Coupang, a South Korean e-commerce company, announced on Monday a 1.69 trillion won ($1.18 billion) compensation deal for 33.7 million affected accounts due to a major data leak, which upset users and lawmakers. Each customer will receive vouchers worth 50,000 won. Coupang founder Kim Bom apologized for last month’s data …
Read More »Fortinet Warns of 2020 FortiGate Flaw to Bypass 2FA
Fortinet warns that a three-year-old vulnerability allows attackers to bypass 2FA on FortiGate firewalls by merely altering the capitalization of usernames. The vulnerability FG-IR-19-283 (CVE-2020-12812) was reported and fixed in July 2020. Recently, it has been noted that attackers are exploiting this flaw in organizations that haven’t addressed specific configurations. …
Read More »ASRock, ASUS, GIGABYTE, MSI Motherboards New UEFI Flaw allow pre-boot attacks
Certain motherboards from ASUS, Gigabyte, MSI, and ASRock are susceptible to DMA attacks that can bypass early-boot memory protections. This security flaw has several identifiers (CVE-2025-11901, CVE-2025‑14302, CVE-2025-14303, and CVE-2025-14304)due to differences in vendor implementations. The vulnerability found by Nick Peterson and Mohamed Al-Sharifi of Riot Games in some UEFI …
Read More »
"Cyble Global Cybersecurity Report 2025"
6,000 Ransomware Attacks Show a 50% Increase in 2025
Key Ransomware Statistics: 5,967 ransomware attacks in 2025, up 50% from last year. The manufacturing sector most affected Construction, Professional Services, Healthcare, IT top targeted The U.S. saw the most attacks; Australia listed the top five for the first time 31 incidents hit critical infrastructure 2025 will be noted for …
Read More »MITRE Unveils Top 25 Most Dangerous Software Weaknesses of 2025
MITRE has released its 2025 Top 25 Most Dangerous Software Weaknesses list, identifying root causes of 39,080 Common Vulnerability and Exposure (CVE™) records this year. Common vulnerabilities are easy to spot and exploit, allowing attackers to take control of systems, steal sensitive information, or disrupt applications. Developers, security teams, and …
Read More »Hacker making banking login page in second using “Spiderman” phishing kit
A new phishing kit called “Spiderman” poses a serious threat to European bank customers, allowing cybercriminals to easily generate realistic fake login pages for multiple banks. The Spiderman phishing kit is notable for its all-in-one design, combining login templates for various European banks and cryptocurrency platforms into a single, easy-to-use …
Read More »2 Cisco Ex-Students Leading Sophisticated Attacks on Cisco Devices
Two Chinese nationalists who previously excelled in Cisco’s training academy are now leading attacks on the company’s devices. These devices, pivotal in many network infrastructures, are being targeted by Yuyang and Qiu Daibing. They were identified as key operators behind the notorious Salt Typhoon campaign. In 2012, Yuyang and Qiu …
Read More »
Apple, Google and Samsung protest
India’s reviewing new proposal to enable “Always-On GPS” for location tracking
India’s government is considering a proposal that would require smartphone companies to always activate satellite location tracking for better surveillance. Apple, Google, and Samsung oppose this due to privacy issues, according to Reuters. The Modi administration has long been worried that its agencies don’t receive accurate locations when they request …
Read More »Bangladesh now 3rd largest global source of DDoS attacks in 2025 Q3
According to Cloudflare’s report, Bangladesh has risen in the 3rd largest global source of DDoS attacks in 2025 Q3. Seven of the top ten sources of DDoS attacks are in Asia, with Indonesia being the highest. Indonesia has been the leading source since 2024 Q3 and has consistently ranked high …
Read More »1,20,000 IP cameras hacked; Home video sold for porn site: Suspect arrested
The Korean National Police arrested suspected four people for hacking over 120,000 IP cameras and selling the footage to a foreign adult website. Police are acting against the operators of the illegal content despite not revealing the suspects or websites, through international cooperation. “The National Office of Investigation announced that …
Read More »
InfoSecBulletin Cybersecurity for mankind