sharing to stabilize the global financial system .
Identity Data Becomes Prime Target for Cybercriminals
Regula's analysis highlights a surge in identity-focused attacks in 2025, including biometric spoofing, deepfake impersonation, and insider-enabled identity theft at major platforms like Coinbase and India's Aadhaar system .
London Councils Hit by Major Cyberattacks
Several London boroughs, including Kensington and Chelsea, Westminster, and Hammersmith & Fulham, suffered serious cyber incidents, prompting collaboration with the NCSC and the Metropolitan Police. Connectivity issues persist as investigations continue .
Second Wave of Sha1-Hulud Malware Infects Thousands of NPM Projects
A new wave of the Sha1-Hulud malware has compromised thousands of Node Package Manager (NPM) projects, exfiltrating secrets and spreading via altered packages. The attack has affected tens of thousands of GitHub repositories .
Iberia Airline Notifies Customers of Data Breach via Supplier
Spanish airline Iberia began notifying customers after a data breach at a third-party supplier exposed specific customer information. The incident is linked to unauthorized access to the vendor's systems .
Google Patches 107 Android Vulnerabilities, Two Already Exploited
Google's December 2025 update addresses 107 vulnerabilities in Android, including two framework flaws (CVE-2025-48633 and CVE-2025-48572) that are already being exploited in the wild. Users are urged to update their devices immediately .