Recently, a malicious NPM package called Lotusbail, masquerading as a WhatsApp Web API library, secretly intercepted authentication tokens, messages, contacts, and media from developers' applications and exfiltrated the data after encrypting it to evade detection. The supply chain attack also hijacked WhatsApp's device pairing process to give attackers persistent backdoor access to accounts, which remains even after uninstalling the package unless all linked devices are manually removed.

 Flashpoint has published a new blog post on how Primary Source Collection (PSC) enables intelligence teams to surface emerging fraud and threat activity before it reaches scale. The article explores: How Threats Actually Evolve Why Static Collection Falls Short A Different Model: Primary Source Collection Making Intelligence Taskable How Taskable Collection Works in Practice Why does this matter? Threat and fraud operations are moving faster than ever.

Forcepoint has a report that is literally hot off the press that covers something that I have personally experienced today. With holiday financial stress peaking, Forcepoint has uncovered a sophisticated two-pronged scam campaign. Scammers are now pairing Docusign-themed phishing to hijack corporate credentials with convincing loan offer spam designed for identity theft. The first threat uses spoofed 'wine order' documents to lure employees into entering logins on fake pages.

Liquibase today announced that it's opened the Liquibase 2026 Database Change Survey for IT community participation. The survey is designed for practitioners, leaders, and contributors across the applications/database ecosystem, from database administrators and developers to platform, security, and compliance teams. This survey offers thee survey gives the readership community a voice and weigh-in opportunity on how database change governance is evolving and where the sector should focus next.

The University of Phoenix has today begun notifying over 3.4 million individuals that their data was stolen in a hack by the notorious ransomware gang known as Cl0p. Yeah. That Cl0p. Clearly they've been busy this year by being naughty and not nice. Rebecca Moody, Head of Data Research at Comparitech had this to say: "According to our data, this is the fourth-largest ransomware attack in the world this year (based on records affected).

The Gift Card Fraud Prevention Alliance (GCFPA) today announced 14 state attorneys general (AGs) from across the United States have come together to launch a nationwide public service announcement (PSA) aimed at educating consumers about the threat of gift card fraud. This collaborative effort comes as millions of Americans prepare to redeem gift cards received during the holiday season—a prime opportunity for scammers to target unsuspecting individuals.

NordProtect is substantially improving its monitoring functionality to better inform and protect its users from financial losses by adding three‑bureau credit monitoring, as well as short‑term loan and financial account monitoring. Additionally, users will be able to lock and unlock their TransUnion credit file instantly. NordProtect's credit monitoring service now includes all three major credit bureaus. The service monitors a user's credit file and alerts in case of suspicious activity – such as new accounts opened in the user's name, changes to the credit score, or hard inquiries by a lender or company.

The 2026 predictions keep coming. Today I have 2026 predictions from Jimmy Tam, CEO of Peer Software. Agentic AI Will Converge with Distributed File Services to Enable a New Class of Distributed Digital Teams 2026 will mark the beginning of a major architectural shift: agentic AI systems will merge with distributed file services to create AI digital teams that can autonomously capture data, act on it, and push results across multiple locations and platforms.

You might recall that the UK government served up a £1.2 million fine to LastPass because they got pwned. That fine hasn't gone over well with LastPass. And I say that because I actually got a statement sent to my inbox about that: “We have been cooperating with the UK ICO since we first reported this incident to them back in 2022.

Recast today announced the latest Right Click Tools advancements. Features include new tools for administering Intune and Entra environments as organizations continue to blend the capabilities of ConfigMgr and Intune. Right Click Tools enables IT teams to manage endpoints more efficiently, reduce operational costs, and ensure consistent security and performance. The Right Click Tools product line extends endpoint management with add-ons for 

Foxit has announced the release of Foxit PDF Editor v2025.3.   This latest version strengthens Foxit's commitment to delivering secure, compliant and intelligent document workflows. Enhanced Compliance With Collaboration Foxit PDF Editor v2025.3 introduces important updates that enhance secure collaboration and responsible data protection. These improvements offer greater transparency and control during shared document workflows and help organizations uphold governance standards. …

The growing number of connected devices and increasing vulnerabilities, including the latest one that has been exploited by North Korean and Chinese hackers, raises concerns among cybersecurity experts. They warn that such attacks will increase, and have severe consequences: from stolen data to private videos leaked on the internet. ​At the beginning of December, a cybersecurity vulnerability dubbed React2Shell that can affect millions of connected home devices worldwide was publicly disclosed.

Quorum Cyber has ranked in 30th place this year in the 2025 MSSP Alert Top 250 - MSSP Alert's annual list and research tracking the world’s top managed security services providers (MSSPs). The company has jumped 20 places from its ranking of 50th in 2024, and since 2022 has risen by almost 120 positions. The rating is a measure of the company’s range of managed cybersecurity services and the types of cyber incident it has handled in the past 12 months, along with its revenue and headcount figures.

With the holidays just around the corner, here's  a last-minute Samsung gift idea that's currently available:   Galaxy S25 FE  From $919.99 (128GB) — Save $170 with code GETS25FE –   Featuring a large 6.7-inch display, the Galaxy S25 FE delivers a premium viewing experience for streaming, scrolling, and everyday multitasking. Designed for photography lovers and social sharers, it brings flagship-grade AI tools like Photo Assist and Live Translate to a more accessible device, wrapped in a premium design that fits any lifestyle.

Ericsson AIR 3255 Massive MIMO antenna-integrated radios are operating live in Japanese communications service provider (CSP) NTT DOCOMO, INC's.("DOCOMO") 5G network. Covering the 4.5 GHz band, the new radios will help to meet current and future 5G network traffic needs in areas with high traffic congestion and demand. Live AIR 3255 network operations began in December 2025 to help DOCOMO deliver the high‑quality network experience its customers expect.

ESET Research has discovered a new China-aligned APT group, LongNosedGoblin, that abuses Group Policy – a mechanism for managing settings and permissions on Windows machines, typically used with Active Directory – to deploy malware and move laterally across the compromised network. It is used to deploy cyberespionage tools across networks of governmental institutions in Southeast Asia and Japan. In 2024, ESET researchers noticed previously undocumented malware in the network of a Southeast Asian governmental entity.

 Google is shutting down its Dark Web Monitoring tool in February 2026 (less than 2 years after its launch). Google is sending out emails to anyone who signed up for a dark web monitoring profile, explaining that the service is shutting down. The company will stop monitoring for new results on January 15, 2026, and data will no longer be available from February 16, 2026.

Centreon, a leader in observability for digital performance, today announced its endorsement of the United Nations Open Source Principles, joining a growing community of organizations committed to responsible, collaborative, and scalable open-source development. This endorsement reflects a natural continuation of Centreon’s 20-year open-source journey and aligns with the company’s own Open Source Manifesto.  The UN Open Source Principles provide guidelines to promote collaboration and the adoption of open-source technologies within the UN and globally.

With the holidays right around the corner, and cybercriminals' activity increasing during business downtime, it is more important than ever for organizations and individuals both to take practical steps to protect themselves from potential cyber-attacks. Noé Mantel, Cybersecurity Specialist at Outpost24, has shared the following tips for how to do just that: Tip #1: Check the reliability of your backups…

Telehouse Canada has announced a strategic partnership with Megaport, a global leader in Network as a Service (NaaS). The partnership will bring advanced cloud connectivity options to Telehouse Canada data centres, enabling Telehouse Canada’s customers to access Megaport’s extensive global network ecosystem of more than 280 cloud on-ramps and over 300 service providers, delivering flexible, scalable connectivity to leading cloud platforms and global IT services.

Hypori today announced the launch of the Hypori Partner Program, enabling resellers, managed service providers (MSPs), system integrators (SIs), and technology partners to unlock new revenue opportunities by delivering secure mobile access — without data ever touching the device. The program formalizes Hypori’s rapidly increasing partner momentum across commercial and public sector markets, following successful collaborations with Carahsoft, Amazon Web Services (AWS), Zscaler, and Summit 7.

Comparitech has reported that The Richmond Behavioral Health Authority in Virginia has notified 113,232 people of a September 2025 data breach, according to the US Department of Health and Human Services. Rebecca Moody, Head of Data Research at Comparitech, commented:  "While ransomware attacks have increased by 27 percent this year (rising from 2,865 in 2024 to 3,637 in 2025 to date), US healthcare providers haven't seen the same influx.

Researchers at Outpost24 have published a new analysis on the recent 700Credit breach. This analysis dives into the origin of this breach and the database's appearance on the darkweb.  I covered this news previously here. Here's the link to the analysis:

It is being reported that a ransomware gang is exploiting the critical React2Shell vulnerability (CVE-2025-55182) to gain initial access to corporate networks and deploy the file-encrypting malware less than a minute later. Outpost24 researchers just recently published an in-depth look at the React2Shell vulnerability, diving into what exactly the vulnerability is, how the exploit works, its exploitation characteristics, as well as practical detection, remediation tips, and risk management implications.

This holiday season, while shoppers search for the perfect gifts and best deals, they're also navigating countless requests for their personal information. An email address for the receipt? A phone number for delivery updates? According to the latest TELUS Data Trust Survey, Canadian and American shoppers are increasingly pausing to consider their privacy: What am I getting in return? What are you doing with my data?