Latest Internet & Cybersecurity News
Hackers Stole Over $2.7 Billion in Crypto in 2025
Cybercriminals stole a record $2.7 billion in cryptocurrency in 2025, surpassing previous years, with North Korean hackers implicated in the largest Bybit exchange breach of $1.4 billion. Other major incidents include Cetus DEX at $223 million and Balancer protocol at $128 million.
North Korean actors alone stole at least $2.02 billion, a 51% year-over-year increase.
16 Billion Credential Mega Leak Exposed
Researchers uncovered 30 datasets with over 16 billion login credentials from Google, Apple, Facebook, and others, aggregated from infostealer malware and past breaches. Hosted openly online, it enables massive credential stuffing attacks.
This historic compilation poses risks comparable to single large breaches for account takeovers.
Salesforce/Salesloft-Drift OAuth Supply Chain Breach
Threat actors compromised integrations between Drift and Salesforce, stealing OAuth tokens and accessing sensitive data across hundreds of organizations. Linked to ShinyHunters/UNC6395, it's the largest SaaS supply chain breach in history.
Major tech firms and cybersecurity companies were affected.
Red Hat GitLab Breach Exfiltrates 570GB of Data
Crimson Collective stole 570GB from Red Hat's consulting GitLab instance, including 800 customer reports with VPN settings, API keys, and security configs. Over 28,000 repositories were accessed, impacting enterprise and government clients.
The breach occurred in early October 2025.
University of Phoenix Data Breach Affects 3.5M
Unauthorized access on August 13, 2025, exposed personal data of 3.5 million students, faculty, and others; discovered November 21. Formal notifications sent December 22, 2025.
This adds to recent breaches like University of Sydney's 27,000 victims.
RansomHouse Ransomware Upgrades to 'Mario' Encryption
RansomHouse enhanced its encryptor with multi-layered 'Mario' method using multiple keys and file-size processing for better evasion and speed. This boosts negotiation leverage in attacks.
Part of ongoing ransomware advancements targeting detection evasion.
CISA Updates BRICKSTORM Backdoor Indicators
CISA, NSA, and Canadian Centre released updated IOCs for Rust-based BRICKSTORM with advanced persistence and encrypted WebSocket C2. Active exploits also reported in Fortinet, SonicWall, Cisco, WatchGuard.
DOJ charged 54 in $40.73M ATM jackpotting scheme using Ploutus malware.
Critical CVE-2025-37164 in HPE OneView (CVSS 10.0)
Unauthenticated RCE vulnerability in HPE OneView Software actively exploited. CISA added WatchGuard Fireware OS CVE-2025-14733 to KEV catalog on December 19.
Apple patched actively exploited WebKit flaws; CISA mandates GeoServer XXE patch.
125K Firewalls Exposed to Risks
Over 125,000 firewalls remain vulnerable amid rapid exploitation trends in VPNs, firewalls, and cloud providers. 2025 saw vulnerabilities weaponized within hours of disclosure.
Old CVEs still heavily exploited in public-facing systems.
NIST Invests $20M in AI Cybersecurity Centers
NIST allocated $20M with MITRE for AI centers targeting manufacturing solutions and critical infrastructure cybersecurity. Separately, Gambit Cyber raised $3.4M for AI-driven defenses; Armis sold for $7.75B to ServiceNow.
These investments counter rising nation-state threats from North Korea, Russia, Iran.