Torrance, United States / California, 19th December 2025, CyberNewsWire

Pillar Security has identified a critical indirect prompt injection vulnerability in Docker’s ‘Ask Gordon’ assistant. By poisoning metadata on Docker Hub, attackers could bypass security to exfiltrate private build logs and chat history. Discover how the "lethal trifecta" enabled this attack and why updating to Docker Desktop 4.50.0 is essential for developer security.

Crypto’s public image lagged reality. Stablecoins, tokenization, and regulation now power a blockchain backend settling global finance at institutional scale.

Cary, North Carolina, USA, 18th December 2025, CyberNewsWire

North Korea’s Lazarus Group deploys a new BeaverTail variant to steal credentials and crypto using fake job lures, dev tools, and smart contracts.

SafeBreach reports the resurgence of the Iranian APT group Prince of Persia (Infy). Discover how these state-sponsored hackers are now using Telegram bots and Thunder and Lightning malware to target victims globally across Europe, India, and Canada.

Cybersecurity planning continues to advance as organisations integrate new software, cloud platforms, and digital tools into nearly every…

The FBI and international police have shut down E-Note, a cryptocurrency exchange that laundered over $70 million for cybercriminals. Read about the indictment of a Russian and how the global task force ended his decade-long operation.

France confirms a cyberattack on its Interior Ministry as a 22-year-old is arrested. Hacker claims access to police, tax, and criminal record systems.

Many crypto investors remain sceptical about using AI in their trading. They are aware that the technology exists,…

ReversingLabs discovers 14 malicious NuGet packages, including Netherеum.All, using homoglyphs and fake downloads to steal crypto wallets and Google Ads data.

Looking for the best AI video enhancer in 2025? Explore top AI tools to upscale videos, restore clarity, reduce noise, and achieve stunning 4K quality in just a few clicks.

Researchers at Point Wild have discovered a new ClickFix attack campaign that tricks users into manually installing DarkGate malware via fake browser extension alerts. Learn how this attack bypasses security by using the Windows Run box and how you can stay safe.

Cybercriminal group ShinyHunters targets former Pornhub Premium users in a massive 94GB data extortion campaign. Learn about the stolen data details, the involvement of a smishing attack, and the conflicting reports on the breach.

SoundCloud confirms a breach affecting an estimated 20% of users, resulting in stolen email addresses. The company is dealing with follow-up DoS attacks by unnamed attackers while media reports allege involvement of ShinyHunters.

Amazon Threat Intelligence reports Russian GRU hackers are increasingly breaking into critical infrastructure by abusing misconfigured devices instead of exploiting software vulnerabilities.

A critical vulnerability (CVE-2025-34352) found by XM Cyber in the JumpCloud Remote Assist for Windows agent allows local users to gain full SYSTEM privileges. Businesses must update to version 0.317.0 or later immediately to patch the high-severity flaw.

💾

💾

Frankfurt am Main, Germany, 16th December 2025, CyberNewsWire

US auto loan service 700Credit confirms a data breach exposed names, addresses, and Social Security numbers of dealership customers. Free credit monitoring is offered.

A GitHub repository posing as a vulnerability scanner for CVE-2025-55182, also referred to as “React2Shell,” was exposed as…