A Chinese woman known as the “Bitcoin Queen” was sentenced in London to 11 years and eight months in jail for laundering Bitcoin from a ÂŁ5.5 billion ($7.3 billion) cryptocurrency investment scheme. The sentence follows a seven-year investigation by the Met’s Economic Crime team into international money laundering, which revealed that the 47-year-old woman, Zhimin Qian […]
SAP has released its November security updates that address multiple security vulnerabilities, including a maximum severity flaw in the non-GUI variant of the SQL Anywhere Monitor and a critical code injection issue in the Solution Manager platform. The security problem in SQL Anywhere Monitor is tracked as CVE-2025-42890 and consists of hardcoded credentials. Because of the elevated […]
GlobalLogic, a provider of digital engineering services part of the Hitachi group, is notifying over 10,000 current and former employees that their data was stolen in an Oracle E-Business Suite (EBS) data breach. Based in Santa Clara, California, this software and product development services company was founded in 2000. Since then, it has expanded to […]
North Korean hackers are abusing Google’s Find Hub tool to track the GPS location of their targets and remotely reset Android devices to factory settings. The attacks are primarily targeting South Koreans, and start by approaching the potential victims over KakaoTalk messenger – the most popular instant messaging app in the country. South Korean cybersecurity solutions […]
Mozilla announced a major privacy upgrade in Firefox 145 that reduces even more the number of users vulnerable to digital fingerprinting. The new protections will initially be available only in Private Browsing Mode and Enhanced Tracking Protection (ETP) Strict mode. After testing and optimization, they will be enabled by default in the Firefox web browser. […]
A new phishing automation platform named Quantum Route Redirect is using around 1,000 domains to steal Microsoft 365 users’ credentials. The kit comes pre-configured with phishing domains to allow less skilled threat actors to achieve maximum results with the least effort. Since August, analysts at security awareness company KnowBe4 have noticed Quantum Route Redirect (QRR) attacks in the wild across […]
CISA ordered U.S. federal agencies today to patch a critical Samsung vulnerability that has been exploited in zero-day attacks to deploy LandFall spyware on devices running WhatsApp. Tracked as CVE-2025-21042, this out-of-bounds write security flaw was discovered in Samsung’s libimagecodec.quram.so library, allowing remote attackers to gain code execution on devices running Android 13 and later. While Samsung patched it in […]
A Russian national will plead guilty to acting as an initial access broker (IAB) for Yanluowang ransomware attacks that targeted at least eight U.S. companies between July 2021 and November 2022. According to a plea agreement signed by the defendant on October 29, first spotted by Court Watch editor Seamus Hughes, Aleksey Olegovich Volkov (who used the “chubaka.kor” and “nets” aliases) […]
A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be exploited to execute code remotely through maliciously crafted input. The security issue was discovered by security researcher Jangwoo Choe and is tracked as CVE-2025-12735. According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the severity rating is critical, with a […]
The Windows Start menu is getting its first major redesign since 2021 and will be rolled out to everyone with the November 11 Patch Tuesday update. The Start menu is now scrollable, so you can move through your apps in one place. This means the “All” section sits on the main screen, and you do not need […]
