Cyber News & Updates
Breaking news, security alerts, and trending stories from across the cybersecurity landscape.
-
LinkedIn’s AI Data Training Sparks Privacy Concerns in Europe
LinkedIn’s use of European user data for AI training has triggered significant privacy concerns and regulatory scrutiny across the EU, highlighting the ongoing debate on data consent and control in the age of artificial intelligence.
-
User of Phishing Platform LabHost Sentenced to 300 Days in Prison
A Dutch court has sentenced a 37-year-old man to 300 days in prison, with 226 days suspended, for utilizing the sophisticated phishing-as-a-service platform, LabHost. The ruling underscores the serious legal ramifications for individuals who engage with criminal infrastructure designed to facilitate online fraud.
-
Cloudflare Data Shows Major Internet Shifts in Turkmenistan, Corroborating Reports of Unblocking and Firewall Testing
Cloudflare’s network data reveals a significant increase in HTTP requests from Turkmenistan starting mid-June 2024, aligning with reports of the nation unblocking billions of IP addresses. The analysis also uncovers major shifts in TCP connection patterns, suggesting the possible testing of a new national firewall system.
-
YouTube Ghost Network Leverages Deceptive Tactics for Widespread Malware Distribution
A sophisticated and coordinated malware distribution operation, dubbed the “YouTube Ghost Network” by Check Point Research, has been actively exploiting YouTube’s features to promote malicious content and distribute information-stealing malware.
-
Aisuru Botnet Shifts to Residential Proxies for AI Data Harvesting
The Aisuru botnet has shifted from DDoS attacks to operating as a residential proxy service, enabling cybercriminals to anonymize traffic for illicit activities, including extensive data harvesting for AI projects, impacting 700,000 compromised IoT devices.
-
Canada Fines Cryptomus Over $176 Million for AML Violations Tied to Cybercrime
Canadian financial regulators have imposed an administrative monetary penalty of over $176 million on Xeltox Enterprises Ltd., operating as Cryptomus. The penalty from FINTRAC addresses the cryptocurrency payments platform’s significant non-compliance with anti-money laundering and anti-terrorist financing regulations, citing failures to report suspicious transactions linked to child exploitation, fraud, ransomware, and sanctions evasion. Investigations revealed…
-
Balancer DeFi Protocol Suffers $128 Million Exploit
A recent exploit on the Balancer DeFi protocol’s v2 pools led to a staggering loss of over $128 million, underscoring persistent security challenges in the cryptocurrency landscape.
-
Microsoft Discovers SesameOp: A New Backdoor Using OpenAI’s Assistants API for Covert C2
Microsoft discovered SesameOp, a new backdoor that uses OpenAI’s Assistants API for covert command and control (C2) operations. This technique allows attackers to fetch commands and exfiltrate data through a trusted cloud service, making detection harder. Discovered in July 2025, SesameOp aims for long-term persistence, often a hallmark of espionage campaigns.
-
Cybersecurity Overhaul: Thales and Imperva Unite for Integrated Security
Thales and Imperva are combining forces to offer businesses a truly unified defense, from data protection to application security, integrating AI and machine learning for advanced threat detection and a stronger security posture.
-
Critical WSUS RCE Vulnerability CVE-2025-59287 Actively Exploited, CISA Urges Immediate Patching
A critical, unauthenticated Remote Code Execution (RCE) vulnerability, CVE-2025-59287, in Microsoft’s Windows Server Update Services (WSUS) is being actively exploited right now, allowing attackers to run malicious code with SYSTEM privileges.