The Walt Disney Company has agreed to pay $10 million to settle a lawsuit related to children’s data privacy violations. The case was brought by U.S. government authorities. It accused Disney of allowing the collection of personal data from children without proper consent. The settlement was approved by a federal court in late December 2025. … Continued
Silver Fox, a cyber threat group tracked by security researchers, has launched a targeted phishing campaign aimed at users in India. The attackers are using tax-related email messages to lure victims into opening malicious files. These emails are crafted to look like official tax notices, refund alerts, or compliance messages. The timing makes them especially … Continued
Mustang Panda, a China-linked cyber espionage group, has been caught using a new and more advanced attack technique. Security researchers found that the group is now deploying a signed kernel-mode rootkit to install a malware backdoor called ToneShell. This approach allows the attackers to hide deep inside Windows systems. As a result, the malware becomes … Continued
Cybersecurity researchers have uncovered a phishing campaign that abused the npm package registry to steal login credentials. The operation involved 27 malicious npm packages created specifically for phishing purposes. These packages were not designed to provide useful code to developers. Instead, they were used as hosting infrastructure for credential-stealing pages. The campaign remained active for … Continued
A critical security vulnerability affecting MongoDB has been discovered and is currently being exploited worldwide. The issue is tracked as CVE-2025-14847 and has raised serious concerns across the cybersecurity community. Experts warn that unpatched MongoDB servers are at high risk of sensitive data exposure. Organizations using MongoDB are being urged to act immediately. The vulnerability … Continued
A critical security vulnerability has been identified in the core component of LangChain, a popular framework used to build AI applications. The issue affects how LangChain handles serialized data in its Python implementation. Security researchers warn that the flaw could expose sensitive information. The risk is high due to LangChain’s widespread use. The vulnerability has … Continued
A major security incident has affected users of the Trust Wallet Chrome browser extension. Many users reported sudden and unauthorized withdrawals from their crypto wallets. These incidents were noticed shortly after installing a recent extension update. Security experts later confirmed that the update itself had been compromised. The issue began around December 24, when a … Continued
U.S. Securities and Exchange Commission (SEC) has filed charges in a major cryptocurrency fraud case involving more than $14 million. The regulator says the scheme used fake AI-themed investment tips to attract retail investors. These tips were promoted as advanced and data-driven. In reality, the SEC says the entire operation was fraudulent. According to the … Continued
ServiceNow has announced that it will acquire Armis, a specialist in operational technology (OT) and connected-device security. The deal is valued at $7.75 billion and will be paid fully in cash. This is the largest acquisition ServiceNow has made so far. The move signals a stronger push by the company into the cybersecurity space. The … Continued
Italy’s competition authority has fined Apple €98.6 million, or about $116 million, over how it applied privacy rules in its App Store. The decision follows an investigation into Apple’s App Tracking Transparency system. Regulators said Apple’s actions affected competition in the mobile app market. The fine was announced in December 2025. The case centers on … Continued
