Security weaknesses uncovered in Eurostar’s AI-powered customer service chatbot illustrate how rapidly deploying generative AI without mature cybersecurity controls and incident response processes can create serious technical and reputational risk. Eurostar, High-Speed Rail and Digital Customer Experience Eurostar Group operates a network of high-speed trains connecting the United Kingdom with continental Europe via the Channel … Read more

The recent compromise of the Trust Wallet Chrome extension, which led to the theft of roughly $7 million in cryptocurrency, has become a textbook example of how dangerous a modern software supply chain attack can be for the crypto ecosystem. Technical details emerging from the investigation highlight weaknesses not only in application security, but also … Read more

At the end of December 2025, Rainbow Six Siege became the center of a serious cybersecurity incident. Unknown attackers reportedly gained control over several internal game systems, interfered with moderation workflows and disrupted the in‑game economy by distributing huge amounts of premium currency and cosmetic items. The incident forced Ubisoft to temporarily shut down game … Read more

Interpol has completed Operation Sentinel, a large-scale, coordinated cybercrime crackdown across Africa that resulted in 574 arrests, the recovery of around USD 3 million, and the disruption of extensive networks behind Business Email Compromise (BEC), online fraud and ransomware attacks. Key results of Operation Sentinel against cybercrime in Africa Conducted between 27 October and 27 … Read more

South Korea is introducing a mandatory biometric identity check for new SIM card registrations, requiring subscribers to verify their identity via facial recognition. The measure is designed to disrupt large‑scale voice phishing schemes and the use of stolen personal data, which have become a persistent cybersecurity and financial crime problem in the country. Biometric SIM … Read more

A national database powering Uzbekistan’s automatic license plate recognition (ALPR) system was left openly accessible on the internet, exposing millions of 4K photos and videos from road cameras together with precise GPS coordinates of each device. The incident underscores how rapidly deployed “smart” traffic systems can become high‑risk surveillance platforms when basic cybersecurity controls are … Read more

The Webrat trojan, previously distributed through game cheats for titles such as Rust, Counter‑Strike, and Roblox, as well as pirated software bundles, has adopted a new and more insidious delivery channel. Recent campaigns observed in autumn 2025 show Webrat being spread via malicious GitHub repositories that pose as working exploit code for newly disclosed vulnerabilities, … Read more

Google is preparing a long‑requested update to Gmail: users will reportedly be able to change their primary @gmail.com address without creating a new Google account. The change was spotted in updated Google support documentation, suggesting the feature is in early rollout and has important cybersecurity implications. What Is Changing in Gmail Account Management Until now, … Read more

Trust Wallet, one of the most widely used non-custodial crypto wallets, has reported a serious security incident involving its Chrome extension. A compromised version of the extension led to the theft of an estimated $7 million in digital assets, highlighting how vulnerable browser-based wallets can be to modern supply chain attacks. What Happened to the … Read more

A newly disclosed critical vulnerability in MongoDB Server (CVE-2025-14847) allows attackers to execute arbitrary code remotely on affected databases. The flaw is especially dangerous because no authentication or user interaction is required, making internet‑exposed MongoDB instances high‑value targets for automated mass exploitation. What the MongoDB CVE-2025-14847 Vulnerability Involves According to MongoDB’s security advisory, CVE-2025-14847 stems … Read more