Latest Internet & Cybersecurity News
Multi-Platform Ransomware '01flip' Written in Rust Emerges as Leading Threat
H-ISAC reports '01flip', a new multi-platform ransomware developed in Rust, as the leading story in daily cyber headlines. This malware targets multiple operating systems, posing risks to diverse environments. It underscores the growing sophistication of ransomware tools using modern programming languages.
Space Bears Ransomware Claims Comcast Data Breach via Contractor
The Space Bears ransomware group claims to have breached Comcast through contractor Quasar, Inc., leading to a data leak. This incident highlights third-party risks in telecommunications.
No further details on impact released yet.
Threat Actors Weaponize ChatGPT and Grok for AMOS Stealer Deployment
Cybercriminals are using conversations from ChatGPT and Grok AI models to deploy the AMOS information stealer malware. This tactic evades detection by leveraging legitimate AI platforms.
Victims face credential and data theft risks.
PCIe Encryption Flaws Enable Hardware Data Exfiltration Attacks
New vulnerabilities in PCIe encryption expose hardware to remote data exfiltration attacks. These flaws affect widely used components in servers and devices.
Immediate patching and mitigations recommended for affected systems.
Phishing Attacks Surge 400% Year-Over-Year Globally
A new report reveals phishing incidents have increased by 400% compared to the previous year. This trend drives many initial access vectors for breaches.
Organizations urged to enhance training and detection.
UK Sanctions Russian and Chinese Firms for Information Warfare
The UK imposed sanctions on Russian and Chinese companies suspected of malign activities in information warfare and cyber operations. Targets include entities linked to disinformation and hacks.
Aims to deter state-sponsored threats.
19-Year-Old Hacker Arrested in Spain for Stealing 64 Million Records
Spanish police arrested a 19-year-old in Barcelona for breaching nine companies and selling 64 million records online using multiple pseudonyms. The suspect faces charges for cybercrime and data privacy violations.
Investigation ongoing.
Ukrainian Police Bust Cybercriminal Operating Social Media Bot Farm
A 22-year-old Ukrainian created custom malware to hack social accounts, selling them on forums, and ran a 5,000-profile bot farm targeting US and EU users. Arrest disrupts shadow schemes.
Victims mainly in Western countries.
Gogs 0-Day Vulnerability Actively Exploited, 700+ Instances Hit
A zero-day flaw in Gogs is under active exploitation, compromising over 700 instances as of early December 2025. No patch available yet, urging immediate hardening.
Affects self-hosted Git services globally.
US Lawmakers Reintroduce Satellite Cybersecurity Act
Bipartisan senators revived the Satellite Cybersecurity Act in December 2025 to set voluntary guidelines and improve federal coordination for space systems. Addresses rising threats from state actors and GPS jamming.
Critical for commercial satellite operators.
Ransomware Resurgence: 24% of Organizations Hit in 2025
Hornetsecurity's December report notes ransomware affected 24% of organizations in 2025, shifting to credential theft and data attacks. Public sector shows high LockBit risk at 53%.
AI phishing emerges as key concern.
MITRE Releases 2025 Top 25 Most Dangerous Software Vulnerabilities
MITRE's 2025 CWE Top 25 list includes three new buffer overflow weaknesses among the most dangerous software flaws. Guides developers on prioritization.
Buffer issues remain prevalent threats.