Urban VPN Proxy, with 6 million users, was caught stealthily collecting user prompts from AI chatbots like ChatGPT. It’s like hiring a bodyguard who secretly sells your diary! Advertised as a secure VPN, the extension plays double agent by “protecting” users while funneling their data to advertisers. Trust no badge, especially when it’s “Featured”.

Chinese spy crews are having a field day exploiting React2Shell, a critical flaw in the React JavaScript library, according to Google. Armed with backdoors and cryptocurrency miners, they’re like kids in a candy store. The flaw, CVE-2025-55182, has attackers from every corner, turning React servers into their personal piñatas.

Extremist groups have jumped on the AI bandwagon, but they’re still figuring out how to steer it. From crafting deepfakes to dreaming up cyberattacks, these groups see AI as a tool for mischief. National security experts warn that while their efforts are “aspirational” for now, the potential risks can’t be ignored.

Minnesota man Nathan Austad, also known as “Snoopy,” pleads guilty to a major cyber-attack on a fantasy sports platform. The credential stuffing scheme compromised over 60,000 accounts, leading to $600,000 in losses. Looks like Snoopy’s hacking days are over—this time, the only stuffing he’ll be doing is in a prison turkey.

700Credit had a “whoopsie daisy” with their data, affecting 5.8 million people. After a partner’s security fail, a sneaky hacker waltzed in and stole data for months. Now, 700Credit is offering free identity protection because nothing says “we’re sorry” like free credit monitoring after a data breach fiasco.

The React2Shell scanner posed as a cybersecurity tool but secretly delivered malware instead. Hosted on GitHub, it preyed on researchers investigating CVE-2025-55182. Remember, not every security tool is your friend—some just want to crash the party! Always scrutinize before using.

Phantom Stealer is haunting inboxes! Disguised as payment confirmations, this Russian phishing campaign uses an ISO file to deploy the malware. Seqrite Labs warns finance and HR teams to brace for data theft and keep an eye on fake transactions. Early Halloween trick or treat? Just don’t open that email!

Atlassian swoops in to save the day, fixing a maximum-severity flaw, CVE-2025-66516, in Apache Tika that could let attackers waltz through XML External Entity injection vulnerabilities. So, remember to update your Tika-core to keep those pesky cyber intruders at bay!

CyberVolk’s new ransomware, VolkLocker, has a fatal flaw: it leaves behind artifacts that let victims decrypt files. This blunder might just be the ransomware equivalent of leaving your house key under the doormat, offering victims a “get out of ransom free” card. Who knew cybercrime could have a blooper reel?

Windows Subsystem for Linux users, brace for impact! Microsoft reports that the latest Windows 11 security updates are causing VPN networking failures. So if you’re seeing “No route to host” errors, it’s not you, it’s them. Microsoft is on the case, but no timeline for a fix yet. Stay tuned!

Horizon3.ai has discovered multiple security vulnerabilities in FreePBX, including a critical authentication bypass flaw. By simply tinkering with a few settings, hackers could waltz right past security like it’s a revolving door. FreePBX recommends a settings overhaul and a reboot to keep unwanted guests, and their malware, out.

Chinese threat groups are exploiting React2Shell like it’s a Black Friday sale on vulnerabilities. This newly disclosed bug, CVE-2025-55182, is the latest hot-ticket item, allowing hackers to execute remote code on systems using React 19. Google’s watching as malware flies off the shelves, courtesy of Earth Lamia and Jackpot Panda.

Cybersecurity researcher Bob Diachenko found an unprotected MongoDB database exposing 4.3 billion professional records. This 16-terabyte treasure trove could arm criminals with data for targeted attacks. While the database was secured quickly, the potential for personalized scams skyrockets, reminding professionals to safeguard their online presence like a dragon guards its hoard.

The Online Safety Act has sparked a VPN frenzy, with apps topping UK download charts and a petition to repeal the act gaining over 550,000 signatures. Critics argue the legislation threatens privacy and free expression, while supporters claim it ensures child safety. Parliament faces the challenge of balancing these concerns.

Five more Chinese hacking groups have joined the React2Shell party. The flaw, tracked as CVE-2025-55182, affects React and Next.js applications, allowing attackers to execute arbitrary code. The Google Threat Intelligence Group identified additional groups exploiting this vulnerability, proving once again that cyber-espionage is a global team sport.

Apple and Google release fixes for actively exploited flaws. Hackers are taking advantage of vulnerabilities faster than you can say “software update.” Make sure to install the latest patches for your devices—because nothing ruins a day like a maliciously crafted web page executing arbitrary code. Stay secure, folks!

Ashen Lepus, linked to Hamas, is actively using AshTag malware to target Middle Eastern governments. They lure victims with fake geopolitical reports, leading to stealthy data theft via a clever attack chain. Despite geopolitical tensions, their espionage remains relentless, urging vigilance from regional organizations against this evolving cyber threat.

The Bank of England’s Real-Time Gross Settlement system upgrade cost £23 million extra due to the European Central Bank’s decision to delay its messaging overhaul. The unplanned expense was like buying a used car only to discover it needs a new engine and tires to boot.

Jaguar Land Rover’s cyber raid not only stopped production but also swiped payroll data. The breach, one of the priciest in UK history, exposed sensitive employee details. JLR urges employees to stay vigilant despite no misuse evidence yet. The attack cost JLR £1.5 billion in sales and impacts the UK economy significantly.

Soverli raises $2.6 million in pre-seed funding to develop a sovereign smartphone platform. It allows users to switch to a secure OS with one button, even if Android or iOS is compromised. No hardware mods needed—just pure security magic with zero impact on your scrolling addiction. Soverli aims to redefine smartphone security.