Aggregator

Chainalysis warns North Korea continues to steal billions in crypto for its weapons program

"Prince of Persia" has rewritten the rules of persistence with advanced operational security and cryptographic communication with its command-and-control server.

Threat actors with ties to the Democratic People's Republic of Korea (DPRK or North Korea) have been instrumental in driving a surge in global cryptocurrency theft in 2025, accounting for at least $2.02 billion out of more than $3.4 billion stolen from January through early December. The figure represents a 51% increase year-over-year and $681 million more than 2024, when the threat actors stole

A joint investigation by Hunt.io and the Acronis Threat Research Unit has exposed an extensive network of North Korean state-sponsored infrastructure, revealing fresh connections between Lazarus and Kimsuky operations across global campaigns. The research uncovered active tool-staging servers, credential-theft environments, FRP tunneling nodes, and a certificate-linked infrastructure fabric controlled by DPRK operators. This discovery provides […]

The post Researchers Uncovered New Lazarus and Kimsuky Infrastructure with Active Tools and Tunnelling Nodes appeared first on Cyber Security News.

The Paris Prosecutor’s Office said a person had been arrested on charges “including an attack on an automated personal data processing system operated by the State, as part of an organized group.”

Cybersecurity planning continues to advance as organisations integrate new software, cloud platforms, and digital tools into nearly every…

Android начал расширять защиту от мошенников, которые заставляют включать демонстрацию экрана во время звонка и заходить в банковские приложения

A vulnerability classified as critical was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /user_leads.php of the component Leads Generation Module. Executing manipulation can lead to unrestricted upload. This vulnerability is tracked as CVE-2025-14885. The attack can be launched remotely. Moreover, an exploit is present.

A vulnerability classified as critical has been found in D-Link DIR-605 202WWB03. Affected by this issue is some unknown functionality of the component Firmware Update Service. Performing manipulation results in command injection. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is identified as CVE-2025-14884. The attack can be initiated remotely. Additionally, an exploit exists.

A vulnerability described as very critical has been identified in Govee H6056 1.08.13. Affected by this vulnerability is an unknown functionality of the component API. Such manipulation leads to authorization bypass. This vulnerability is referenced as CVE-2025-10910. It is possible to launch the attack remotely. No exploit is available.

Submit #715595 / VDB-337373

Submit #715465 / VDB-337372

Submit #715440 / VDB-254820

A self-harm prevention kit is becoming an essential part of school safety planning as student mental health challenges continue to rise across the United States. Schools are increasingly responsible for supporting the emotional well-being of their students and creating safe environments that reduce the risk of self-harming behavior, suicide attempts, or harmful coping patterns. The ...

The post Self-Harm Prevention Kit Guide for Schools: Identifying Risks and Protecting Students appeared first on ManagedMethods Cybersecurity, Safety & Compliance for K-12.

The post Self-Harm Prevention Kit Guide for Schools: Identifying Risks and Protecting Students appeared first on Security Boulevard.

Also: macOS Naughty or Nice, Cybercrime Karma, Spoofing Legacy Rail Infrastructure
London in December: Early to dark, quick to rain but also festive - and a mecca for cybersecurity researchers there for the annual Black Hat Europe conference. This year's event featured nearly 50 briefings that touched on everything from hardware hacking to combing infostealer logs for hidden gems.

Security Needs to Document Risks and Push Back Against Retroactive Accountability
A recent CISO resignation letter exposes a structural flaw in how organizations manage cyber risk. It shows what happens when risk is accepted quietly and accountability is enforced retroactively, and it's a cautionary tale about why CISOs need to actively manage their careers.

More Dry Powder Will Help Cyera Compete Against Proofpoint, Rubrik in AI Agent Era
Cyera in just four years has raised $1.3 billion, the second-largest venture haul for any cyber startup behind only Wiz. The company set its sights even higher in 2026, with media reports that Cyera is set to receive another $400 million - this time from Blackstone - at a valuation of $9 billion.

Practical Steps That Effectively Strengthen Security and Resilience
Cyberattackers know SMBs think they're "too small to be a target" - and they're acting on it. Learn why small businesses are increasingly targeted and the five foundational steps that can significantly reduce cyber risk.

Ink Dragon Compromised IIS Networks to Relay ShadowPad Malware
A Chinese hacking group is using compromised European government networks as relay nodes to route commands and support other hacking operations. Security firm Check Point attributed the campaign to a Chinese espionage group it tracks as "Ink Dragon."