Cybersecurity

The Council of the European Union has sanctioned three individuals for allegedly carrying out “malicious cyber activities” against Estonia.
The three Russian nationals – Nikolay Alexandrovich Korchagin, Vitaly Shevchenko, and Yuriy Fedorovich Denisov – are officers of the General Staff of the Armed Forces of the Russian Federation (GRU) Unit 29155, it said.
Per the council decision, all the

DeepSeek, the Chinese AI startup that has captured much of the artificial intelligence (AI) buzz in recent days, said it’s restricting registrations on the service, citing malicious attacks.
“Due to large-scale malicious attacks on DeepSeek’s services, we are temporarily limiting registrations to ensure continued service,” the company said in an incident report page. “Existing users can log in

Apple has released software updates to address several security flaws across its portfolio, including a zero-day vulnerability that it said has been exploited in the wild.
The vulnerability, tracked as CVE-2025-24085, has been described as a use-after-free bug in the Core Media component that could permit a malicious application already installed on a device to elevate privileges.
“Apple is

President Trump last week issued a flurry of executive orders that upended a number of government initiatives focused on improving the nation’s cybersecurity posture. The president fired all advisors from the Department of Homeland Security’s Cyber Safety Review Board, called for the creation of a strategic cryptocurrency reserve, and voided a Biden administration action that sought to reduce the risks that artificial intelligence poses to consumers, workers and national security.

Residents of Tbilisi, the capital city of Georgia, experienced an unexpected and unusual start to their Friday morning commute. As they boarded their public transport buses, they were greeted by a barrage of sound emanating from the vehicles’ speakers.

Read more in my article on the Hot for Security blog.

Multiple security vulnerabilities have been disclosed in GitHub Desktop as well as other Git-related projects that, if successfully exploited, could permit an attacker to gain unauthorized access to a user’s Git credentials.
“Git implements a protocol called Git Credential Protocol to retrieve credentials from the credential helper,” GMO Flatt Security researcher Ry0taK, who discovered the flaws

Welcome to your weekly cybersecurity scoop! Ever thought about how the same AI meant to protect our hospitals could also compromise them? This week, we’re breaking down the sophisticated world of AI-driven threats, key updates in regulations, and some urgent vulnerabilities in healthcare tech that need our attention.
As we unpack these complex topics, we’ll equip you with sharp insights to

The Open Web Application Security Project has recently introduced a new Top 10 project – the Non-Human Identity (NHI) Top 10. For years, OWASP has provided security professionals and developers with essential guidance and actionable frameworks through its Top 10 projects, including the widely used API and Web Application security lists. 
Non-human identity security represents an emerging

A previously unknown threat actor has been observed copying the tradecraft associated with the Kremlin-aligned Gamaredon hacking group in its cyber attacks targeting Russian-speaking entities.
The campaign has been attributed to a threat cluster dubbed GamaCopy, which is assessed to share overlaps with another hacking group named Core Werewolf, also tracked as Awaken Likho and PseudoGamaredon.

Threat hunters have detailed an ongoing campaign that leverages a malware loader called MintsLoader to distribute secondary payloads such as the StealC information stealer and a legitimate open-source network computing platform called BOINC.
“MintsLoader is a PowerShell based malware loader that has been seen delivered via spam emails with a link to Kongtuke/ClickFix pages or a JScript file,”