Latest Internet & Cybersecurity News
Critical React/Next.js Vulnerability CVE-2025-55182 Exploited
A critical vulnerability in React Server Components and Next.js allows unauthenticated remote code execution, with immediate patching required due to high exploitation risk. Security researchers warn of imminent in-the-wild attacks following public patch releases . China-linked threat groups are actively targeting this flaw in AWS environments
.
Fintech Provider SitusAMC Breach Impacts U.S. Banks
SitusAMC, a major fintech vendor, disclosed a breach compromising corporate and customer data for over 1,500 clients, including several large U.S. financial institutions. The full scope is still being assessed, highlighting third-party risk in finance .
Comcast Fined $1.5M for Vendor Data Breach
Comcast will pay a $1.5 million FCC fine after a vendor breach exposed personal and financial data of nearly 275,000 customers. The incident affected 4.2 million people and mandates improved vendor oversight and compliance measures .
OpenAI Pauses Use of Analytics Vendor Mixpanel After Breach
OpenAI paused its use of Mixpanel after a breach exposed limited profile data for some API users. No passwords or sensitive content were compromised, but the incident raises concerns about third-party security in AI ecosystems .
Dozens of Banks and Credit Unions Hit by Third-Party Breach
A marketing vendor breach compromised sensitive data of at least 400,000 bank and credit union customers, including names, contact details, and account information. Affected institutions were notified in late October .
Freedom Mobile Data Breach Exposes Customer Information
Freedom Mobile disclosed a breach affecting its account management platform, with hackers stealing personal and financial information including names, addresses, and card numbers .
Record-Breaking Aisuru DDoS Attack Mitigated by Cloudflare
Cloudflare mitigated a new record-breaking Aisuru DDoS attack peaking at 14.1 Bpps, marking one of the largest attacks seen to date .
AI-Generated Linux Miner 'Koske' Surpasses Human Malware
The AI-generated Linux miner 'Koske' demonstrates capabilities matching or exceeding traditional human-developed malware, signaling a new era in automated cyber threats .
Cryptomixer Targeted in Operation Olympia
Law enforcement targeted Cryptomixer in Operation Olympia for facilitating cybercrime and money laundering, resulting in significant disruption to illicit financial activities .
Michael Clapsis Sentenced for Stealing Sensitive Information
Michael Clapsis was sentenced to 7 years and 4 months in prison for stealing sensitive information, highlighting ongoing legal actions against cybercriminals .