Sturnus, the Android banking malware, is as tricky as a starling’s song. It bypasses encryption to read your chats, steals your bank details, and even fakes login screens. It’s a digital Houdini, hiding its actions with a black screen while pilfering your data. Beware of unofficial APKs or face a symphony of cyber chaos.

A judge blew the fuse on a decade-long surveillance program that turned 650,000 Sacramento residents into suspects based on their electrical usage. Apparently, using too much electricity makes you a potential criminal, but fear not, privacy prevailed! The court ruled that SMUD’s dragnet was less investigation and more “Watt were you thinking?”

In a move that has some scratching their heads, the FCC decided to ditch its stricter cybersecurity measures. Despite Salt Typhoon’s notorious hack, telecom firms found the rules too much to handle. Commissioner Gomez calls it “a hope and a dream,” but maybe the FCC just dreams of hackers taking a vacation.

SecurityWeek’s cybersecurity news roundup highlights a 40x surge in Palo Alto Networks scanning, a guilty plea from a hacker who locked out his former employer, and NSO’s appeal against a WhatsApp hacking ban. Meanwhile, ATM jackpotting persists, and CISA plans aggressive hiring to bolster defenses against China.

Beware of Matrix Push C2, the malware maestro fooling users with fake system notifications! This cyber trickster uses browser notifications to deliver malware, phish for data, and even scan for crypto wallets—all without ever needing a traditional file. Talk about a pushy malware!

Two British teens, accused members of the Scattered Spider hacking group, deny involvement in the Transport for London breach. Despite causing millions in damages and exposing customer data, they claim innocence. Meanwhile, the cyber caper disrupted online services and TfL’s ability to process refunds, proving even hackers can’t resist a good transportation drama.

Grafana has patched a severe security flaw in its SCIM component, which could let attackers impersonate users or escalate privileges. A CVSS score of 10.0 means this is as serious as realizing you’ve been using decaf coffee for months. Users should update immediately to avoid any unwanted surprises.

Salesforce is tackling a major security incident after Gainsight’s app was exploited to access customer data. Attackers swiped digital keys, unlocking data from hundreds of Salesforce users. While Salesforce swiftly revoked access, the hackers, ShinyHunters, threaten further leaks if demands aren’t met. Gainsight’s integrations with major platforms heighten the security stakes.

AI is reshaping cybersecurity by eliminating tedious tasks like log review, but it risks eroding essential training for future leaders. As automation takes over grunt work, security teams must rethink how they develop intuition and expertise. The strategic question arises: Who trains the next generation of defenders?

ENISA’s new role as a Program Root in the CVE Program puts Europe on the map—literally, as the central contact for cybersecurity. This move strengthens the EU’s strategic autonomy in vulnerability management, ensuring faster response times. ENISA now has a bigger to-do list than a procrastinating college student during finals week!

SolarWinds patched three critical vulnerabilities in its Serv-U file transfer solution allowing remote code execution. These flaws, with CVSS scores of 9.1, include a path restriction bypass, broken access control, and a logic error. Thankfully, the patches arrived faster than your Wi-Fi when you’re trying to stream a cat video.

Beware the Oracle Identity Manager vulnerability, CVE-2025-61757! This zero-day exploit lets attackers bypass authentication and execute remote code, making mischief like a cat in a yarn shop. Patched in October 2025, it was already spotted prowling in the wild. Keep your systems safe before they “hocus pocus” your precious data!

The US is set to launch an aggressive cyber strategy, aiming to target groups attacking American entities. This approach will hinge on execution, experts warn, as the plan involves combining federal efforts and increasing offensive measures. But remember, the key to a successful cyber strategy isn’t just coding—it’s cracking the lead agency code!

Four individuals have been charged with plotting to funnel Nvidia AI chips into China using shell firms and fake invoices. The defendants allegedly pocketed $3.89 million while dodging US export controls. Despite their efforts, some shipments were intercepted, proving once again that sneaky exports are no match for nosy prosecutors.

GridEx VIII electrified North America with a whopping 50% increase in participants, zapping previous records! Small- and medium-sized utilities powered up, and even Canadians joined the charge. This electrifying exercise tested emergency preparedness against real-world threats, proving that when it comes to grid security, it’s better to be shocked in practice than in reality.

Treat insider risk like a racing incident: it often begins innocently, not at the perimeter. Shorten sensitive credential lifespans and pair alerts with responsible owners. Run zero trust at race pace—assumptions are slow, proof is fast. Security, like F1, thrives on precision and practice. Winning is a system, not a fluke.

Google’s AI mode now features ads, with sponsorship labels, popping up at the bottom of answers. It’s Google’s crafty way of blending AI answers with commercial intent. So, if you’ve ever wanted product advice from a robot, your wish has been granted—just remember, the robots are now sales reps too!

Google’s Quick Share now plays nice with Apple’s AirDrop, bridging the Android-iPhone file-sharing divide. Pixel 10 users can now swap memes with iPhone pals, provided everyone turns their visibility to “discoverable” for 10 minutes. It’s like a digital friendship bracelet but with more security and fewer strings attached!

On Christmas Day 2024, a Russian-linked laundering network gifted itself a Kyrgyzstan bank to wash cybercrime profits and fund Moscow’s war machine. Couriers in the UK convert street cash into crypto, which flows through the bank. The NCA’s Operation Destabilise has seized millions and rattled these networks. The walls are closing in.

SonicWall has released urgent fixes for high-severity vulnerabilities affecting over 30 firewalls. A stack-based buffer overflow bug in SonicOS SSL VPN service could let attackers remotely crash devices or execute arbitrary files. Update to SonicOS versions 7.3.1-7013 or 8.0.2-8011 to keep those pesky cyber pests at bay.