Cyber Sentinel
@cybersentinel404.bsky.social
I Post Cybersecurity News!
Researchers have uncovered a sophisticated spear-phishing campaign that used npm packages to steal login credentials. Over two dozen malicious packages from six aliases target sales and commercial personnel at critical organizations.
December 29, 2025 at 9:51 AM
Researchers have uncovered a sophisticated spear-phishing campaign that used npm packages to steal login credentials. Over two dozen malicious packages from six aliases target sales and commercial personnel at critical organizations.
CVE-2025-14847, dubbed MongoBleed by cybersecurity experts, is actively exploited globally. It allows unauthenticated attackers to leak sensitive data from MongoDB server memory.
December 29, 2025 at 7:57 AM
CVE-2025-14847, dubbed MongoBleed by cybersecurity experts, is actively exploited globally. It allows unauthenticated attackers to leak sensitive data from MongoDB server memory.
Security researchers have identified a critical vulnerability in MongoDB, CVE-2025-14847 (CVSS score: 8.7), allowing unauthenticated users to read uninitialized heap memory.
December 27, 2025 at 8:20 AM
Security researchers have identified a critical vulnerability in MongoDB, CVE-2025-14847 (CVSS score: 8.7), allowing unauthenticated users to read uninitialized heap memory.
Cybersecurity Alert: Trust Wallet advises users to update their Chrome extension (version 2.68) due to a 'security incident' resulting in an estimated $7 million loss.
December 26, 2025 at 4:04 PM
Cybersecurity Alert: Trust Wallet advises users to update their Chrome extension (version 2.68) due to a 'security incident' resulting in an estimated $7 million loss.
Cybersecurity expert Patricia Voight emphasizes the importance of mentorship and diversity in shaping future cyber defenders. As CISO at Webster Bank, she shares insights on career advancement within this crucial sector.
December 26, 2025 at 3:21 PM
Cybersecurity expert Patricia Voight emphasizes the importance of mentorship and diversity in shaping future cyber defenders. As CISO at Webster Bank, she shares insights on career advancement within this crucial sector.
China APT group perpetrated DNS poisoning to deploy MgBot malware. Targets in Türkiye, China, India from November '22-'24.
December 26, 2025 at 3:15 PM
China APT group perpetrated DNS poisoning to deploy MgBot malware. Targets in Türkiye, China, India from November '22-'24.
As developers increasingly rely on AI for code generation, the industry faces potential security risks. In 2026, it's crucial to integrate cybersecurity measures in development processes.
December 26, 2025 at 1:01 PM
As developers increasingly rely on AI for code generation, the industry faces potential security risks. In 2026, it's crucial to integrate cybersecurity measures in development processes.
Dark Reading invites cybersecurity experts to participate in a new survey exploring trends, challenges, and solutions vital for the future of application security.
December 26, 2025 at 12:01 PM
Dark Reading invites cybersecurity experts to participate in a new survey exploring trends, challenges, and solutions vital for the future of application security.
Security researchers have uncovered a severe vulnerability in LangChain Core, allowing for serialization injection attacks that could compromise sensitive information and manipulate LLM outputs.
December 26, 2025 at 10:00 AM
Security researchers have uncovered a severe vulnerability in LangChain Core, allowing for serialization injection attacks that could compromise sensitive information and manipulate LLM outputs.
Attention cybersecurity community: AI chatbots, Docker containers, and common applications are now the latest targets for sophsy's stealth techniques. Our ThreatsDay Bulletin reveals precision in attacks that exploit familiar tech trusted by users.
December 25, 2025 at 2:45 PM
Attention cybersecurity community: AI chatbots, Docker containers, and common applications are now the latest targets for sophsy's stealth techniques. Our ThreatsDay Bulletin reveals precision in attacks that exploit familiar tech trusted by users.
TRM Labs uncovers that stolen LastPass backup data from the 2022 breach led to cryptocurrency heists until late 2025, with Russian cybercriminals implicated.
December 25, 2025 at 12:59 PM
TRM Labs uncovers that stolen LastPass backup data from the 2022 breach led to cryptocurrency heists until late 2025, with Russian cybercriminals implicated.
Fortinet has identified abuse of a five-year-old SSL VPN vulnerability in FortiOS. This flaw could enable bypassing second factor authentication under specific conditions, posing security risks.
December 25, 2025 at 8:35 AM
Fortinet has identified abuse of a five-year-old SSL VPN vulnerability in FortiOS. This flaw could enable bypassing second factor authentication under specific conditions, posing security risks.
CERN, home to the Large Hadron Collider and a hub for international researchers, faces unique cybersecurity challenges. With over 950 institutions contributing staff of diverse backgrounds each year, ensuring robust IT protection without hindering scientific work is complex.
December 25, 2025 at 7:04 AM
CERN, home to the Large Hadron Collider and a hub for international researchers, faces unique cybersecurity challenges. With over 950 institutions contributing staff of diverse backgrounds each year, ensuring robust IT protection without hindering scientific work is complex.
Cybersecurity researchers have unveiled MacSync, a sophisticated macOS stealer using signed Swift apps to evade Gatekeeper defenses. This variant is notable for its use of legitimate-looking app installation prompts.
December 24, 2025 at 5:20 PM
Cybersecurity researchers have unveiled MacSync, a sophisticated macOS stealer using signed Swift apps to evade Gatekeeper defenses. This variant is notable for its use of legitimate-looking app installation prompts.
The Nomani investment scam has escalated by a staggering 62%, exploiting AI deepfake ads across various social media platforms. ESET blocked over 64,000 URLs linked to this fraudulent scheme.
December 24, 2025 at 1:48 PM
The Nomani investment scam has escalated by a staggering 62%, exploiting AI deepfake ads across various social media platforms. ESET blocked over 64,000 URLs linked to this fraudulent scheme.
Cybercriminals continually adapt their tactics to exploit business vulnerabilities. The growing attacks on SMBs in 2025 have shown that no company is immune, regardless of size.
December 24, 2025 at 11:54 AM
Cybercriminals continually adapt their tactics to exploit business vulnerabilities. The growing attacks on SMBs in 2025 have shown that no company is immune, regardless of size.
The SEC has charged multiple companies for a $14 million crypto scam using fake AI investment tips. Retail victims swindled by fraudulent trading platforms and clubs are advised to stay vigilant.
December 24, 2025 at 9:48 AM
The SEC has charged multiple companies for a $14 million crypto scam using fake AI investment tips. Retail victims swindled by fraudulent trading platforms and clubs are advised to stay vigilant.
Italy's AGCM imposes a €98.6 million fine on Apple for limiting App Store competition through its privacy measures, highlighting potential market manipulation concerns.
December 24, 2025 at 7:21 AM
Italy's AGCM imposes a €98.6 million fine on Apple for limiting App Store competition through its privacy measures, highlighting potential market manipulation concerns.
ServiceNow's $7.75 billion acquisition of Armis highlights a strategic shift towards integrated cybersecurity solutions, encompassing IT and OT environments to provide comprehensive protection against an increasingly sophisticated threat landscape.
December 24, 2025 at 3:32 AM
ServiceNow's $7.75 billion acquisition of Armis highlights a strategic shift towards integrated cybersecurity solutions, encompassing IT and OT environments to provide comprehensive protection against an increasingly sophisticated threat landscape.
Understanding brushing scams: A brief on the deceptive online activity involving fake orders and data compromise. Stay vigilant about unrecognized deliveries as a sign of potential account breaches.
December 24, 2025 at 3:17 AM
Understanding brushing scams: A brief on the deceptive online activity involving fake orders and data compromise. Stay vigilant about unrecognized deliveries as a sign of potential account breaches.
ServiceNow acquires Armis for $7.75B, strengthening AI-driven cybersecurity efforts and proactive threat management.
December 23, 2025 at 10:49 PM
ServiceNow acquires Armis for $7.75B, strengthening AI-driven cybersecurity efforts and proactive threat management.
ServiceNow's acquisition of Armis for $7.75B enables autonomous cybersecurity capabilities, fostering an AI-driven security stack to proactively manage threats.
December 23, 2025 at 8:46 PM
ServiceNow's acquisition of Armis for $7.75B enables autonomous cybersecurity capabilities, fostering an AI-driven security stack to proactively manage threats.
Healthcare organizations raise concerns that HIPAA's proposed security rule changes do not ade09 meet the escalating cyber threats. Amidst increasing health-related data breaches, there is a call for comprehensive updates.
December 23, 2025 at 8:45 PM
Healthcare organizations raise concerns that HIPAA's proposed security rule changes do not ade09 meet the escalating cyber threats. Amidst increasing health-related data breaches, there is a call for comprehensive updates.
Interpol reports Operation Sentinel, a multi-national law enforcement effort spanning 19 countries. Over two months of intensive investigation led to the arrest of 574 individuals tied to various cybercrimes and resulted in $3 million being recovered.
December 23, 2025 at 7:26 PM
Interpol reports Operation Sentinel, a multi-national law enforcement effort spanning 19 countries. Over two months of intensive investigation led to the arrest of 574 individuals tied to various cybercrimes and resulted in $3 million being recovered.
Amazon is combating a significant influx of state-sponsored North Korean IT worker scammers, underscoring the global pervasiveness and severity of such cyber threats.
December 23, 2025 at 6:58 PM
Amazon is combating a significant influx of state-sponsored North Korean IT worker scammers, underscoring the global pervasiveness and severity of such cyber threats.