Breaking News – Cyber Threats (last 6h)
Generated: 2025-12-29 07:00 PST
- Former Coinbase support agent arrested for helping hackers
BleepingComputer • 2025-12-29 06:16 • www.bleepingcomputer.com
A former Coinbase customer service agent was arrested in India for helping hackers earlier this year steal sensitive customer information from a company database. […]
https://www.bleepingcomputer.com/news/security/former-coinbase-support-agent-arrested-for-helping-hackers/ - ⚡ Weekly Recap: MongoDB Attacks, Wallet Breaches, Android Spyware, Insider Crime & More
The Hacker News • 2025-12-29 05:38 • thehackernews.com
Last week’s cyber news in 2025 was not about one big incident. It was about many small cracks opening at the same time. Tools people trust every day behave in unexpected ways. Old flaws resurfaced. New ones were used almost immediately.
A common theme ran through it all in 2025. Attackers moved faster than fixes. Access meant for work, updates, or support kept getting abused. And damage did not
https://thehackernews.com/2025/12/weekly-recap-mongodb-attacks-wallet.html - Korean Air data breach exposes data of thousands of employees
BleepingComputer • 2025-12-29 05:08 • www.bleepingcomputer.com
Korean Air experienced a data breach affecting thousands of employees after Korean Air Catering & Duty-Free (KC&D), its in-flight catering supplier and former subsidiary, was recently hacked. […]
https://www.bleepingcomputer.com/news/security/korean-air-data-breach-exposes-data-of-thousands-of-employees/ - Microsoft Copilot is rolling out GPT 5.2 as "Smart Plus" mode
BleepingComputer • 2025-12-29 04:23 • www.bleepingcomputer.com
Microsoft is rolling out GPT 5.2 to Copilot on the web, Windows, and mobile as a free upgrade, and it’ll coexist with the GPT 5.1 model. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-copilot-is-rolling-out-gpt-52-as-smart-plus-mode/ - Are We Ready to Be Governed by Artificial Intelligence?
Schneier on Security • 2025-12-29 04:07 • www.schneier.comArtificial Intelligence (AI) overlords are a common trope in science-fiction dystopias, but the reality looks much more prosaic. The technologies of artificial intelligence are already pervading many aspects of democratic government, affecting our lives in ways both large and small. This has occurred largely without our notice or consent. The result is a government incrementally transformed by AI rather than the singular technological overlord of the big screen.
Let us begin with the execut…
https://www.schneier.com/blog/archives/2025/12/are-we-ready-to-be-governed-by-artificial-intelligence.html - Fortinet warns of 5-year-old FortiOS 2FA bypass still exploited in attacks
BleepingComputer • 2025-12-29 03:16 • www.bleepingcomputer.com
Fortinet has warned customers that threat actors are still actively exploiting a critical FortiOS vulnerability that allows them to bypass two-factor authentication (2FA) when targeting vulnerable FortiGate firewalls. […]
https://www.bleepingcomputer.com/news/security/fortinet-warns-of-5-year-old-fortios-2fa-bypass-still-exploited-in-attacks/ - The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor
Securelist • 2025-12-29 02:00 • securelist.com
Kaspersky discloses a 2025 HoneyMyte (aka Mustang Panda or Bronze President) APT campaign, which uses a kernel-mode rootkit to deliver and protect a ToneShell backdoor.
https://securelist.com/honeymyte-kernel-mode-rootkit/118590/ - MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide
The Hacker News • 2025-12-29 01:46 • thehackernews.com
A recently disclosed security vulnerability in MongoDB has come under active exploitation in the wild, with over 87,000 potentially susceptible instances identified across the world.
The vulnerability in question is CVE-2025-14847 (CVSS score: 8.7), which allows an unauthenticated attacker to remotely leak sensitive data from the MongoDB server memory. It has been codenamed MongoBleed.
“A flaw
https://thehackernews.com/2025/12/mongodb-vulnerability-cve-2025-14847.html - 27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentials
The Hacker News • 2025-12-29 01:44 • thehackernews.com
Cybersecurity researchers have disclosed details of what has been described as a “sustained and targeted” spear-phishing campaign that has published over two dozen packages to the npm registry to facilitate credential theft.
The activity, which involved uploading 27 npm packages from six different npm aliases, has primarily targeted sales and commercial personnel at critical
https://thehackernews.com/2025/12/27-malicious-npm-packages-used-as.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
