This is an automated aggregator of newsworthy articles collected from multiple web sites, summarised by AI. Last updated: .

⚠️

This is an archived news list from the past. Click here to view the latest news.

Tech News

Cybersecurity / Critical Infrastructure:
- Microsoft patches 56 vulnerabilities in December 2025 Patch Tuesday, including a zero-day flaw (CVE-2025-62221) affecting Windows Cloud Files Mini Filter Driver, which could allow privilege escalation. 👉 msrc.microsoft.com^$
- WatchGuard warns of active exploitation of a critical Fireware OS VPN vulnerability (CVE-2025-14733) affecting over 115,000 devices, allowing remote code execution. 👉 watchguard.com
- A new UEFI flaw (CVE-2025-59374) enables pre-boot DMA attacks on motherboards from ASUS, Gigabyte, MSI, and ASRock, bypassing early-boot memory protections. 👉 blogs.infoblox.com
- Over 25,000 Fortinet FortiCloud SSO devices are exposed to remote attacks due to an unpatched authentication bypass vulnerability. 👉 shadowserver.org
Malware / Ransomware:
- RansomHouse ransomware upgrades encryption with a multi-layered data processing technique, making decryption more difficult. 👉 cyderes.com
- A malicious npm package, "lotusbail," steals WhatsApp credentials, messages, and contacts by posing as a legitimate WhatsApp API library. 👉 koisecurity.com
- Android malware operations merge droppers, SMS theft, and RAT capabilities, targeting users in Uzbekistan. 👉 group-ib.com
- Iranian Infy APT resurfaces after years of silence, targeting victims in Sweden, the Netherlands, and Turkey. 👉 safe-breach.com
Data Breaches / Privacy:
- University of Phoenix data breach impacts nearly 3.5 million individuals after a Clop ransomware attack in August 2025. 👉 phoenix.edu
- Coupang breach affects 33.7 million users, raising concerns about data protection and insider credential abuse risks. 👉 pentasecurity.com
- Nissan confirms thousands of customers exposed in a Red Hat breach from September 2025. 👉 nissan-global.com
- A fake WhatsApp API package on npm steals messages, contacts, and login tokens from over 56,000 users since May 2025. 👉 koisecurity.com
Geopolitics / Cyber Espionage:
- Russian hackers use Microsoft 365 device code phishing to steal credentials and conduct account takeover attacks. 👉 proofpoint.com
- China-aligned LongNosedGoblin threat group uses Windows Group Policy to deploy espionage malware in Southeast Asia and Japan. 👉 welivesecurity.com
- Nigerian authorities arrest a developer behind the RaccoonO365 phishing platform, linked to Microsoft 365 attacks. 👉 npf.gov.ng
Financial Crime / Fraud:
- U.S. DOJ charges 54 individuals in a multi-million-dollar ATM jackpotting scheme using Ploutus malware, linked to the Tren de Aragua (TdA) Venezuelan gang. 👉 justice.gov
- A malicious npm package steals WhatsApp accounts and messages, posing as a legitimate API library. 👉 koisecurity.com
AI / Cybersecurity:
- OpenAI details efforts to secure its ChatGPT Atlas browser against prompt injection attacks, admitting they may always be vulnerable. 👉 openai.com
- Google Gemini 3 Pro is launched, offering advanced AI capabilities for users. 👉 blog.google
- Chinese AI startup Z.ai releases GLM-4.7, an open-weight model with significant improvements in coding performance. 👉 z.ai
- AI-powered browser extensions like GhostPoster malware are found in 17 Firefox add-ons with over 50,000 downloads. 👉 cybernews.com
Regulatory / Legal:
- Italy's Competition Authority fines Apple €98.6 million for alleged abuse of its dominant position with App Tracking Transparency rules. 👉 en.agcm.it
- Nigerian police arrest three individuals linked to Microsoft 365 phishing attacks using the RaccoonO365 platform. 👉 npf.gov.ng
Technology / Hardware:
- Samsung integrates Google Gemini AI into a new refrigerator that uses a built-in camera system to recognize food items and track inventory. 👉 samsung.com
- A new UEFI flaw enables early-boot DMA attacks on motherboards from ASUS, Gigabyte, MSI, and ASRock. 👉 blogs.infoblox.com
- HPE resolves a critical flaw in OneView Software (CVE-2025-37164) allowing unauthenticated remote code execution. 👉 support.hpe.com
Automotive / Transportation:
- Uber and Lyft partner with Baidu to trial driverless taxis in the UK in 2026, using Baidu's Apollo Go RT6 robotaxis. 👉 bloomberg.com^$
- Waymo resumes service in San Francisco after robotaxis stalled during a blackout, causing traffic disruptions. 👉 techcrunch.com
Entertainment / Media:
- Coinbase agrees to acquire The Clearing Company, a prediction markets startup, to expand its platform. 👉 coinbase.com
- FanDuel and CME Group launch a prediction market app in five US states, following DraftKings' similar product. 👉 bloomberg.com^$
- OpenAI rolls out "Your Year with ChatGPT," a Spotify Wrapped-like feature for users. 👉 techcrunch.com
Social Media / Messaging:
- A malicious npm package steals WhatsApp credentials and messages by posing as a legitimate API library. 👉 koisecurity.com
- Instagram's Adam Mosseri hints at potential longform video features and algorithm adjustments to compete with TikTok. 👉 semafor.com
Economy / Business:
- Larry Ellison personally guarantees $40.4 billion for Paramount's bid for Warner Bros. Discovery, addressing financing concerns. 👉 reuters.com
- Alphabet agrees to acquire Intersect Power for $4.75 billion to expand its AI data center footprint. 👉 bloomberg.com^$
- Instacart ends all item price tests after backlash, ensuring consistent pricing for customers. 👉 wsj.com^$
Healthcare / Education:
- Romanian water authority hit by a ransomware attack over the weekend. 👉 bleepingcomputer.com
- University of Phoenix data breach impacts nearly 3.5 million individuals due to a Clop ransomware attack. 👉 phoenix.edu
Privacy / Surveillance:
- A new study reveals that over 90% of parked domains redirect users to malicious content, including scams and malware. 👉 blogs.infoblox.com
- Beverly Hills High School deploys AI-powered surveillance, including facial recognition and bathroom listening devices, raising privacy concerns. 👉 forbes.com^$
Gaming / Entertainment:
- Vince Zampella, co-creator of Call of Duty and co-founder of Respawn Entertainment, dies at 55 in a single-car crash. 👉 nbclosangeles.com
- Activision Blizzard faces a $300 million lawsuit over alleged labor law violations. 👉 bloomberg.com^$
AI / Technology:
- OpenAI details efforts to secure its ChatGPT Atlas browser against prompt injection attacks, acknowledging persistent vulnerabilities. 👉 openai.com
- Visa announces plans to enable AI-initiated transactions, expecting AI agents to handle purchases at scale by 2026. 👉 nerds.xyz
Legal / Law Enforcement:
- Nigerian authorities arrest three individuals linked to Microsoft 365 phishing attacks using RaccoonO365. 👉 npf.gov.ng
- A Ukrainian hacker pleads guilty to conducting Nefilim ransomware attacks targeting businesses across the US and other countries. 👉 bleepingcomputer.com
Cryptocurrency / Blockchain:
- North Korea-linked hackers steal $2.02 billion in 2025, leading global crypto theft. 👉 chainalysis.com
- Coinbase acquires prediction markets startup The Clearing Company to expand its platform. 👉 coinbase.com
Regulation / Compliance:
- CISA flags an ASUS Live Update vulnerability (CVE-2025-59374), but the attack is years old and tied to an end-of-life product. 👉 cisa.gov
- Microsoft confirms Teams is down with delayed messages, affecting thousands of users. 👉 status.microsoft.com^$
Environment / Sustainability:
- A new green browser, Wave Browser, aims to reduce the environmental impact of internet usage. 👉 thehackernews.com
- Alphabet agrees to acquire Intersect Power for $4.75 billion to advance clean energy for AI data centers. 👉 bloomberg.com^$

Tech News

Cybersecurity / Critical Infrastructure:

Microsoft patches 56 vulnerabilities in December 2025 Patch Tuesday, including a zero-day flaw (CVE-2025-62221) affecting Windows Cloud Files Mini Filter Driver, which could allow privilege escalation. 👉 msrc.microsoft.com^$
WatchGuard warns of active exploitation of a critical Fireware OS VPN vulnerability (CVE-2025-14733) affecting over 115,000 devices, allowing remote code execution. 👉 watchguard.com
A new UEFI flaw (CVE-2025-59374) enables pre-boot DMA attacks on motherboards from ASUS, Gigabyte, MSI, and ASRock, bypassing early-boot memory protections. 👉 blogs.infoblox.com
Over 25,000 Fortinet FortiCloud SSO devices are exposed to remote attacks due to an unpatched authentication bypass vulnerability. 👉 shadowserver.org

Malware / Ransomware:

RansomHouse ransomware upgrades encryption with a multi-layered data processing technique, making decryption more difficult. 👉 cyderes.com
A malicious npm package, "lotusbail," steals WhatsApp credentials, messages, and contacts by posing as a legitimate WhatsApp API library. 👉 koisecurity.com
Android malware operations merge droppers, SMS theft, and RAT capabilities, targeting users in Uzbekistan. 👉 group-ib.com
Iranian Infy APT resurfaces after years of silence, targeting victims in Sweden, the Netherlands, and Turkey. 👉 safe-breach.com

Data Breaches / Privacy:

University of Phoenix data breach impacts nearly 3.5 million individuals after a Clop ransomware attack in August 2025. 👉 phoenix.edu
Coupang breach affects 33.7 million users, raising concerns about data protection and insider credential abuse risks. 👉 pentasecurity.com
Nissan confirms thousands of customers exposed in a Red Hat breach from September 2025. 👉 nissan-global.com
A fake WhatsApp API package on npm steals messages, contacts, and login tokens from over 56,000 users since May 2025. 👉 koisecurity.com

Geopolitics / Cyber Espionage:

Russian hackers use Microsoft 365 device code phishing to steal credentials and conduct account takeover attacks. 👉 proofpoint.com
China-aligned LongNosedGoblin threat group uses Windows Group Policy to deploy espionage malware in Southeast Asia and Japan. 👉 welivesecurity.com
Nigerian authorities arrest a developer behind the RaccoonO365 phishing platform, linked to Microsoft 365 attacks. 👉 npf.gov.ng

Financial Crime / Fraud:

U.S. DOJ charges 54 individuals in a multi-million-dollar ATM jackpotting scheme using Ploutus malware, linked to the Tren de Aragua (TdA) Venezuelan gang. 👉 justice.gov
A malicious npm package steals WhatsApp accounts and messages, posing as a legitimate API library. 👉 koisecurity.com

AI / Cybersecurity:

OpenAI details efforts to secure its ChatGPT Atlas browser against prompt injection attacks, admitting they may always be vulnerable. 👉 openai.com
Google Gemini 3 Pro is launched, offering advanced AI capabilities for users. 👉 blog.google
Chinese AI startup Z.ai releases GLM-4.7, an open-weight model with significant improvements in coding performance. 👉 z.ai
AI-powered browser extensions like GhostPoster malware are found in 17 Firefox add-ons with over 50,000 downloads. 👉 cybernews.com

Regulatory / Legal:

Italy's Competition Authority fines Apple €98.6 million for alleged abuse of its dominant position with App Tracking Transparency rules. 👉 en.agcm.it
Nigerian police arrest three individuals linked to Microsoft 365 phishing attacks using the RaccoonO365 platform. 👉 npf.gov.ng

Technology / Hardware:

Samsung integrates Google Gemini AI into a new refrigerator that uses a built-in camera system to recognize food items and track inventory. 👉 samsung.com
A new UEFI flaw enables early-boot DMA attacks on motherboards from ASUS, Gigabyte, MSI, and ASRock. 👉 blogs.infoblox.com
HPE resolves a critical flaw in OneView Software (CVE-2025-37164) allowing unauthenticated remote code execution. 👉 support.hpe.com

Automotive / Transportation:

Uber and Lyft partner with Baidu to trial driverless taxis in the UK in 2026, using Baidu's Apollo Go RT6 robotaxis. 👉 bloomberg.com^$
Waymo resumes service in San Francisco after robotaxis stalled during a blackout, causing traffic disruptions. 👉 techcrunch.com

Entertainment / Media:

Coinbase agrees to acquire The Clearing Company, a prediction markets startup, to expand its platform. 👉 coinbase.com
FanDuel and CME Group launch a prediction market app in five US states, following DraftKings' similar product. 👉 bloomberg.com^$
OpenAI rolls out "Your Year with ChatGPT," a Spotify Wrapped-like feature for users. 👉 techcrunch.com

Social Media / Messaging:

A malicious npm package steals WhatsApp credentials and messages by posing as a legitimate API library. 👉 koisecurity.com
Instagram's Adam Mosseri hints at potential longform video features and algorithm adjustments to compete with TikTok. 👉 semafor.com

Economy / Business:

Larry Ellison personally guarantees $40.4 billion for Paramount's bid for Warner Bros. Discovery, addressing financing concerns. 👉 reuters.com
Alphabet agrees to acquire Intersect Power for $4.75 billion to expand its AI data center footprint. 👉 bloomberg.com^$
Instacart ends all item price tests after backlash, ensuring consistent pricing for customers. 👉 wsj.com^$

Healthcare / Education:

Romanian water authority hit by a ransomware attack over the weekend. 👉 bleepingcomputer.com
University of Phoenix data breach impacts nearly 3.5 million individuals due to a Clop ransomware attack. 👉 phoenix.edu

Privacy / Surveillance:

A new study reveals that over 90% of parked domains redirect users to malicious content, including scams and malware. 👉 blogs.infoblox.com
Beverly Hills High School deploys AI-powered surveillance, including facial recognition and bathroom listening devices, raising privacy concerns. 👉 forbes.com^$

Gaming / Entertainment:

Vince Zampella, co-creator of Call of Duty and co-founder of Respawn Entertainment, dies at 55 in a single-car crash. 👉 nbclosangeles.com
Activision Blizzard faces a $300 million lawsuit over alleged labor law violations. 👉 bloomberg.com^$

AI / Technology:

OpenAI details efforts to secure its ChatGPT Atlas browser against prompt injection attacks, acknowledging persistent vulnerabilities. 👉 openai.com
Visa announces plans to enable AI-initiated transactions, expecting AI agents to handle purchases at scale by 2026. 👉 nerds.xyz

Legal / Law Enforcement:

Nigerian authorities arrest three individuals linked to Microsoft 365 phishing attacks using RaccoonO365. 👉 npf.gov.ng
A Ukrainian hacker pleads guilty to conducting Nefilim ransomware attacks targeting businesses across the US and other countries. 👉 bleepingcomputer.com

Cryptocurrency / Blockchain:

North Korea-linked hackers steal $2.02 billion in 2025, leading global crypto theft. 👉 chainalysis.com
Coinbase acquires prediction markets startup The Clearing Company to expand its platform. 👉 coinbase.com

Regulation / Compliance:

CISA flags an ASUS Live Update vulnerability (CVE-2025-59374), but the attack is years old and tied to an end-of-life product. 👉 cisa.gov
Microsoft confirms Teams is down with delayed messages, affecting thousands of users. 👉 status.microsoft.com^$

Environment / Sustainability:

A new green browser, Wave Browser, aims to reduce the environmental impact of internet usage. 👉 thehackernews.com
Alphabet agrees to acquire Intersect Power for $4.75 billion to advance clean energy for AI data centers. 👉 bloomberg.com^$