News: The Danish Defence Intelligence Service (DDIS) announced on Thursday that Moscow was behind a cyber-attack on a Danish water utility in 2024 and a series of distributed denial-of-service (DDoS) attacks on Danish websites in the lead-up to the municipal and regional council elections in November. The first, it said,Read More »Denmark Accuses Russia of Conducting Two Cyberattacks
A SIEM is a complex system offering broad and flexible threat detection capabilities. Due to its complexity, its effectiveness heavily depends on how it is configured and what data sources are connected to it. A one-time SIEM setup during implementation is not enough: both the organization’s infrastructure and attackers’ techniquesRead More »Assessing SIEM effectiveness
A law enforcement operation coordinated by INTERPOL has led to the recovery of $3 million and the arrest of 574 suspects by authorities from 19 countries, amidst a continued crackdown on cybercrime networks in Africa. The coordinated effort, named Operation Sentinel, took place between October 27 and November 27, 2025,Read More »INTERPOL Arrests 574 in Africa; Ukrainian Ransomware Affiliate Pleads Guilty
Passwd is designed specifically for organizations operating within Google Workspace. Rather than competing as a general consumer password manager, its purpose is narrow, and business-focused: secure credential storage, controlled sharing, and seamless Workspace integration. The platform emphasizes practicality over feature overload, aiming to provide a reliable system for teams thatRead More »Passwd: A walkthrough of the Google Workspace Password Manager
The package provides legitimate functionality to evade detection, while stealing users’ data and deploying a backdoor. The post NPM Package With 56,000 Downloads Steals WhatsApp Credentials, Data appeared first on SecurityWeek.
Italy’s antitrust authority fined Apple $116 million after determining that operating one of its privacy features restricted App Store competition. The post Italy Antitrust Agency Fines Apple $116 Million Over Privacy Feature; Apple Announces Appeal appeared first on SecurityWeek.
Authorities in Senegal, Ghana, Benin, and Cameroon dismantled BEC, ransomware, and other cyber-fraud networks. The post 574 Arrested, $3 Million Seized in Crackdown on African Cybercrime Rings appeared first on SecurityWeek.
The U.S. Justice Department (DoJ) on Monday announced the seizure of a web domain and database that it said was used to further a criminal scheme designed to target and defraud Americans by means of bank account takeover fraud. The domain in question, web3adspanels[.]org, was used as a backend webRead More »U.S. DoJ Seizes Fraud Domain Behind $14.6 Million Bank Account Takeover Scheme
In early 2025, security researchers uncovered a new malware family named Webrat. Initially, the Trojan targeted regular users by disguising itself as cheats for popular games like Rust, Counter-Strike, and Roblox, or as cracked software. In September, the attackers decided to widen their net: alongside gamers and users of piratedRead More »From cheats to exploits: Webrat spreading via GitHub
A critical security vulnerability has been disclosed in the n8n workflow automation platform that, if successfully exploited, could result in arbitrary code execution under certain circumstances. The vulnerability, tracked as CVE-2025-68613, carries a CVSS score of 9.9 out of a maximum of 10.0. The package has about 57,000 weekly downloads,Read More »Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances
