A big finish to 2025 in December’s Patch Tuesday
A month with no Critical-severity Windows bugs is overshadowed by a mass of Mariner mop-up
Similar Posts
Cartier Data Breach: Luxury Retailer Warns Customers that Personal Data Was Exposed
Bys sAnother luxury brand has been hacked. This time it’s Cartier. And before your brain starts racing back to the recent disclosures of breaches involving Dior and Tiffany no, Cartier is not another luxury LVMH brands. Cartier is owned by Richemont. SecurityWeek reports: According to a notification sent to affected clients obtained by SecurityWeek, the compromised data…
Scattered Spider Behind Cyberattacks on M&S and Co-op, Causing Up to $592M in Damages
Bys sThe April 2025 cyber attacks targeting U.K. retailers Marks & Spencer and Co-op have been classified as a “single combined cyber event.” That’s according to an assessment from the Cyber Monitoring Centre (CMC), a U.K.-based independent, non-profit body set up by the insurance industry to categorize major cyber events. “Given that one threat actor claimed…
FedRAMP at Startup Speed: Lessons Learned
Bys sFor organizations eyeing the federal market, FedRAMP can feel like a gated fortress. With strict compliance requirements and a notoriously long runway, many companies assume the path to authorization is reserved for the well-resourced enterprise. But that’s changing. In this post, we break down how fast-moving startups can realistically achieve FedRAMP Moderate authorization without derailing
Armenia probes alleged sale of 8 million government records on hacker forum
Bys sDaryna Antoniuk reports: Hackers are offering for sale what they claim is a large trove of Armenian government-related data, prompting officials in Yerevan to open an investigation into a potential breach. The alleged seller, using the alias dk0m, said it gained access to a government notification system used to distribute official communications, including legal and administrative notices…….
Android Malware Operations Merge Droppers, SMS Theft, and RAT Capabilities at Scale
Bys sThreat actors have been observed leveraging malicious dropper apps masquerading as legitimate applications to deliver an Android SMS stealer dubbed Wonderland in mobile attacks targeting users in Uzbekistan. “Previously, users received ‘pure’ Trojan APKs that acted as malware immediately upon installation,” Group-IB said in an analysis published last week. “Now, adversaries increasingly deploy
Meta Disrupts Influence Ops Targeting Romania, Azerbaijan, and Taiwan with Fake Personas
Bys sMeta on Thursday revealed that it disrupted three covert influence operations originating from Iran, China, and Romania during the first quarter of 2025. “We detected and removed these campaigns before they were able to build authentic audiences on our apps,” the social media giant said in its quarterly Adversarial Threat Report. This included a network…