The International Criminal Court is stepping into the world of cyber-enabled crimes, where hacking meets heinousness. As they draft a policy to tackle digital atrocities, they must balance justice with protecting human rights. Because, let’s face it, fighting digital villains shouldn’t mean turning the internet into a dystopian surveillance state.

SolarWinds announced its third attempt to fix a pesky remote code execution vulnerability in Web Help Desk. Known as CVE-2025-26399, this bug is like a sequel nobody asked for, following two previous patch bypasses. Users are urged to apply the hotfix before hackers turn this trilogy into a blockbuster.

WhatsApp’s new translation feature lets users translate messages in chats and groups. Android users can enjoy automatic translation, while iPhone users must flex those tapping fingers. With support for over 19 languages and privacy protection, this update ensures your chat secrets stay secret, even if you need them in another language.

The U.S. Secret Service foiled a plot involving a network of SIM servers and 100,000 SIM cards around the New York tri-state area. These devices, capable of disabling cell towers and issuing threats, posed an imminent threat to national security. Potential nation-state actors were involved, but no further details were disclosed.

The SolarWinds saga continues with another hotfix for a critical flaw in its Web Help Desk software. This marks the third attempt to patch the same deserialization bug, raising the question: will the third time finally be the charm? With a history of exploitation, experts advise to patch now.

Security researchers revealed a critical bug in OnePlus smartphones, allowing any app to read SMS and MMS data. This vulnerability, stemming from OxygenOS 12, has remained since late 2021. Despite efforts, OnePlus hasn’t responded to fix this flaw, leaving users to wonder if their texts have become public domain.

Cloudflare recently fended off a DDoS attack peaking at a staggering 22.2 Tbps, the equivalent of streaming one million 4K videos at once. While it lasted just 40 seconds, it set a new record. As DDoS attacks continue to grow in frequency and size, Cloudflare’s defense game is stronger than ever.

Nimbus Manticore is expanding its cyber escapades, now targeting Europe’s defense, telecom, and aerospace sectors. These Iranian hackers use fake job offers to lure victims, employing evolved malware like MiniJunk to sneak past defenses. Stay alert, because when your inbox promises a dream job, it might just be a nightmare in disguise!

Customs and Border Protection agents have been quietly harvesting DNA from American citizens, even minors, and funneling it into an FBI crime database. Critics warn this unauthorized expansion of genetic surveillance could mean lifelong scrutiny for anyone added, with DNA from children as young as 4 already present.

CISA discovered that attackers exploited an unpatched GeoServer vulnerability, CVE-2024-36401, to breach a U.S. federal agency’s network. After uploading web shells and scripts, they went undetected for three weeks. CISA recommends swift vulnerability patching and vigilant monitoring to thwart future attacks.

The U.S. Secret Service dismantled a covert communications network near the U.N. in New York, seizing 100,000 SIM cards and 300 servers. Capable of sending 30 million texts per minute, this high-tech operation could disrupt cellular networks, raising serious concerns over mobile network security. Talk about an “unlimited text” plan gone rogue!

The US Secret Service has dismantled a colossal network of SIM farms in the New York Tri-state area, potentially capable of disrupting entire cellular networks. This operation involved over 100,000 SIM cards and targeted senior government officials. Meanwhile, the Secret Service is still figuring out why anyone would need that many SIM cards.

Kaspersky warns that hotel-hacking group RevengeHotels is back, now wielding AI to craft stealthier scams. Their classic phishing tricks have evolved; AI-generated malware means hotel guests face greater risks of card and data theft, even in trusted hotels. The cybercriminals are getting smarter, but the bookings are about to get scarier.

Nimbus Manticore is on a cyber-espionage spree in Europe. With fake recruiter personas and dodgy career portals, they’re phishing for more than just compliments. Their malware, with names like MiniJunk, sideloads into legit apps, evading detection like a ninja in a tuxedo. Keep an eye out, Denmark, Sweden, and Portugal!

Deepfake attacks are on the rise, with 62% of organizations experiencing one in the past year. Companies must integrate deepfake detection into tools like Microsoft Teams or Zoom to combat these threats. According to Gartner’s Akif Khan, combining deepfakes with social engineering is a potent mix, leaving employees on the frontlines of detection.

Five suspects in Europe were nabbed in a cryptocurrency fraud scheme that swindled over €100 million. Authorities from several countries teamed up, proving that when it comes to catching scammers, teamwork makes the dream work—unless you’re the dreamer who lost all your money in this crypto nightmare.

The Open Source Security Foundation warns that “open infrastructure is not free,” as the software world’s unpaid janitors tire of footing the bill. With package registries under strain, they call out wasteful usage and advocate for commercial-scale support. OpenSSF urges freeloaders to contribute before the software economy hits a costly downtime.

Security awareness training budgets are up, yet human error incidents continue to rise. Despite the spending spree, outdated and irrelevant content leaves staff overconfident and unprepared. It’s like trying to fix a leaky boat with a designer bucket—stylish, but ultimately ineffective. Time for a training revamp!

SolarWinds has issued a crucial hotfix for a critical Web Help Desk vulnerability, CVE-2025-26399. This flaw, allowing remote code execution without authentication, is part of a patch saga that could rival any soap opera. Users must update to version 12.8.7 and follow specific steps to secure their systems.

SolarWinds Web Help Desk struck again with a critical vulnerability, CVE-2025-26399, allowing attackers to run wild with arbitrary commands. It’s like a never-ending sequel to a tech horror movie, now on its third patch! Time to update to version 12.8.7 HF1 and hope this is the final cut.