FBI says 'ongoing' deepfake impersonation of U.S. gov officials dates back to 2023
The FBI said that unknown actors have continued to deploy AI voice cloning tools in an ongoing effort to impersonate U.S government officials and extract sensitive or classified information or conduct scams. The bureau initially warned back in May that the campaign had been ongoing since at least April 2025. In an update Friday, they revised that initial timeline and said there was evidence of such activity dating back to 2023. READ MORE...
Around 1,000 systems compromised in ransomware attack on Romanian water agency
Romania's cybersecurity agency confirms a major ransomware attack on the country's water management administration has compromised around 1,000 systems, with work to remediate them still ongoing. Romanian Waters says its geographical information system applications servers, database servers, Windows workstations, Windows Servers, email and web servers, and domain name servers are all affected. READ MORE...
Rockrose Development suffers security breach affecting 47,000 people
Apartment owner and developer Rockrose Development Corp. recently found that unauthorized individuals hacked its systems and claimed to have acquired confidential information, according to a letter posted to its website on Dec. 12. The security breach occurred on July 4 and affected 47,392 people, according to a data breach notification submitted to Maine's attorney general's office. Rockrose discovered the issues on Nov. 14. READ MORE...
Ukrainian hacker admits affiliate role in Nefilim ransomware gang
A Ukrainian national pleaded guilty on Friday to conducting Nefilim ransomware attacks that targeted high-revenue businesses across the United States and other countries. The defendant, 35-year-old Artem Aleksandrovych Stryzhak, was arrested in Spain in June 2024 and extradited to the U.S. on April 30, 2025. Stryzhak has admitted to computer fraud conspiracy charges brought by U.S. prosecutors in connection with ransomware attacks targeting businesses around the world. READ MORE...
LongNosedGoblin Caught Snooping on Asian Governments
A new Chinese-backed advanced persistent threat (APT) group, which researchers have dubbed LongNosedGoblin, has been waging a cyber-espionage campaign against the governments of Japan and others across Southeast Asia since at least 2023. The nosey ne'er-do-wells primarily use custom C#/.NET applications to conduct their operations, according to the ESET researchers who just published their research on the group. READ MORE...
Docker makes hardened images free open and transparent for everyone
Docker has made its open source Docker Hardened Images project available at no cost for every developer and organization. The catalog contains more than 1,000 container images built on open source distributions such as Debian and Alpine and is released under the Apache 2.0 license. The images are accessible through Docker Hub and related distribution points. Docker Hardened Images are designed to give developers a base set of container images that integrate common security features. READ MORE...
ATM jackpotting gang accused of unleashing Ploutus malware across US
A Venezuelan gang described by US officials as "a ruthless terrorist organization" faces charges over alleged deployment of malware on ATMs across the country, illegally siphoning millions of dollars. Two indictments were returned in Nebraska, collectively charging 54 alleged members of the Tren de Aragua (TdA) gang in connection with a spate of ATM jackpotting attacks. The gang allegedly deployed a variant of Ploutus malware on ATMs across the US. READ MORE...
Former incident responders plead guilty to ransomware attack spree
Former cybersecurity professionals Ryan Clifford Goldberg and Kevin Tyler Martin pleaded guilty Thursday to participating in a series of ransomware attacks in 2023 while they were employed at cybersecurity companies tasked with helping organizations respond to ransomware attacks. Goldberg, who was a manager of incident response at Sygnia, and Martin, a ransomware negotiator at DigitalMint at the time, collaborated with an unnamed co-conspirator to attack victim computers and networks. READ MORE...
Cisco VPNs, Email Services Hit in Separate Threat Campaigns
A variety of Cisco security products have been under fire this month, thanks to two separate campaigns of very different natures. On Wednesday, Cisco revealed that a newly identified China-linked advanced persistent threat (APT), "UAT-9686," had been exploiting a zero-day vulnerability in Cisco email security appliances that run on its AsyncOS software. The vulnerability, tracked as CVE-2025-20393, has since been assigned a "critical" 10 out of 10 CVSS severity rating. READ MORE...
- ...in 1883, avant-garde composer Edgard Varese, who once declared "The present-day composers refuse to die", is born in Paris, France.
- ...in 1948, singer-songwriter and Cheap Trick lead guitarist Rick Nielsen is born in Elmhurst, IL.
- ...in 1962, actor Ralph Fiennes ("Schindler's List", "The English Patient") is born in Ipswich, England.
- ...in 1964, the SR-71 Blackbird reconnaissance plane has its first test flight in the skies above Palmdale, CA.
