‘Most Severe AI Vulnerability to Date’ Hits ServiceNow post, januari 13, 2026januari 14, 2026 Authentication issues in ServiceNow potentially opened the door for arbitrary attackers to gain full control over the entire platform and access to the various systems connected to it. ServiceNow is a Fortune 500 company that, according to its promotional materials, acts as an IT services management platform for 85% of the… Continue Reading
European Space Agency Confirms Cybersecurity Breach As Hackers Claim Theft of 200GB of Data post, januari 5, 2026 The European Space Agency (ESA) has confirmed it is responding to a cybersecurity incident involving several externally hosted science servers, following claims by hackers that they exfiltrated up to 200 gigabytes of internal data. While ESA says no classified or mission-critical systems were affected, cybersecurity experts warn the incident highlights… Continue Reading
Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor post, december 30, 2025januari 5, 2026 The Chinese hacking group known as Mustang Panda (aka HoneyMyte) has leveraged a previously undocumented kernel-mode rootkit driver to deliver a new variant of backdoor dubbed TONESHELL in a cyber attack detected in mid-2025 targeting an unspecified entity in Asia. The findings come from Kaspersky, which observed the new backdoor variant in… Continue Reading
Cyberaanval treft Franse banken en post in hectische kerstperiode post, december 22, 2025januari 5, 2026 De online diensten van het Franse postbedrijf La Poste zijn maandagochtend getroffen door een cyberaanval. Ook banken in het land werden het doelwit. Daarmee zouden in totaal miljoenen Fransen zijn getroffen door de aanval. La Poste bevestigt de ddos-aanval in een verklaring. Er zijn geen gevolgen voor de klantgegevens, benadrukt… Continue Reading
Frankrijk onderzoekt vermoedelijke poging tot ‘cyberkaping’ veerboot post, december 17, 2025december 18, 2025 De Franse autoriteiten onderzoeken een vermoedelijke poging om op afstand de besturing van een veerboot over te nemen. Op een passagiersschip van de Italiaanse rederij GNV is malware, ongewenste software, aangetroffen. Het schip lag op dat moment afgemeerd in Sète, een havenstad in het zuiden van Frankrijk. De rederij zegt… Continue Reading
Amazon Exposes Years-Long GRU Cyber Campaign Targeting Energy and Cloud Infrastructure post, december 16, 2025december 17, 2025 Amazon’s threat intelligence team has disclosed details of a “years-long” Russian state-sponsored campaign that targeted Western critical infrastructure between 2021 and 2025. Targets of the campaign included energy sector organizations across Western nations, critical infrastructure providers in North America and Europe, and entities with cloud-hosted network infrastructure. The activity has been attributed… Continue Reading
Droomhuis in hartje Amsterdam massaal gedeeld op TikTok, maar advertentie blijkt valstrik: ’Dit is dubbele oplichting’ post, december 10, 2025december 11, 2025 Op TikTok worden woningzoekers massaal misleid. Voor een spotgoedkoop appartement in hartje Amsterdam betaal je 100 euro aan ’bezichtigingskosten’. Maar er zit nog een addertje onder het gras: oplichters vragen een waslijst aan persoonlijke documenten, die later misbruikt kunnen worden voor identiteitsfraude. „Dit is dubbele oplichting.” Continue Reading
New Spiderman phishing service targets dozens of European banks post, december 10, 2025december 11, 2025 A new phishing kit called Spiderman is targeting customers of numerous European banks and cryptocurrency services using pixel-perfect replicas of legitimate sites. The platform allows cybercriminals to launch phishing campaigns that can capture login credentials, two-factor authentication (2FA) codes, and credit card data. The Spiderman phishing kit, analyzed by researchers at… Continue Reading
Microsoft Silently Patches Windows LNK Flaw After Years of Active Exploitation post, december 3, 2025december 5, 2025 Microsoft has silently plugged a security flaw that has been exploited by several threat actors since 2017 as part of the company’s November 2025 Patch Tuesday updates, according to ACROS Security’s 0patch. The vulnerability in question is CVE-2025-9491 (CVSS score: 7.8/7.0), which has been described as a Windows Shortcut (LNK) file UI misinterpretation vulnerability… Continue Reading
Multiple London councils’ IT systems disrupted by cyberattack post, november 26, 2025december 1, 2025 The Royal Borough of Kensington and Chelsea (RBKC) and the Westminster City Council (WCC) announced that they are experiencing service disruptions following a cybersecurity issue. Multiple systems have been impacted by the attack, including phone lines, which prompted the two councils to activate emergency plans to make sure that residents still receive… Continue Reading