Payroll-focused social engineering attacks target help desk staff, redirect employee salaries, and show how human factors can bypass traditional technical protections.
…
SantaStealer is a rebranded infostealer using modular data theft, modest pricing, and limited stealth, with no confirmed large-scale deployment yet.
…
Several hundred machines across a diverse set of organizations already compromised, Microsoft says.
Cisco warned that Chinese government hackers are exploiting a zero-day in some of its products. Researchers now say there are hundreds of vulnerable Cisco customers.
Two Chinese-nexus groups have been exploiting a newly discovered flaw to establish persistence and launch backdoors.
…
The attack seems to have happened in October but the risk towards citizens is minimal.
Businesses are rushing to deploy AI, creating overly permissioned, misconfigured systems.
Researchers spotted multiple groups using the same technique and believe it’s only going to get worse.
TechCrunch looks back at the biggest data breaches, disruptive cyberattacks, and damaging hacks of 2025, from the raiding of U.S. government databases to a hack every month in South Korea.
Here are some ESET deals on Essentials, Premium, and Ultimate that are sure to blow your socks off.