Latest Internet & Cybersecurity News
November 2025 Sees 659 Ransomware Attacks with Rising Data Theft Severity
Ransomware incidents slightly declined globally to 659, but data theft escalated sharply. Major groups like Qilin and Akira dominated, exploiting an Oracle E-Business Suite zero-day (CVE-2025-61882), impacting numerous organizations across the US and Europe, including the University of Pennsylvania and The Washington Post. Key advice includes urgent patching and strict multi-factor authentication enforcement.
Kazu Ransomware Group Targets UK’s CT Dent Ltd with Data Leak Threat
On December 6, 2025, Kazu ransomware group claimed responsibility for a cyberattack on CT Dent Ltd, a UK dental imaging center, threatening to release sensitive data unless negotiations are initiated, signaling ongoing ransomware extortion tactics in healthcare.
AI-Driven Cyber Attacks Surge, Raising Global Security Concerns
In 2025, AI-powered cyberattacks increased dramatically, with 75% of cybersecurity professionals noting a rise. Financial services face severe impact, including a 13% increase in breach costs. AI enables scaled DDoS attacks and deepfake frauds, with projected AI-driven incidents surpassing 28 million worldwide, demanding urgent coordinated defenses.
Widespread Exploitation Campaign Targets Palo Alto GlobalProtect VPNs
Since late November 2025, attackers exploited GlobalProtect VPN portals via UDP port 4501 vulnerabilities worldwide, including unpatched CVE-2024-3400. The attacks, attributed in part to Chinese state-affiliated groups, involve brute-force logins and malware deployment, prompting urgent patching and multi-factor authentication advisories by Palo Alto Networks and CISA.
Critical React and Node.js Vulnerability Patched Amid Rising Cyber Espionage
A severe remote code execution flaw (CVE-2025-55182) affecting React Server Components was patched recently. Concurrently, espionage campaigns by groups like Iran-aligned MuddyWater and law enforcement crackdowns on crypto laundering and cybercriminal infrastructure highlight evolving threats in cybersecurity landscapes.
Lynx Ransomware Group Compromises Japan’s TOC Building, Threatens Data Leak
On December 6, 2025, Lynx ransomware group announced an attack on TOC Building, a major Japanese commercial facility, threatening to publish sensitive data unless negotiations occur, demonstrating persistent ransomware risks in Asia.
Barts Health NHS Suffers Data Breach via Cl0p Exploiting Oracle Zero-Day
Barts Health NHS Trust disclosed a significant breach after Cl0p ransomware leveraged an Oracle flaw, exposing patient and staff data. While clinical systems remained unaffected, the incident highlights ongoing risks to healthcare infrastructure from advanced ransomware groups.
US and Canada Warn of China-Linked Hackers Stealing Sensitive Login Data
US and Canadian agencies issued advisories about China-backed hackers using 'Brickstorm' malware to infiltrate government and IT networks, stealing login credentials and maintaining long-term access, with attacks identified on VMware products urging patching and strong security measures.
Cryptomixer Cryptocurrency Laundering Service Shut Down by German and Swiss Authorities
Law enforcement has dismantled Cryptomixer, an illegal crypto mixing service, seizing over €25 million in Bitcoin, disrupting illicit financial flows supporting cybercriminal activities, part of intensified global efforts to curb cybercrime funding.
Increasing Attacks on Field-Level Industrial Control Systems Call for Enhanced OT Security
Recent reports confirm rising cyberattacks targeting field-level ICS devices, underscoring the urgent need for granular operational technology visibility and security controls to protect critical infrastructure from sophisticated threats.