Security Land
LightNews LightNews
banner
security.land
Security Land
@security.land
50 followers 26 following 71 posts
Your intelligence feed for cybersecurity—breaking incidents, advanced threats, expert insights. #cybersecurity #databreach #cybercrime
Posts Replies Media Videos
security.land
⚖️ Spanish National Police, supported by Europol & Bavarian State Criminal Police Office, arrested 34 members of a "Black Axe" cell in Spain. This ongoing operation targets a network linked to €6M in damages via cyber-enabled fraud like BEC.

Read More: www.security.land/spanish-auth...
34 Arrested in Spain: Black Axe Fraud Ring Dismantled
An 15-year criminal investigation has led to 34 arrests in Spain. Linked to the global Black Axe organization, the group is accused of causing nearly €6 million in total damages through various fraudu...
www.security.land
January 9, 2026 at 11:02 AM
security.land
New research from Absolute Security exposes a "recovery reality gap": 0% of CISOs surveyed could restore operations within 24 hours of an attack.

Read More: www.security.land/the-24-hour-...

#SecurityLand #BusinessShield #CyberSecurity #CISO #MTTR #AbsoluteSecurity #CyberResilience #CyberDefense
The Cyber Recovery Reality Gap: 2026 CISO Survey Results
New comprehensive research from Absolute Security exposes a "recovery reality gap." With 0% of organizations achieving sub-24-hour recovery, the industry is shifting focus from detecting threats to th...
www.security.land
January 9, 2026 at 10:01 AM
security.land
The Swiss National Cyber Security Centre (NCSC) has issued a strategic alert ahead of the World Economic Forum (WEF) 2026. Check the NCSC’s latest recommendations to stay protected.

Read More: www.security.land/wef-2026-ncs...

#SecurityLand #News #NCSC #WEF26 #CyberSecurity #Switzerland #DDoS
WEF 2026: NCSC Warns of Increased Cyber Risks
With the World Economic Forum approaching, the NCSC is warning of a surge in cyber disruptions. From DDoS attacks to credential theft, here are the essential steps the Swiss government recommends for ...
www.security.land
January 8, 2026 at 1:30 PM
security.land
Japanese chemical trader Kowa Emori hit by ransomware January 7. Orders and shipments delayed, no confirmed data breach yet.

Read More: www.security.land/japanese-che...

#SecurityLand #DataBreach #Ransomware #Kowa #Emori #Japan #RansomwareAttack #SupplyChain
Kowa Emori Ransomware Attack Disrupts Operations
Kowa Emori, a Japanese chemical and electronics materials trading company, disclosed a ransomware attack on January 7, 2026, that knocked out email systems and caused delays in order processing and sh...
www.security.land
January 8, 2026 at 12:43 PM
security.land
FreeBSD CVE-2025-14558: 9.8-severity IPv6 flaw lets attackers execute code via crafted packets. Patched Dec 16, but PoC exploits dropped 2 weeks ago.

Read More: www.security.land/freebsd-ipv6...

#SecurityLand #CyberWatch #FreeBSD #Cybersecurity #IPv6 #CVE #Vulnerability
CVE-2025-14558: FreeBSD IPv6 Vulnerability Allows RCE
A critical vulnerability in FreeBSD's IPv6 auto-configuration feature (CVE-2025-14558) scores 9.8/10 and allows attackers on the same network to execute arbitrary commands with a single malicious pack...
www.security.land
January 7, 2026 at 1:40 PM
security.land
2025 cyber recap: React2Shell hit CVSS 10.0, the first AI attack emerged, but only 23% paid ransoms. Law enforcement seized $320M across 20 operations.

Read More: www.security.land/2025-cyberse...

#SecurityLand #News #Cybersecurity #InfoSec #Ransomware #AI #DataBreach #CISO #LawEnforcement #CVE
2025 Cyber Year in Review: AI Attacks, Breaches & Takedowns
From React2Shell's perfect CVSS 10.0 score to the first autonomous AI cyberattack, 2025 pushed cybersecurity to its limits. This comprehensive analysis covers the top 10 breaches, critical vulnerabili...
www.security.land
January 4, 2026 at 12:24 AM
security.land
A high-severity flaw known as MongoBleed (CVE-2025-14847) is currently being exploited in the wild. Wiz researchers have confirmed active exploitation.

Read More: www.security.land/mongobleed-a...

#SecurityLand #CyberSecurity #InfoSec #MongoDB #MongoBleed #DatabaseSecurity #Wiz #Shodan
MongoBleed CVE-2025-14847: Is Your MongoDB Exposed?
Dubbed "MongoBleed," CVE-2025-14847 allows unauthenticated attackers to exfiltrate sensitive data from MongoDB heap memory. With 87,000 instances exposed, active exploitation is now confirmed.
www.security.land
December 28, 2025 at 12:55 PM
security.land
Socket researchers uncover 27 npm packages used as phishing infrastructure targeting manufacturing and healthcare sectors.

Read More: www.security.land/npm-registry...

#SecurityLand #ThreatHorizon #Cybersecurity #Research #NPM #Phishing #CriticalInfrastructure #AiTM #Spearphishing #Dev
npm Registry Abused for Targeted Spearphishing Campaign
A five-month spearphishing operation has transformed the npm registry into a durable hosting layer for AiTM credential theft, specifically targeting sales teams in the manufacturing and healthcare ind...
www.security.land
December 24, 2025 at 1:50 PM
security.land
Nissan Motor Co. confirms a data breach affecting 21,000 customers in Japan following a security incident at third-party vendor Red Hat. No financial data was stolen.

Read More: www.security.land/nissan-japan...

#SecurityLand #Cybersecurity #DataBreach #RedHat #Nissan #Japan #CrimsonCollective
Nissan Japan Data Breach: 21,000 Customers Affected
Nissan Motor Co. confirms a data breach affecting 21,000 customers in Japan following a security incident at third-party vendor Red Hat. No financial data was stolen.
www.security.land
December 24, 2025 at 11:53 AM
security.land
Swiss Fed Council report: AI amps up cyber threats like targeted phishing & deepfakes, but also supercharges defenses via quick threat spotting. NCS will get AI upgrades for transparency. Full insights: www.security.land/swiss-govern... #Cybersecurity #AI #Switzerland #TechSecurity #DigitalThreats
AI's Impact on Swiss Cybersecurity Explored
Swiss Federal Council reviews AI's impact on cybersecurity, from phishing risks to threat detection benefits, updating NCS for transparency.
www.security.land
December 23, 2025 at 10:49 AM
security.land
Data from Huntress & CSA shows hypervisor ransomware tripled in 2025. EDR is blind at this layer. We break down the "Inside-Out" crisis and how "Ghost VMs" evade detection.

#SecurityLand #ExpertDecode #CyberSecurity #Infosec #CloudSecurity #Huntress #ThreatIntel #Ransomware #Virtualization
The Hypervisor Blind Spot: Securing the Virtualization Layer
As endpoint detection matures, attackers have moved "down the stack." Discover why hypervisor breaches have tripled in late 2025 and how to bridge the visibility gap.
www.security.land
December 22, 2025 at 5:00 PM
security.land
14 fake crypto packages hid on NuGet for 4 months, stealing wallet keys and redirecting transactions. They looked legit—copied real codebases, inflated downloads to millions.

#SecurityLand #CyberWatch #Malware #Blockchain #Crypto

Read More: www.security.land/crypto-theft...
NuGet Malware Targets Crypto Wallets in Multi-Month Attack
Security researchers uncovered 14 malicious NuGet packages that impersonated legitimate cryptocurrency tools to steal funds and OAuth tokens. The campaign ran undetected from July through October 2025...
www.security.land
December 22, 2025 at 11:06 AM
security.land
Koi Security research team uncovered something that should concern every developer using npm: a WhatsApp API package with 56,000 downloads that steals everything passing through it.

#SecurityLand #CyberWatch #NPM #WhatsApp #Koi

Read More: www.security.land/whatsapp-ste...
NPM Malware Steals WhatsApp Messages: 56K Downloads of Lotusbail
Researchers at Koi Security have uncovered a malicious npm package that stole WhatsApp credentials and messages while functioning perfectly as a legitimate API library. The lotusbail package accumulat...
www.security.land
December 21, 2025 at 6:17 PM
security.land
The Handala group claims to have identified 14 Israeli engineers working on military drone programs—and placed $30,000 bounties on each of them. Israeli security sources haven't verified the breach.

#SecurityLand #GeoSphere #Cybersecurity #Israel #Iran

Read More: www.security.land/iranian-hack...
Iran-Linked Hackers Target Israeli Drone Engineers With Bounties
The Handala hacking group claims to have exposed 14 Israeli engineers working on drone programs, offering $30,000 rewards for each. The threats follow attacks on politicians including Bennett, whose T...
www.security.land
December 21, 2025 at 5:25 PM
security.land
The NCS Guide 2025 is here, and it finally solves the funding gap. With a new 6-phase lifecycle and a mandate for Quantum/AI foresight, this is the definitive playbook for digital sovereignty.

#SecurityLand #BusinessShield #CyberSecurity #NCS2025

Read More: www.security.land/ncs-guide-20...
December 20, 2025 at 2:28 PM
security.land
A sophisticated threat actor with possible links to Russian hybrid-threat groups impersonated Trend Micro security advisories.

#SecurityLand #ThreatHorizon #APT #TrendMicro #ShadowVoid042 #Cybercrime #SpearPhishing

Read More: www.security.land/shadow-void-...
SHADOW-VOID-042: Cybercriminals Fake Trend Micro Alerts
A sophisticated threat actor with possible links to Russian hybrid-threat groups impersonated Trend Micro security advisories to target defense contractors, energy companies, and cybersecurity firms. ...
www.security.land
December 20, 2025 at 1:28 PM
security.land
Security administrators worldwide are rushing to patch a critical security vulnerability in WatchGuard Firebox appliances tracked as CVE-2025-14733.

#SecurityLand #CyberWatch #ZeroDay #Watchguard #SecurityVulnerability #Firewall #CVE

Read More: www.security.land/watchguard-c...
Inside CVE-2025-14733: The Unauthenticated RCE Hitting WatchGuard Firewalls
Analysis of CVE-2025-14733, a critical WatchGuard Firebox vulnerability. Learn why unauthenticated RCE persists even after deleting vulnerable VPN configurations.
www.security.land
December 19, 2025 at 1:23 PM
security.land
Chinese threat actor UAT-9686 has been compromising Cisco email security systems since late November with a custom backdoor called AquaShell.

#SecurityLand #ThreatHorizon #Cisco #UAT9686 #EmailSecurity #APT #China

Read More: www.security.land/uat-9686-chi...
UAT-9686 Chinese APT Targets Cisco Email Security Appliances
Chinese threat actor UAT-9686 deploys AquaShell backdoor on Cisco Secure Email Gateway appliances with custom persistence.
www.security.land
December 19, 2025 at 9:31 AM
security.land
Security researchers from Koi have uncovered 17 malicious Firefox extensions hiding multi-stage malware inside PNG logo files, affecting 50,000+ users.

#SecurityLand #ThreatHorizon #Steganography #Malware #PNG #BrowserSecurity #Cybersecurity

Read More: www.security.land/firefox-exte...
Firefox Extensions Hide Malware in PNG Files: 50K Users Hit
Security researchers discover 17 Firefox extensions using PNG steganography to hide multi-stage malware affecting 50,000+ users.
www.security.land
December 18, 2025 at 12:03 AM
security.land
ASPI tested Chinese LLMs with 200 politically sensitive images. Censorship embedded in training data + provider filters, not just keywords.

#SecurityLand #GeoSphere #ASPI #Research #Australia #China #AI #LLM

Read More: www.security.land/china-ai-sur...
China's AI Censorship Systems Revealed in ASPI Report
ASPI exposes how Chinese LLMs systematically censor images and text while AI powers mass surveillance across justice systems.
www.security.land
December 17, 2025 at 12:38 AM
security.land
2025 Cybersecurity Workforce Study by ISC2 surveyed 16,029 professionals globally and found that 88% of organizations experienced security incidents directly caused by skills deficits in the past year.

#SecurityLand #News #Research #ISC2 #Cybersecurity

Read More: www.security.land/isc2-2025-wo...
ISC2 2025 Workforce Study: Skills Shortages Drive 88% of Security Incidents
ISC2 study reveals 88% of organizations faced security incidents due to skills gaps. Analysis of workforce challenges and AI impact.
www.security.land
December 15, 2025 at 11:44 PM
security.land
New infrastructure analysis from Censys reveals how the pro-Russian hacktivist group NoName057(16) maintains DDoSia operations through rapid server rotation.

#SecurityLand #ThreatHorizon #Research #Censys #DDoSia #DDoS #DDoSAttack #NoName057

Read More: www.security.land/ddosia-infra...
Censys Reveals Rapid Server Rotation Behind NoName057(16) Attacks
Censys research reveals DDoSia control servers last avg 2.5 days, with 6 active at any time. Analysis of pro-Russian DDoS infrastructure.
www.security.land
December 15, 2025 at 11:33 PM
security.land
A closer look at the Medusa ransomware group’s latest operations, including their evolving tactics and high-profile targets.

#SecurityLand #BreachBreakdown #Ransomware #Medusa #RansomwareGroup #Cybercrime

Read More: www.security.land/inside-medus...
Inside Medusa Ransomware: Tactics, Targets, and Trends in Recent Operations
In‑depth analysis of recent Medusa ransomware group operations, victim data and extortion schemes.
www.security.land
December 15, 2025 at 10:36 PM
security.land
European Union Agency for Cybersecurity (ENISA) has secured €36 million from the European Commission to operate the EU Cybersecurity Reserve.

#SecurityLand #GeoSphere #EU #EuropeanComission #ENISA #Cybersecurity #EUCybersecurityReserve

Read More: www.security.land/europe-activ...
European Commission Activates €36M Cybersecurity Reserve Under ENISA Management
ENISA secures €36M to operate EU Cybersecurity Reserve, providing emergency incident response for critical sectors under Cyber Solidarity Act.
www.security.land
December 10, 2025 at 1:47 PM
security.land
Ivanti Endpoint Manager faces four security vulnerabilities, including a critical 9.6 CVSS flaw. Updates now available for EPM users.

#SecurityLand #CyberWatch #SecurityVulnerability #Ivanti #EPM #CVSS #CVE #XSS

Read More: www.security.land/critical-fla...
Critical Flaws Discovered in Ivanti EPM Endpoint Management Software
Ivanti Endpoint Manager faces four security vulnerabilities, including a critical 9.6 CVSS flaw. Updates now available for EPM users.
www.security.land
December 10, 2025 at 1:09 PM