Infostealer Malware Delivered in EmEditor Supply Chain Attack

/in

The ‘download’ button on the official EmEditor website served a malicious installer.

The post Infostealer Malware Delivered in EmEditor Supply Chain Attack appeared first on SecurityWeek.

SecurityWeek – ​Read More

22 Million Affected by Aflac Data Breach

/in

Hackers stole names, addresses, Social Security numbers, ID numbers, and medical and health insurance information from Aflac’s systems.

The post 22 Million Affected by Aflac Data Breach appeared first on SecurityWeek.

SecurityWeek – ​Read More

The Worst Hacks of 2025

/in

From university breaches to cyberattacks that shut down whole supply chains, these were the worst cybersecurity incidents of the year.

Security Latest – ​Read More

The Most Dangerous People on the Internet in 2025

/in

From Donald Trump to DOGE to Chinese hackers, this year the internet’s chaos caused outsized real-world harm.

Security Latest – ​Read More

The New Surveillance State Is You

/in

Privacy may be dead, but civilians are turning conventional wisdom on its head by surveilling the cops as much as the cops surveil them.

Security Latest – ​Read More

Fresh MongoDB Vulnerability Exploited in Attacks

/in

Dubbed MongoBleed, the high-severity flaw allows unauthenticated, remote attackers to leak sensitive information from MongoDB servers.

The post Fresh MongoDB Vulnerability Exploited in Attacks appeared first on SecurityWeek.

SecurityWeek – ​Read More

You’ve been targeted by government spyware. Now what?

/in

Tech companies are increasingly warning their customers that they have been targeted by governments with advanced government spyware, such as NSO’s Pegasus or Paragon’s Graphite. What happens after receiving a threat notification?

Security News | TechCrunch – ​Read More

Traditional Security Frameworks Leave Organizations Exposed to AI-Specific Attack Vectors

/in

In December 2024, the popular Ultralytics AI library was compromised, installing malicious code that hijacked system resources for cryptocurrency mining. In August 2025, malicious Nx packages leaked 2,349 GitHub, cloud, and AI credentials. Throughout 2024, ChatGPT vulnerabilities allowed unauthorized extraction of user data from AI memory.
The result: 23.77 million secrets were leaked through AI

The Hacker News – ​Read More

MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide

/in

A recently disclosed security vulnerability in MongoDB has come under active exploitation in the wild, with over 87,000 potentially susceptible instances identified across the world.
The vulnerability in question is CVE-2025-14847 (CVSS score: 8.7), which allows an unauthenticated attacker to remotely leak sensitive data from the MongoDB server memory. It has been codenamed MongoBleed.
“A flaw

The Hacker News – ​Read More

Sauron, the high-end home security startup for “super premium” customers, plucks a new CEO out of Sonos

/in

Sauron is appearing on the scene as concerns rise about crime among the most wealthy.

Security News | TechCrunch – ​Read More