This is an automated aggregator of newsworthy articles collected from multiple web sites, summarised by AI. Last updated: .
⚠️

This is an archived news list from the past. Click here to view the latest news.

Tech News

  1. Cybersecurity / Critical Infrastructure:

    • Microsoft patches 56 vulnerabilities in December 2025 Patch Tuesday, including a zero-day flaw (CVE-2025-62221) affecting Windows Cloud Files Mini Filter Driver, which could allow privilege escalation. 👉 msrc.microsoft.com$
    • WatchGuard warns of active exploitation of a critical Fireware OS VPN vulnerability (CVE-2025-14733) affecting over 115,000 devices, allowing remote code execution. 👉 watchguard.com
    • A new UEFI flaw (CVE-2025-59374) enables pre-boot DMA attacks on motherboards from ASUS, Gigabyte, MSI, and ASRock, bypassing early-boot memory protections. 👉 blogs.infoblox.com
    • Over 25,000 Fortinet FortiCloud SSO devices are exposed to remote attacks due to an unpatched authentication bypass vulnerability. 👉 shadowserver.org

  2. Malware / Ransomware:

    • RansomHouse ransomware upgrades encryption with a multi-layered data processing technique, making decryption more difficult. 👉 cyderes.com
    • A malicious npm package, "lotusbail," steals WhatsApp credentials, messages, and contacts by posing as a legitimate WhatsApp API library. 👉 koisecurity.com
    • Android malware operations merge droppers, SMS theft, and RAT capabilities, targeting users in Uzbekistan. 👉 group-ib.com
    • Iranian Infy APT resurfaces after years of silence, targeting victims in Sweden, the Netherlands, and Turkey. 👉 safe-breach.com

  3. Data Breaches / Privacy:

    • University of Phoenix data breach impacts nearly 3.5 million individuals after a Clop ransomware attack in August 2025. 👉 phoenix.edu
    • Coupang breach affects 33.7 million users, raising concerns about data protection and insider credential abuse risks. 👉 pentasecurity.com
    • Nissan confirms thousands of customers exposed in a Red Hat breach from September 2025. 👉 nissan-global.com
    • A fake WhatsApp API package on npm steals messages, contacts, and login tokens from over 56,000 users since May 2025. 👉 koisecurity.com

  4. Geopolitics / Cyber Espionage:

    • Russian hackers use Microsoft 365 device code phishing to steal credentials and conduct account takeover attacks. 👉 proofpoint.com
    • China-aligned LongNosedGoblin threat group uses Windows Group Policy to deploy espionage malware in Southeast Asia and Japan. 👉 welivesecurity.com
    • Nigerian authorities arrest a developer behind the RaccoonO365 phishing platform, linked to Microsoft 365 attacks. 👉 npf.gov.ng

  5. Financial Crime / Fraud:

    • U.S. DOJ charges 54 individuals in a multi-million-dollar ATM jackpotting scheme using Ploutus malware, linked to the Tren de Aragua (TdA) Venezuelan gang. 👉 justice.gov
    • A malicious npm package steals WhatsApp accounts and messages, posing as a legitimate API library. 👉 koisecurity.com

  6. AI / Cybersecurity:

    • OpenAI details efforts to secure its ChatGPT Atlas browser against prompt injection attacks, admitting they may always be vulnerable. 👉 openai.com
    • Google Gemini 3 Pro is launched, offering advanced AI capabilities for users. 👉 blog.google
    • Chinese AI startup Z.ai releases GLM-4.7, an open-weight model with significant improvements in coding performance. 👉 z.ai
    • AI-powered browser extensions like GhostPoster malware are found in 17 Firefox add-ons with over 50,000 downloads. 👉 cybernews.com

  7. Regulatory / Legal:

    • Italy's Competition Authority fines Apple €98.6 million for alleged abuse of its dominant position with App Tracking Transparency rules. 👉 en.agcm.it
    • Nigerian police arrest three individuals linked to Microsoft 365 phishing attacks using the RaccoonO365 platform. 👉 npf.gov.ng

  8. Technology / Hardware:

    • Samsung integrates Google Gemini AI into a new refrigerator that uses a built-in camera system to recognize food items and track inventory. 👉 samsung.com
    • A new UEFI flaw enables early-boot DMA attacks on motherboards from ASUS, Gigabyte, MSI, and ASRock. 👉 blogs.infoblox.com
    • HPE resolves a critical flaw in OneView Software (CVE-2025-37164) allowing unauthenticated remote code execution. 👉 support.hpe.com

  9. Automotive / Transportation:

    • Uber and Lyft partner with Baidu to trial driverless taxis in the UK in 2026, using Baidu's Apollo Go RT6 robotaxis. 👉 bloomberg.com$
    • Waymo resumes service in San Francisco after robotaxis stalled during a blackout, causing traffic disruptions. 👉 techcrunch.com

  10. Entertainment / Media:

    • Coinbase agrees to acquire The Clearing Company, a prediction markets startup, to expand its platform. 👉 coinbase.com
    • FanDuel and CME Group launch a prediction market app in five US states, following DraftKings' similar product. 👉 bloomberg.com$
    • OpenAI rolls out "Your Year with ChatGPT," a Spotify Wrapped-like feature for users. 👉 techcrunch.com

  11. Social Media / Messaging:

    • A malicious npm package steals WhatsApp credentials and messages by posing as a legitimate API library. 👉 koisecurity.com
    • Instagram's Adam Mosseri hints at potential longform video features and algorithm adjustments to compete with TikTok. 👉 semafor.com

  12. Economy / Business:

    • Larry Ellison personally guarantees $40.4 billion for Paramount's bid for Warner Bros. Discovery, addressing financing concerns. 👉 reuters.com
    • Alphabet agrees to acquire Intersect Power for $4.75 billion to expand its AI data center footprint. 👉 bloomberg.com$
    • Instacart ends all item price tests after backlash, ensuring consistent pricing for customers. 👉 wsj.com$

  13. Healthcare / Education:

    • Romanian water authority hit by a ransomware attack over the weekend. 👉 bleepingcomputer.com
    • University of Phoenix data breach impacts nearly 3.5 million individuals due to a Clop ransomware attack. 👉 phoenix.edu

  14. Privacy / Surveillance:

    • A new study reveals that over 90% of parked domains redirect users to malicious content, including scams and malware. 👉 blogs.infoblox.com
    • Beverly Hills High School deploys AI-powered surveillance, including facial recognition and bathroom listening devices, raising privacy concerns. 👉 forbes.com$

  15. Gaming / Entertainment:

    • Vince Zampella, co-creator of Call of Duty and co-founder of Respawn Entertainment, dies at 55 in a single-car crash. 👉 nbclosangeles.com
    • Activision Blizzard faces a $300 million lawsuit over alleged labor law violations. 👉 bloomberg.com$

  16. AI / Technology:

    • OpenAI details efforts to secure its ChatGPT Atlas browser against prompt injection attacks, acknowledging persistent vulnerabilities. 👉 openai.com
    • Visa announces plans to enable AI-initiated transactions, expecting AI agents to handle purchases at scale by 2026. 👉 nerds.xyz

  17. Legal / Law Enforcement:

    • Nigerian authorities arrest three individuals linked to Microsoft 365 phishing attacks using RaccoonO365. 👉 npf.gov.ng
    • A Ukrainian hacker pleads guilty to conducting Nefilim ransomware attacks targeting businesses across the US and other countries. 👉 bleepingcomputer.com

  18. Cryptocurrency / Blockchain:

    • North Korea-linked hackers steal $2.02 billion in 2025, leading global crypto theft. 👉 chainalysis.com
    • Coinbase acquires prediction markets startup The Clearing Company to expand its platform. 👉 coinbase.com

  19. Regulation / Compliance:

    • CISA flags an ASUS Live Update vulnerability (CVE-2025-59374), but the attack is years old and tied to an end-of-life product. 👉 cisa.gov
    • Microsoft confirms Teams is down with delayed messages, affecting thousands of users. 👉 status.microsoft.com$

  20. Environment / Sustainability:

    • A new green browser, Wave Browser, aims to reduce the environmental impact of internet usage. 👉 thehackernews.com
    • Alphabet agrees to acquire Intersect Power for $4.75 billion to advance clean energy for AI data centers. 👉 bloomberg.com$