The Aisuru botnet has set a new benchmark for distributed denial-of-service (DDoS) attacks, delivering peak traffic of 29.7 Tbps in a single campaign, according to a recent Cloudflare report. Over just three months, Aisuru was linked to more than 1,300 DDoS attacks, confirming its status as one of the most powerful known IoT botnets currently … Read more
Google has released the December 2025 Android security update, addressing 107 vulnerabilities of varying severity across the mobile ecosystem. Two flaws, CVE-2025-48633 and CVE-2025-48572, stand out as zero‑day vulnerabilities already exploited in real‑world targeted attacks, making this update critical for both consumers and enterprises. Overview of the December 2025 Android Security Update The December bulletin, … Read more
India’s Ministry of Communications has ordered all smartphone manufacturers to preinstall the government’s Sanchar Saathi app on devices sold in the country, marking one of the most far‑reaching attempts to hard‑wire a state cybersecurity tool into the consumer mobile ecosystem. Vendors have 90 days to comply, and the requirement applies not only to new devices, … Read more
Analysts from Solar 4RAYS have documented a previously unknown backdoor, dubbed IDFKA, used in targeted cyber‑espionage campaigns against Russian telecommunications companies. The Rust-based malware remained undetected in the infrastructure of an IT contractor and its telecom customers for at least ten months, highlighting the growing sophistication of attacks on critical communications infrastructure. Discovery of IDFKA: … Read more
In mid‑2025, the security community learned that Microsoft had quietly changed how Windows handles LNK shortcut files, effectively cutting off one of the most actively abused attack vectors in the ecosystem: CVE-2025-9491. By that time, at least 11 threat groups — from North Korean state‑linked APTs to cybercrime gangs such as Evil Corp — had … Read more
The October security update for Windows 11, identified as KB5066835, has led to unexpected performance degradation in games on some systems with Nvidia GeForce graphics cards. Nvidia has officially acknowledged the issue on Windows 11 builds 24H2 and 25H2 and has released a dedicated beta driver, GeForce Hotfix Display Driver version 581.94, as a temporary … Read more
The self-propagating worm Shai-Hulud has re-emerged in the npm ecosystem, rapidly escalating into one of the most significant software supply chain attacks to date. According to analysis by Wiz, within less than three days the campaign compromised tens of thousands of developers and their CI/CD infrastructures. Scale of the Shai-Hulud 2.0 npm Supply Chain Campaign … Read more
The International Association for Cryptologic Research (IACR) has annulled the results of its annual elections after losing a critical component of the cryptographic key required to decrypt the final tally in the Helios electronic voting system. The incident highlights how even world‑class cryptographers can be undermined by weaknesses in cryptographic key management and operational procedures. … Read more
Solid-state drives (SSDs) have become the default choice for laptops and workstations thanks to their high performance, low latency, and energy efficiency. However, when the task shifts from day‑to‑day operations to long-term archival data storage, SSDs have fundamental limitations that are often underestimated and can lead to irreversible data loss. How SSDs and HDDs Differ … Read more
An Australian court has sentenced a 44‑year‑old man to seven years and four months in prison for operating fake airport and in‑flight Wi‑Fi networks to steal passengers’ credentials and intimate data. The case highlights how Evil Twin Wi‑Fi attacks remain one of the most dangerous threats to travelers using public wireless networks. Large‑Scale Airport Wi‑Fi … Read more
