⚖️ Spanish National Police, supported by Europol and the Bavarian State Criminal Police Office, have arrested 34 members of a "Black Axe" cell in Spain.

The ongoing operation targets a network linked to €6M in total damages through cyber-enabled crime, including BEC and Man-in-the-Middle scams.

Read More: https://www.security.land/spanish-authorities-dismantle-major-black-axe-fraud-network/

#SecurityLand #Europol #LawEnforcement #BlackAxe #BEC #FraudPrevention #Scam #CyberFraud #Spain

A new global survey of 750 CISOs by Absolute Security has uncovered a critical "recovery reality gap" that is redefining modern security priorities. The data reveals a sobering truth: not a single organization reported being able to fully restore business operations within 24 hours of a major cyber incident.

Read More: https://www.security.land/the-24-hour-recovery-myth-why-cisos-are-prioritizing-resilience/

#SecurityLand #BusinessShield #CyberSecurity #CISO #MTTR #AbsoluteSecurity #CyberResilience #CyberDefense #Research

The Swiss National Cyber Security Centre (NCSC) has issued a strategic alert ahead of the World Economic Forum (WEF) 2026. Expecting DDoS attacks aimed at visibility, the NCSC is advising media restraint to deny attackers the spotlight. Check the NCSC’s latest recommendations to stay protected.

Read More: https://www.security.land/wef-2026-ncsc-warns-of-increased-cyber-risks/

#SecurityLand #News #NCSC #WEF26 #CyberSecurity #Switzerland #DDoS

Kowa Emori, a Japanese chemical and electronics materials trader, disclosed a ransomware attack on January 7 that's delaying orders and shipments. The company is investigating with security specialists but hasn't confirmed data exfiltration yet.

Read More: https://www.security.land/japanese-chemical-trader-hit-by-ransomware-attack/

#SecurityLand #DataBreach #Cybersecurity #Ransomware #Kowa #Emori #Japan #RansomwareAttack #SupplyChain

CVE-2025-14558 is a 9.8-severity vulnerability in FreeBSD's IPv6 auto-configuration that lets attackers execute arbitrary code with a single crafted network packet. FreeBSD released patches on December 16, 2024, but the threat escalated when multiple proof-of-concept exploits hit GitHub about two weeks ago.

Read More: https://www.security.land/freebsd-ipv6-flaw-enables-remote-code-execution-attacks/

#SecurityLand #CyberWatch #FreeBSD #Cybersecurity #VulnerabilityManagement #IPv6 #CVE

2025 cyber recap: React2Shell hit CVSS 10.0, the first AI attack emerged, but only 23% paid ransoms. Law enforcement seized $320M across 20 operations. 2025 pushed cybersecurity to its limits. Our analysis covers top data breaches, critical vulnerabilities, and what 2026 demands.

Read More: https://www.security.land/2025-cybersecurity-year-in-review/

#SecurityLand #News #YearInReview #Cybersecurity #InfoSec #ThreatIntelligence #Ransomware #AI #DataBreach #CyberDefense #CISO #SecurityVulnerability #LawEnforcement #LEA #Government

A high-severity flaw known as MongoBleed (CVE-2025-14847) is currently being exploited in the wild.

The scale is significant:

🔍 Wiz researchers have confirmed active exploitation.
📊 Data from Shodan and Censys reveals between 87,000 and 100,000 potentially vulnerable MongoDB instances.

Read More: https://www.security.land/mongobleed-alert-cve-2025-14847-exploited-in-the-wild/

#SecurityLand #CyberSecurity #InfoSec #MongoDB #MongoBleed #DatabaseSecurity #Wiz #Shodan #Censys #CloudSecurity

A five-month spearphishing operation discovered by Socket has transformed the npm registry into a durable hosting layer for AiTM credential theft, specifically targeting sales teams in the manufacturing and healthcare industries.

Read More: https://www.security.land/npm-registry-weaponized-in-spearphishing-campaign-against-critical-infrastructure/

#SecurityLand #Cybersecurity #Research #NPM #Phishing #CriticalInfrastructure #AiTM #Spearphishing #Dev

Nissan Motor Co. confirms a data breach affecting 21,000 customers in Japan following a security incident at third-party vendor Red Hat. No financial data was stolen.

Read More: https://www.security.land/nissan-japan-data-breach-affects-21-000-fukuoka-customers/

#SecurityLand #Cybersecurity #DataBreach #RedHat #Nissan #Japan #CrimsonCollective #ThreatActor

Switzerland's Federal Council has analyzed AI's growing influence on cybersecurity, revealing how it boosts both attacks and defenses while updating the National Cyberstrategy for better transparency. This report highlights risks like AI-powered phishing and deepfakes, alongside opportunities for faster threat detection.

Read More: https://www.security.land/swiss-government-assesses-ais-role-in-bolstering-and-threatening-cybersecurity/

#SecurityLand #News #Cybersecurity #AI #Switzerland #DigitalDefense #NationalSecurity

While the industry focused on securing the endpoint, the ground shifted. New data from Huntress and the Cloud Security Alliance confirms a staggering trend.

In our latest feature, we break down the "Inside-Out" Problem—the technical paradox where virtualization isolation actually shields attackers from guest-level security agents.

👇 READ THE FULL ANALYSIS: https://www.security.land/the-foundation-is-cracking-why-the-hypervisor-is-the-final-frontier-of-stealth-attacks/

#SecurityLand #ExpertDecode #CyberSecurity #Infosec #CloudSecurity #Huntress #Ransomware #Virtualization

How many of your dependencies have you actually audited lately?

ReversingLabs uncovered a 4-month campaign where attackers published 14 malicious packages on NuGet, all targeting cryptocurrency developers. These weren't sloppy hacks—they were sophisticated impersonations of legitimate blockchain tools like Nethereum and Coinbase.Net.Api.

#SecurityLand #CyberWatch #Malware #Blockchain #Crypto #Nethereum #Research

Read More: https://www.security.land/crypto-theft-campaign-exploits-nuget-packages-for-months/

The Koi Security research team is on a roll this week.

After exposing the GhostPoster campaign that hid malware in Firefox extension logos, they've now uncovered something that should concern every developer using npm: a WhatsApp API package with 56,000 downloads that steals everything passing through it.

#SecurityLand #CyberWatch #NPM #WhatsApp #API #MaliciousPackage #Koi

Read More: https://www.security.land/whatsapp-stealing-malware-lurked-in-npm-package-with-56-000-downloads/

The Handala group claims to have identified 14 Israeli engineers working on military drone programs—and placed $30,000 bounties on each of them. Israeli security sources haven't verified the breach, but this represents a troubling shift: from targeting infrastructure to targeting individuals with financial incentives for real-world harm.

#SecurityLand #GeoSphere #Cybersecurity #Cybercrime #Israel #Iran #Handala #ThreatActor #Infosec

Read More: https://www.security.land/iranian-hacking-group-puts-30-000-bounties-on-israeli-defense-engineers/

The NCS Guide 2025 is here, and it finally solves the funding gap. With a new 6-phase lifecycle and a mandate for Quantum/AI foresight, this is the definitive playbook for digital sovereignty.

#SecurityLand #BusinessShield #Government #Cybersecurity #AI #Quantum #DigitalSovereignty #NCSGuide #NCS2025

Read More: https://www.security.land/ncs-guide-2025-3rd-edition-analysis/

A sophisticated threat actor with possible links to Russian hybrid-threat groups impersonated Trend Micro security advisories to target defense contractors, energy companies, and cybersecurity firms.

#SecurityLand #ThreatHorizon #APT #TrendMicro #ShadowVoid042 #Cybercrime #SpearPhishing

Read More: https://www.security.land/shadow-void-042-cybercriminals-fake-security-alerts/

Analysis of CVE-2025-14733, a critical WatchGuard Firebox security vulnerability. Learn why unauthenticated RCE persists even after deleting vulnerable VPN configurations.

#SecurityLand #CyberWatch #ZeroDay #Watchguard #SecurityVulnerability #Firewall #CVE

Read More: https://www.security.land/watchguard-cve-2025-14733-critical-vulnerability-analysis/

Chinese threat actor UAT-9686 has been compromising Cisco email security systems since late November with a custom backdoor called AquaShell. Organizations should immediately check Cisco Talos advisories for indicators and remediation guidance.

#SecurityLand #ThreatHorizon #Cisco #UAT9686 #EmailSecurity #APT #China

Read More: https://www.security.land/uat-9686-chinese-apt-cisco-email-gateway-attack/

Zscaler ThreatLabz documents BlindEagle APT's sophisticated attack on Colombian government infrastructure using steganography, compromised email accounts, and dual malware deployment (Caminho + DCRat). The September 2025 campaign demonstrates evolved tradecraft including Discord CDN abuse and fileless execution chains.

#SecurityLand #ThreatHorizon #Zscaler #BlindEagle #Colombia #Government #Ecuador #APT #RAT #Malware

Read More: https://www.security.land/blindeagle-colombian-government-caminho-dcrat-attack/

Security researchers from Koi have uncovered 17 malicious Firefox extensions hiding multi-stage malware inside PNG logo files, affecting 50,000+ users. The sophisticated steganography-based campaign strips browser security protections and enables remote code execution while evading detection through probabilistic activation and delayed payloads.

#SecurityLand #ThreatHorizon #Steganography #Malware #PNG #BrowserSecurity #Cybersecurity

Read More: https://www.security.land/firefox-extensions-png-steganography-malware-ghostposter/