US Sanctioning Russian Broker for Buying Stolen Zero-Day Exploits.
U.S. Treasury Department Office of Foreign Assets Control sanctioned Operation Zero for trafficking stolen U.S. cyber-espionage tools.
Massive Rainbow Six Siege Breach
Late Dec 2025 breach hit Rainbow Six Siege: attackers abused backend tools, flooding accounts; Ubisoft shut servers, rolled back.
Threat Actors Exploit Calendar Subscriptions for Phishing and Malware Delivery
Hackers abuse .ics calendar subscriptions to push scams and track iCalendar users. Be cautious of third-party calendars.
Active Spyware Campaigns Hijacking High-Value Signal and WhatsApp Users
Spyware campaigns mimic secure apps to hack high-value targets; stay safe with strong auth, updates, trusted apps, and device protections.
Cybercriminals Exploit RMM Tools to Infiltrate Shipping and Logistics Networks
Cybercriminals use hacked freight accounts to steal real cargo, causing global losses of $34B and rising.
Stealthy attack serves poisoned web pages only to AI agents
New AI browser attack targets agents via hidden prompts, exploiting unique agent fingerprints to deliver invisible malicious code.
For $40, you can buy stolen police and government email accounts
Compromised government emails sold cheaply online risk major abuse; MFA & behavior analysis needed to detect and prevent misuse.
Flaw in Gemini CLI AI coding assistant allowed stealthy code execution
AI coding tools like Gemini CLI can hide malicious commands; users must prioritize security and sandbox all interactions.
Google Gemini flaw hijacks email summaries for phishing
Gemini in Gmail can be tricked by hidden prompts; AI output is now a potential attack surface needing security measures.
US Homeland Security warns of escalating Iranian cyberattack risks
US-Iran conflict escalates; DHS warns of rising cyber, terror threats from Iran, allies, and hacktivists targeting US infrastructure.