News
-
Amazon says it disrupted GRU-linked campaign that targeted misconfigured edge network devices
Amazon says it disrupted a years-long campaign attributed to the Russian GRU that shifted from exploiting software flaws to targeting misconfigured edge devices on customer cloud infrastructure, and that it has protected affected EC2 instances, notified customers and shared intelligence.
-
Texas sues five TV makers over alleged secret collection of viewing data
Texas Attorney General Ken Paxton sued Sony, Samsung, LG, Hisense and TCL, alleging their smart TVs used Automated Content Recognition to capture and transmit viewing data without consent; Paxton’s office also warned of national security risks tied to China-based companies.
-
Cyberattack Disrupts PDVSA Export Systems, Company Says Operations Unaffected
PDVSA said a weekend cyberattack hit administrative systems but not operations; internal memos and source accounts cited by Bloomberg and Reuters indicate export and terminal systems were offline and cargo deliveries halted, while PDVSA blamed the United States and domestic conspirators.
-
New ‘SantaStealer’ infostealer marketed on forums
Rapid7 researchers said a new malware-as-a-service infostealer called SantaStealer is being marketed on Telegram and forums, offers subscription plans, includes multiple data-theft modules and appears to have leaked samples that undermine claims of stealth.
-
PornHub targeted by ShinyHunters after Premium member activity data reportedly stolen
PornHub says it is being extorted by the ShinyHunters gang after activity data for some Premium members was reportedly stolen in a Mixpanel-related incident; Mixpanel says it can find no indication the records were taken in its November 2025 incident.
-
ABA says deepfakes and generative AI are eroding court evidence and procedures
The American Bar Association’s report warns that generative AI and deepfakes are undermining legal procedures and evidence while also offering efficiency gains; the ABA has convened a task force to develop guidance on authenticity, liability and courtroom use.
-
700Credit breach exposes data of 5.8 million dealership customers
700Credit said a breach that originated at an integration partner exposed personal data of more than 5.8 million vehicle dealership customers, including Social Security numbers; the company is notifying affected individuals and offering TransUnion monitoring.
-
CISA orders immediate patching after active exploitation of critical GeoServer XXE flaw
CISA has ordered federal agencies to patch a critical unauthenticated XML External Entity flaw in GeoServer (CVE-2025-58360) that is being actively exploited; researchers warn the bug can disclose files and enable SSRF, and public scans show thousands of exposed instances.
-
France interior ministry confirms cyberattack on e-mail servers
France’s Interior Ministry confirmed a cyberattack on its e-mail servers that allowed access to some files; investigators have not confirmed whether data was stolen and are probing motives including foreign interference, activists and cybercrime.
-
VolkLocker ransomware contains hard-coded master keys, SentinelOne analysis finds
A SentinelOne analysis says VolkLocker, a RaaS from the CyberVolk collective, contains hard-coded master keys and writes a plaintext backup key to the temporary folder, enabling file recovery without payment while still displaying typical ransomware behaviors.
