Security
Stay informed with the latest developments in cybersecurity through our Security category. Discover in-depth news, analysis, and updates on emerging cyber threats, malware incidents, and major data breaches. Whether you’re a cybersecurity professional or just keen on protecting your digital footprint, find insights and trends that are shaping the future of online security here.
Retail giant Coupang data breach impacts 33.7 million customers
South Korea’s largest retailer, Coupang, has suffered a data breach that exposed the personal information of 33.7 million customers. The firm has warned on its Korean-language site that the incident occurred on June 24, 2025, but it only discovered it and began the investigation on November 18, 2025. “On November 18, 2025, Coupang became aware of unauthorized access […]
ShadyPanda browser extensions amass 4.3M installs in malicious campaign
A long-running malware operation known as “ShadyPanda” has amassed over 4.3 million installations of seemingly legitimate Chrome and Edge browser extensions that evolved into malware. The operation, discovered by Koi Security, unfolded in distinct phases that gradually introduced additional malicious functionality, turning the browser extension from a legitimate tool into spyware. The ShadyPanda campaign consists […]
Police takes down Cryptomixer cryptocurrency mixing service
Law enforcement officers from Switzerland and Germany have taken down the Cryptomixer cryptocurrency-mixing service, believed to have helped cybercriminals launder stolen funds. The joint action was part of “Operation Olympia,” and it took place between November 24 and November 28 in Zurich, Switzerland. Authorities, supported by Europol and Eurojust, seized three servers and the clear web […]
Japanese beer giant Asahi says data breach hit 1.5 million people
Asahi Group Holdings, Japan’s largest beer producer, has finished the investigation into the September cyberattack and found that the incident has impacted up to 1.9 million individuals. The type of data compromised in the attack includes full names, genders, physical addresses, phone numbers, and email addresses, and could be used in phishing attempts. The incident was first disclosed […]
Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison
A 44-year-old man was sentenced to seven years and four months in prison for operating an “evil twin” WiFi network to steal the data of unsuspecting travelers during flights and at various airports across Australia. The man, an Australian national, was charged in July 2024 after Australian authorities had confiscated his equipment in April and confirmed that he […]
Public GitLab repositories exposed more than 17,000 secrets
After scanning all 5.6 million public repositories on GitLab Cloud, a security engineer discovered more than 17,000 exposed secrets across over 2,800 unique domains. Luke Marshall used the TruffleHog open-source tool to check the code in the repositories for sensitive credentials like API keys, passwords, and tokens. The researcher previously scanned Bitbucket, where he found 6,212 secrets spread over 2.6 million repositories. […]
French Football Federation discloses data breach after cyberattack
The French Football Federation (FFF) disclosed a data breach on Friday after attackers used a compromised account to gain access to administrative management software used by football clubs. After detecting the unauthorized access, FFF’s security team disabled the compromised account and reset all user passwords across the system. However, before they were detected and evicted from […]
Malicious LLMs empower inexperienced hackers with advanced tools
Unrestricted large language models (LLMs) like WormGPT 4 and KawaiiGPT are improving their capabilities to generate malicious code, delivering functional scripts for ransomware encryptors and lateral movement. Researchers at Palo Alto Networks Unit42 experimented with the two LLMs that are seeing increased adoption among cybercriminals through paid subscriptions or free local instances. The WormGPT model originally emerged […]
GreyNoise launches free scanner to check if you’re part of a botnet
GreyNoise Labs has launched a free tool called GreyNoise IP Check that lets users check if their IP address has been observed in malicious scanning operations, like botnet and residential proxy networks. The threat monitoring firm that tracks internet-wide activity via a global sensor network says this problem has grown significantly over the past year, with many […]
OpenAI discloses API customer data breach via Mixpanel vendor hack
OpenAI is notifying some ChatGPT API customers that limited identifying information was exposed following a breach at its third-party analytics provider Mixpanel. Mixpanel offers event analytics that OpenAI uses to track user interactions on the frontend interface for the API product. According to the AI company, the cyber incident affected “limited analytics data related to […]