Latest Internet & Cybersecurity News

đź“…December 3, 2025 at 1:00 AM
Major breaches at Coupang and Salesforce, attacks on critical infrastructure, surging AI-driven fraud, and new spyware campaigns highlight global cybersecurity threats this week.
1

Coupang Data Breach Exposes 33.7 Million Accounts

South Korean e-commerce giant Coupang suffered a massive breach, exposing names, addresses, emails, and phone numbers of nearly 34 million users in a five-month-long incidentSource 1Source 4.

2

Microsoft SharePoint Servers Under Widespread Attack

On-premises Microsoft SharePoint servers are being targeted by a major campaign exploiting new vulnerabilities, with China-based threat actors suspectedSource 1.

3

U.S. Treasury Department Hit by China-Linked APT

The U.S. Treasury disclosed a significant breach attributed to a China state-sponsored advanced persistent threat (APT) actor, exploiting a remote support toolSource 1.

4

Salesforce Customers Breached via Gainsight Platform

A supply chain attack compromised Salesforce customers through the Gainsight platform, underscoring risks from third-party integrationsSource 1.

5

OpenPLC ScadaBR Vulnerability Added to CISA Exploited List

CISA added a critical OpenPLC ScadaBR vulnerability to its known exploited catalog after confirmed attacks on industrial systemsSource 2.

6

TwoNet Hacktivists Target Water Treatment Plant

Pro-Russian group TwoNet attacked a water treatment plant honeypot, defacing systems and manipulating operations using default credentials and CVE-2021-26828Source 2.

7

Android Zero-Days Patched in December Update

Google patched 107 Android vulnerabilities, including two zero-days actively exploited in the wildSource 3.

8

Mixpanel, OnSolve, Dartmouth College Breached

Multiple organizations, including Mixpanel, OnSolve, and Dartmouth College, reported recent breaches and data leaksSource 3.

9

Candiru's DevilsTongue Spyware Targets Windows Users

Global Windows users are being hit by DevilsTongue spyware linked to Israeli vendor Candiru, according to new researchSource 7.

10

ValleyRat Malware Spreads via Telegram, Chrome, Teams

China-aligned group Silver Fox is deploying ValleyRat malware through fake installers for Telegram, Chrome, Teams, and WinSCPSource 7.

11

Arkanix Stealer Campaign Targets VPN and Wi-Fi Credentials

A new information-stealing tool, Arkanix, is being used to hijack VPN accounts and Wi-Fi credentials in aggressive data theft campaignsSource 7.

12

Companies Fear State-Sponsored Cyber-Attacks

Most companies worry about state-sponsored attacks, with North Korean, Chinese, and Russian groups leading recent high-profile incidentsSource 9.

13

Iran-Linked Hackers Deploy MuddyViper Backdoor

Iranian hackers have launched targeted attacks on Israeli sectors using a new MuddyViper backdoorSource 10.

Back to News