An activist was charged with destruction of evidence after resetting his phone to factory settings https://www.techspot.com/news/110560-man-arrested-allegedly-wiping-google-pixel-before-cbp.html
The Dutch NCSC on the Notepad++ update hijack attacks: "Currently, as far as is known, only organizations with interests in East Asia are victims of targeted attacks" cc: @npub17lgy...9uux
Kwetsbaarheid Notepad ++
Er is een kwetsbaarheid in Notepad++ gevonden waarmee het mogelijk is om malafide updates naar gebruikers te pushen. Momenteel zijn voor zover beke...
Arena Breakout is giving out 10-year bans for cheating image
"Germany has accused Russia of a cyber-attack on air traffic control and attempted electoral interference, and summoned the Russian ambassador. "
Germany accuses Russia of 2024 cyber attack and election disinformation campaign
The Russian ambassador is summoned over a cyber-attack on air traffic control and attempted electoral interference.
-EU has a problem attracting and retaining cyber talent -Coupang CEO resigns following breach -NoName057 and CARR member charged in the US -Chrome and Gogs zero-days -UK sanctions Chinese hacking firms -Coupang hacker was a cyber employee -Petco takes down leaky Vetco site -UK fines LastPass over breach -Ransomware at HSE Ireland, again -Russia denies military registry hack -New PowerShell security feature Newsletter:
Risky.Biz
EU has a problem attracting and retaining cyber talent
In other news: Coupang CEO resigns following breach; NoName057 and CARR member charged in the US; Chrome and Gogs zero-days.
 Podcast:
Risky Bulletin: EU has a problem attracting and retaining cyber talent - Risky Business Media
The EU has a problem attracting and retaining cyber talent, the CEO of Coupang resigns following the company’s security breach, Microsoft [Read ...
 image
MITRE has published the list of Top 25 most common software vulnerabilities of 2025, also known as the CWE Top 25
CWE - 2025 CWE Top 25 Most Dangerous Software Weaknesses
Common Weakness Enumeration (CWE) is a list of software and hardware weaknesses.
 image
Looks like Notepad++ has fixed its update system:
Community
Notepad++ v8.8.9: Vulnerability-fix
Notepad++ release 8.8.9 is available: https://notepad-plus-plus.org/news/v889-released/ Notepad++ v8.8.9 new security enhancement, new features, re...
 This is after reports that users received malicious Notepad++ updates containing malware: https://doublepulsar.com/small-numbers-of-notepad-users-reporting-security-woes-371d7a3fd2d9
Some phishers have taken inspiration from Russian cyber-espionage group UTA0355 and are using a technique that tricks users into sharing their OAuth material in a web page (UAT0355 did it via email replies)
Push Security
ConsentFix: Browser-native ClickFix hijacks OAuth grants
Analysing "ConsentFix", a new browser-native attack technique we
 image
Google is rolling out a new feature for Android users that will let them share live video with emergency services. The new feature is being rolled out in the US and some regions in Mexico and Germany. It will be available for Android 8 (2017) devices or higher
Google
Share live video with emergency services to get the help you need
During an emergency call or text, a dispatcher can send a request to your Android phone to share live video.
More research of this type Intruder found 43k secrets across 5 million single-page apps: https://www.businesswire.com/news/home/20251211585215/en/Intruder-Uncovers-New-Secrets-Detection-Techniques-Finds-Thousands-of-Exposed-Tokens-Unaddressed-by-Traditional-Methods Bitsight has found more than 1,000 MCP servers exposed on the internet with no authorization in place and exposing sensitive data:
Bitsight
Exposed MCP Servers: New AI Vulnerabilities & What to Do | Bitsight
Bitsight TRACE research team found roughly 1,000 exposed MCP servers with no authorization in place, revealing new AI vulnerabilities. Read the rep...
 View quoted note β†’