U.S. Allocates $3 Billion to Remove Chinese Telecom Equipment Over Security Concerns
The U.S. government is investing $3 billion to remove Chinese telecommunications equipment from American networks amid escalating cybersecurity threats. The initiative, part of the 2025 National Defense Authorization Act, aims to help telecom companies replace technology from manufacturers like Huawei and ZTE while protecting critical infrastructure.
Iranian Hackers Evolve: New C++ Variant of BellaCiao Malware Discovered
Kaspersky researchers have identified BellaCPP, a new C++ variant of Iranian state-sponsored malware targeting organizations across multiple regions. The discovery reveals how Iran's Charming Kitten hacking group continues to advance their cyber capabilities while streamlining their tools.
Critical Cloud Platform Vulnerabilities Put 50,000 Ruijie Network Devices at Risk
Security researchers discovered multiple critical flaws in Ruijie Networks' cloud platform that could enable remote control of network devices. The vulnerabilities, including a novel 'Open Sesame' attack method, exposed severe weaknesses in device authentication and command execution capabilities.
UN Adopts Historic Global Treaty to Combat Rising Cybercrime Threats
The United Nations General Assembly has approved a landmark cybercrime treaty, the first international criminal justice agreement in over 20 years. The comprehensive framework aims to enhance global cooperation in fighting digital threats while protecting human rights and providing tools for gathering electronic evidence.
Builder.ai Data Breach Exposes 1.29TB of Confidential User Information
A major security incident at Builder.ai has exposed over 3 million user records containing sensitive business documents and credentials. The British no-code platform's unprotected database revealed NDAs, financial records, and cloud storage access keys, raising concerns about potential cybercrime risks.
North Korean Hackers Orchestrate $308M Bitcoin Heist from Japanese Exchange
A sophisticated social engineering attack by North Korean hacking group TraderTraitor resulted in the theft of $308 million in Bitcoin from DMM Bitcoin exchange. The attack, which began with targeting an employee at crypto wallet company Ginco, marks one of the largest cryptocurrency heists of 2024.
Malicious PyPI Packages Found Stealing User Data and Hijacking Social Media Accounts
Security researchers discovered two dangerous packages on PyPI repository that accumulated 300 downloads before removal. The malware captured keystrokes, screenshots, and sensitive data from major social platforms while employing sophisticated concealment techniques to avoid detection.
BadBox Android Malware Infects 190,000 Devices in Rapid Global Spread
A sophisticated new Android malware called BadBox has compromised 190,000 devices worldwide, demonstrating an alarming growth rate and ability to bypass security controls. Security experts urge users to take protective measures as cybersecurity teams analyze the threat and develop defenses.
Apple's Unconventional Approach: Why iPhone Spyware Victims Are Directed to Nonprofit Security Labs
Apple's strategy for handling iPhone spyware attacks involves directing victims to specialized nonprofit organizations rather than providing direct support. This unique approach, affecting users in over 150 countries since 2021, leverages the expertise of organizations like Access Now and Citizen Lab for sophisticated threat analysis.
Chinese Vessel Suspected in Multiple Baltic Sea Cable Sabotage Attempts
New evidence suggests a Chinese cargo ship may have targeted undersea telecommunications cables in the Baltic Sea region multiple times in November. The vessel Yi Peng 3 exhibited suspicious behavior near Denmark before allegedly damaging cables connecting Sweden, Lithuania, Finland and Germany.