Cyber News & Updates
Breaking news, security alerts, and trending stories from across the cybersecurity landscape.
-
Finnish Authorities Detain Crew and Seize Vessel After Undersea Cable Severed: Aggravated Sabotage Probe Uncovers Sanctioned Cargo
Finnish authorities detained 14 crew aboard the Fitburg cargo ship after a critical undersea cable linking Helsinki to Estonia was severed on New Year’s Eve. Two crew members—Russian and Azerbaijani nationals—face arrest on aggravated sabotage charges, while investigators discovered sanctioned Russian steel in the vessel’s cargo. A second cable operated by Arelion also failed the…
-
Trust Wallet Browser Extension Poisoned via Shai-Hulud NPM Attack, $8.5M in Crypto Drained from 2,596 Users
Attackers exploited the Shai-Hulud NPM supply chain attack to leak Trust Wallet developer GitHub secrets, including the Chrome Web Store API key. Using this key, they uploaded a malicious version of Trust Wallet’s extension that harvested private keys and seed phrases, draining $8.5 million from 2,596 crypto wallets. The attack shows how compromised credentials eliminate…
-
European Space Agency Data Breach Exposes 200GB of Infrastructure and Source Code
A hacker claiming the alias 888 alleges a breach of the European Space Agency on December 18, 2025, claiming theft of 200GB of internal data including private repositories, project management systems, CI/CD configurations, and hardcoded credentials. Screenshots allegedly show access to Security Operations Centre systems, spacecraft documentation, and partner organization technical deliverables. The breach exposes…
-
DarkSpectre Browser Extension Campaigns Expose 8.8 Million Users to Corporate Espionage
DarkSpectre is a Chinese threat actor operating three browser extension campaigns infecting 8.8 million users across Chrome, Edge, and Firefox. ShadyPanda (5.6M users) executes mass surveillance and affiliate fraud. GhostPoster (1.05M) delivers steganographic payloads. The Zoom Stealer (2.2M) monitors 28+ video conferencing platforms, exfiltrating meeting URLs, participant lists, speaker identities, and company data in real-time.…
-
Tokyo FM Data Breach Claims 3 Million Records Exposed
On January 1, 2026, an attacker announced access to Tokyo FM Broadcasting Co., Ltd.’s internal systems, claiming to have exfiltrated 3 million listener and employee records. The dataset reportedly includes personal identifiers (names, emails, IP addresses), behavioral data (user agents), authentication tokens, and employment information. Tokyo FM has not yet issued public confirmation or customer…
-
Roundcube CVE-2025-68461: SVG XSS Vulnerability Enables Silent Email Account Takeover Through Malicious Animate Tags
Roundcube Webmail contains a Cross-Site Scripting vulnerability (CVE-2025-68461, CVSS 7.2) that enables attackers to hijack email accounts by sending malicious SVG files. The flaw exploits improper sanitization of SVG animate tags to execute JavaScript in victim browsers, granting full account access without credentials. Security patches are available for versions 1.5.12 and 1.6.12, but deployment lags…
-
Undersea Cable Sabotage Suspected: Finland Detains Crew as NATO Infrastructure Faces Hybrid Warfare Threat
On New Year’s Eve, a cargo ship dragged an anchor across a critical undersea cable linking Finland and Estonia, severing connectivity. Finnish authorities arrested two crew members for alleged sabotage, discovering the vessel also carried sanctioned Russian steel. The incident marks a turning point in hybrid warfare tactics targeting NATO critical infrastructure, raising urgent questions…
-
RemoveWindowsAI: Complete AI Feature Removal for Windows Privacy, Control, and Defensive Hardening
RemoveWindowsAI is a PowerShell-based tool for completely removing Microsoft’s built-in AI features from Windows 11 25H2 builds—Copilot, Recall, Input Insights, and AI-powered tools in Paint and Notepad. For defenders prioritizing privacy, system control, and operational security, this tool provides comprehensive disablement across registry keys, appx packages, Component-Based Servicing stores, and scheduled tasks. It includes backup…
-
Japan’s Record Defense Budget: Strategic Pivot from Pacifism to Offensive Deterrence Against Rising Chinese Military Threat
Japan’s Cabinet approved a record 9 trillion yen ($58 billion) defense budget for fiscal 2026, marking a 9.4% increase and the fourth consecutive year of a five-year military spending expansion. This budget funds Type-12 long-range missiles, AI-integrated drone systems, and next-generation fighter development, signaling Japan’s strategic pivot from pacifism to offensive deterrence against China’s rapid…
-
Operation Absolute Resolve: U.S. Military Capture of Maduro and the Strategic Doctrine of Regime Change
Operation Absolute Resolve marks a watershed moment: the U.S. military capture of a sitting Western Hemisphere leader using Delta Force operatives, RQ-170 stealth drones, and precision strikes on air defense systems. Trump pledges direct U.S. governance of Venezuela’s economy and oil infrastructure. The operation raises critical questions about international law, regime change doctrine, and American…