The Friday Wrap up
@thefwu.com
Your daily, and weekly, cybersecurity digest. I curate and categorize the day's and week's top security incidents, vulnerabilities, and threats. Essential intelligence without the overwhelm.
A severe vulnerability in n8n, with a perfect CVSS score of 10, puts sensitive data at risk if exploited. Understanding and addressing this flaw is essential for maintaining cybersecurity. #CyberSafety
Critical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Attackers to Take Full Control
A critical CVSS 10.0 vulnerability in n8n allows unauthenticated attackers to read files, bypass authentication, and gain full server control.
thehackernews.com
January 8, 2026 at 2:05 PM
A severe vulnerability in n8n, with a perfect CVSS score of 10, puts sensitive data at risk if exploited. Understanding and addressing this flaw is essential for maintaining cybersecurity. #CyberSafety
Logitech Options+ and G Hub stopped working on macOS after a certificate expired, leaving users unable to use their devices properly until an update was released. It's a reminder of how vital certificate management is. #TechGlitch
Logitech Options+, G HUB macOS apps break after certificate expires
Logitech's Options+ and G Hub apps on macOS stopped working after their code-signing certificate expired, leaving users unable to launch them on Apple systems.
www.bleepingcomputer.com
January 8, 2026 at 11:05 AM
Logitech Options+ and G Hub stopped working on macOS after a certificate expired, leaving users unable to use their devices properly until an update was released. It's a reminder of how vital certificate management is. #TechGlitch
Fake booking emails are tricking users by mimicking hotel reservations to steal data. They redirect victims to phony websites, harvesting sensitive info and financial details. Be cautious of unfamiliar emails. #CyberScamAlert
Fake Booking Emails Redirect Hotel Staff to Fake BSoD Pages Delivering DCRat
A new PHALT#BLYX campaign targets European hotels using fake Booking.com emails, ClickFix lures, PowerShell, and MSBuild to deploy DCRat malware.
thehackernews.com
January 7, 2026 at 2:05 PM
Fake booking emails are tricking users by mimicking hotel reservations to steal data. They redirect victims to phony websites, harvesting sensitive info and financial details. Be cautious of unfamiliar emails. #CyberScamAlert
Jaguar Land Rover’s wholesale deliveries dropped 43% after a cyberattack hit one of its key suppliers, disrupting production and delaying shipments. The incident highlights how cyber threats can seriously affect global supply chains. #CyberSecurityRisk
Jaguar Land Rover wholesale volumes down 43% after cyberattack
Jaguar Land Rover (JLR) revealed this week that a September 2025 cyberattack led to a 43% decline in third-quarter wholesale volumes.
www.bleepingcomputer.com
January 7, 2026 at 11:05 AM
Jaguar Land Rover’s wholesale deliveries dropped 43% after a cyberattack hit one of its key suppliers, disrupting production and delaying shipments. The incident highlights how cyber threats can seriously affect global supply chains. #CyberSecurityRisk
IoT devices face new security exploits, affecting user privacy. Cryptocurrency wallets continue to encounter vulnerabilities leading to financial losses. Stay informed on these crucial cybersecurity issues. #CybersecurityUpdate
⚡ Weekly Recap: IoT Exploits, Wallet Breaches, Rogue Extensions, AI Abuse & More
First 2026 cyber recap covering IoT exploits, wallet breaches, malicious extensions, phishing, malware, and early AI abuse.
thehackernews.com
January 6, 2026 at 2:05 PM
IoT devices face new security exploits, affecting user privacy. Cryptocurrency wallets continue to encounter vulnerabilities leading to financial losses. Stay informed on these crucial cybersecurity issues. #CybersecurityUpdate
Some VSCode forks can suggest dangerous extensions, risking user security. Malicious add-ons may be promoted through these modified IDEs, exposing developers to attacks via trusted tools. #CybersecurityAlert
VSCode IDE forks expose users to "recommended extension" attacks
Popular AI-powered integrated development environment solutions, such as Cursor, Windsurf, Google Antigravity, and Trae, recommend extensions that are non-existent in the OpenVSX registry, allowing threat...
www.bleepingcomputer.com
January 6, 2026 at 11:05 AM
Some VSCode forks can suggest dangerous extensions, risking user security. Malicious add-ons may be promoted through these modified IDEs, exposing developers to attacks via trusted tools. #CybersecurityAlert
Transparent Tribe has a new, dangerous Remote Access Trojan (RAT) that attacks Windows and Android devices, stealing data and spying on victims. It's crucial to stay informed to protect your devices. #CybersecurityThreats
Transparent Tribe Launches New RAT Attacks Against Indian Government and Academia
Transparent Tribe (APT36) is linked to new cyber-espionage attacks using malicious LNK files, adaptive RATs, and long-term persistence against Indian
thehackernews.com
January 5, 2026 at 2:05 PM
Transparent Tribe has a new, dangerous Remote Access Trojan (RAT) that attacks Windows and Android devices, stealing data and spying on victims. It's crucial to stay informed to protect your devices. #CybersecurityThreats
Hackers are stealing cryptocurrency by using data from the 2022 LastPass breach. Stolen vault data is helping them access victims' wallets, leading to over $4 million in new losses. #cybersecurity
Cryptocurrency theft attacks traced to 2022 LastPass breach
Blockchain investigation firm TRM Labs says ongoing cryptocurrency thefts have been traced to the 2022 LastPass breach, with attackers draining wallets years after encrypted vaults were stolen and laundering...
www.bleepingcomputer.com
January 5, 2026 at 11:05 AM
Hackers are stealing cryptocurrency by using data from the 2022 LastPass breach. Stolen vault data is helping them access victims' wallets, leading to over $4 million in new losses. #cybersecurity
The RondoDox botnet targets MikroTik routers by exploiting a critical vulnerability, allowing attackers to gain control and spread malicious activities. Stay informed about cybersecurity threats. #CybersecurityAwareness
RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers
RondoDox botnet exploits the React2Shell vulnerability in Next.js, with over 90,000 exposed systems used to deploy miners and malware worldwide.
thehackernews.com
January 2, 2026 at 2:05 PM
The RondoDox botnet targets MikroTik routers by exploiting a critical vulnerability, allowing attackers to gain control and spread malicious activities. Stay informed about cybersecurity threats. #CybersecurityAwareness
NYC's mayoral inauguration banned devices like Flipper Zero and Raspberry Pi over hacking concerns, highlighting growing fears around portable tech and cybersecurity at public events. #CybersecurityRisks
NYC mayoral inauguration bans Flipper Zero, Raspberry Pi devices
New York City's 2026 mayoral inauguration of Zohran Mamdani has published a list of banned items for the event, specifically prohibiting the Flipper Zero and Raspberry Pi devices.
www.bleepingcomputer.com
January 2, 2026 at 11:05 AM
NYC's mayoral inauguration banned devices like Flipper Zero and Raspberry Pi over hacking concerns, highlighting growing fears around portable tech and cybersecurity at public events. #CybersecurityRisks
IBM warns users of a severe security flaw in API Connect, potentially exposing systems to attacks. Updating promptly is crucial for protection. Learn more on the risk management strategies. #CyberSecurityAwareness
IBM Warns of Critical API Connect Bug Allowing Remote Authentication Bypass
IBM disclosed a critical CVSS 9.8 authentication bypass in IBM API Connect that could allow remote access; patches are now available.
thehackernews.com
January 1, 2026 at 2:05 PM
IBM warns users of a severe security flaw in API Connect, potentially exposing systems to attacks. Updating promptly is crucial for protection. Learn more on the risk management strategies. #CyberSecurityAwareness
Hackers stole $39M from Uniswap’s Unleash Protocol by hijacking its multisig wallet, exposing risks in decentralized control and wallet security. #cryptoheist
Hackers drain $3.9M from Unleash Protocol after multisig hijack
The decentralized intellectual property platform Unleash Protocol has lost around $3.9 million worth of cryptocurrency after someone executed an unauthorized contract upgrade that allowed asset withdrawals.
www.bleepingcomputer.com
January 1, 2026 at 11:05 AM
Hackers stole $39M from Uniswap’s Unleash Protocol by hijacking its multisig wallet, exposing risks in decentralized control and wallet security. #cryptoheist
Threat group "Silver Fox" is attacking Indian users with phishing emails, spreading malware through links. Stay informed and secure by recognizing these threats. #CyberSecurityAwareness
Silver Fox Targets Indian Users With Tax-Themed Emails Delivering ValleyRAT Malware
Silver Fox is using India income tax phishing emails and fake software sites to install ValleyRAT, a modular Windows remote access trojan.
thehackernews.com
December 31, 2025 at 2:05 PM
Threat group "Silver Fox" is attacking Indian users with phishing emails, spreading malware through links. Stay informed and secure by recognizing these threats. #CyberSecurityAwareness
The European Space Agency (ESA) confirmed hackers accessed external servers, exposing some user info. Core systems and missions remain safe as the breach didn’t impact internal networks. #cybersecurity
European Space Agency confirms breach of "external servers"
The European Space Agency (ESA) confirmed that attackers recently breached servers outside its corporate network, which contained what it described as "unclassified" information on collaborative engineering...
www.bleepingcomputer.com
December 31, 2025 at 11:05 AM
The European Space Agency (ESA) confirmed hackers accessed external servers, exposing some user info. Core systems and missions remain safe as the breach didn’t impact internal networks. #cybersecurity
MongoDB attacks and crypto-wallet breaches highlight the need for vigilance in data security. Understanding threats and strengthening defenses is crucial. Discover insights to safeguard your digital assets. #CyberSecurityAwareness
⚡ Weekly Recap: MongoDB Attacks, Wallet Breaches, Android Spyware, Insider Crime & More
Weekly 2025 cyber recap: MongoBleed targets 87,000, Trust Wallet $7M loss, LastPass $35M theft, DNS poisoning, npm WhatsApp trap.
thehackernews.com
December 30, 2025 at 2:05 PM
MongoDB attacks and crypto-wallet breaches highlight the need for vigilance in data security. Understanding threats and strengthening defenses is crucial. Discover insights to safeguard your digital assets. #CyberSecurityAwareness
A supply chain attack on Trust Wallet led to $7M in crypto theft from 2,596 wallets using malicious code in open-source libraries. Unused wallet addresses were still exploited. #CryptoSecurity
Trust Wallet says 2,596 wallets drained in $7 million crypto theft attack
Trust Wallet says attackers who compromised its browser extension right before Christmas have drained approximately $7 million from nearly 3,000 cryptocurrency wallet addresses.
www.bleepingcomputer.com
December 30, 2025 at 11:05 AM
A supply chain attack on Trust Wallet led to $7M in crypto theft from 2,596 wallets using malicious code in open-source libraries. Unused wallet addresses were still exploited. #CryptoSecurity
Evasive Panda, linked to China, leverages DNS hijacking for data theft. They direct users to malicious updates via fake sites. Stay alert to DNS risks and security patches. Learn about emerging cyber threats. #CyberSecurityConcerns
China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware
China-linked Evasive Panda used DNS poisoning to deliver the MgBot backdoor in targeted espionage attacks from 2022 to 2024.
thehackernews.com
December 29, 2025 at 2:05 PM
Evasive Panda, linked to China, leverages DNS hijacking for data theft. They direct users to malicious updates via fake sites. Stay alert to DNS risks and security patches. Learn about emerging cyber threats. #CyberSecurityConcerns
A fake browser extension led to a $7M crypto theft from Trust Wallet users. Attackers tricked users into entering private keys, giving full access to their funds. Trust Wallet has confirmed the exploit and advised caution with browser tools. #CryptoSecurity
Trust Wallet confirms extension hack led to $7 million crypto theft
Several users of the Trust Wallet Chrome extension report having their cryptocurrency wallets drained after installing a compromised extension update released on December 24, prompting an urgent response...
www.bleepingcomputer.com
December 29, 2025 at 11:05 AM
A fake browser extension led to a $7M crypto theft from Trust Wallet users. Attackers tricked users into entering private keys, giving full access to their funds. Trust Wallet has confirmed the exploit and advised caution with browser tools. #CryptoSecurity
AI-driven cyber threats and stealth loaders are evolving, posing new risks. Understanding these innovations is crucial to staying secure. Key focus: adaptation and proactive defense against emerging cyber threats. #CyberSecurity
ThreatsDay Bulletin: Stealth Loaders, AI Chatbot Flaws AI Exploits, Docker Hack, and 15 More Stories
Weekly roundup exploring how cyber threats, AI misuse, and digital deception are reshaping global security trends.
thehackernews.com
December 26, 2025 at 2:05 PM
AI-driven cyber threats and stealth loaders are evolving, posing new risks. Understanding these innovations is crucial to staying secure. Key focus: adaptation and proactive defense against emerging cyber threats. #CyberSecurity
You’ll soon be able to change your @gmail.com address without creating a new account—something users have wanted for years. Google is finally making this long-requested feature a reality. #GmailUpdate
Google will finally allow you to change your @gmail.com address
Google will finally allow you to change your @gmail address or create a new alias, according to a new support document.
www.bleepingcomputer.com
December 26, 2025 at 11:05 AM
You’ll soon be able to change your @gmail.com address without creating a new account—something users have wanted for years. Google is finally making this long-requested feature a reality. #GmailUpdate
Investment scam using Nomani tech rises by 62%, deceiving with fake credentials and promises. Stay informed to guard against evolving digital threats. #CyberSafety
Nomani Investment Scam Surges 62% Using AI Deepfake Ads on Social Media
ESET reports a 62% rise in the Nomani investment scam, using AI deepfakes on social media, while detections fell 37% in late 2025.
thehackernews.com
December 25, 2025 at 2:05 PM
Investment scam using Nomani tech rises by 62%, deceiving with fake credentials and promises. Stay informed to guard against evolving digital threats. #CyberSafety
MongoDB warns of a critical security flaw that could let attackers run code remotely. Admins should update systems fast to avoid risks. The issue affects certain server versions and needs quick action. #MongoDBSecurity
MongoDB warns admins to patch severe RCE flaw immediately
MongoDB has warned IT admins to immediately patch a high-severity vulnerability that can be exploited in remote code execution (RCE) attacks targeting vulnerable servers.
www.bleepingcomputer.com
December 25, 2025 at 11:05 AM
MongoDB warns of a critical security flaw that could let attackers run code remotely. Admins should update systems fast to avoid risks. The issue affects certain server versions and needs quick action. #MongoDBSecurity
Two Chrome extensions secretly captured user data, affecting 1.4 million users. The breach highlights the risk of using third-party add-ons. Stay informed to safeguard your online privacy. #OnlineSecurity
Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites
Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against cyberattacks and...
thehackernews.com
December 24, 2025 at 2:05 PM
Two Chrome extensions secretly captured user data, affecting 1.4 million users. The breach highlights the risk of using third-party add-ons. Stay informed to safeguard your online privacy. #OnlineSecurity
Over 30 harmful Chrome extensions with 75M+ installs secretly stole login info and tracked activity. Even trusted-looking add-ons can hide threats—stay alert to what’s running in your browser. #CyberSecurityAlert
Malicious extensions in Chrome Web store steal user credentials
Two Chrome extensions in the Web Store named 'Phantom Shuttle' are posing as plugins for a proxy service to hijack user traffic and steal sensitive data.
www.bleepingcomputer.com
December 24, 2025 at 11:05 AM
Over 30 harmful Chrome extensions with 75M+ installs secretly stole login info and tracked activity. Even trusted-looking add-ons can hide threats—stay alert to what’s running in your browser. #CyberSecurityAlert
Firewall exploit trends, AI's role in data security, and emerging cybersecurity threats highlight this week's critical discussions. Delve deeper into how these aspects are shaping future defense strategies. #CyberTrends2025
⚡ Weekly Recap: Firewall Exploits, AI Data Theft, Android Hacks, APT Attacks, Insider Leaks & More
Weekly cybersecurity recap on exploited network flaws, new APT attacks, major CVEs, and defense insights.
thehackernews.com
December 23, 2025 at 2:05 PM
Firewall exploit trends, AI's role in data security, and emerging cybersecurity threats highlight this week's critical discussions. Delve deeper into how these aspects are shaping future defense strategies. #CyberTrends2025