Eduard Kovacs

Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

re:Invent 2025: AWS and Security Vendors Unveil New Products and Capabilities

AWS and cybersecurity vendors have made several announcements at the cloud giant’s re:Invent 2025 event.

December 3, 2025

Vulnerability in OpenAI Coding Agent Could Facilitate Attacks on Developers

The Codex CLI vulnerability tracked as CVE-2025-61260 can be exploited for command execution.

December 2, 2025

$29 Million Worth of Bitcoin Seized in Cryptomixer Takedown

Cryptomixer was targeted by law enforcement in Operation Olympia for facilitating cybercrime and money laundering.

December 1, 2025

New Albiriox Android Malware Developed by Russian Cybercriminals

Albiriox is a banking trojan offered under a malware-as-a-service model for $720 per month.

December 1, 2025

CISA Warns of ScadaBR Vulnerability After Hacktivist ICS Attack

CISA has added CVE-2021-26829 to its Known Exploited Vulnerabilities (KEV) catalog.

December 1, 2025

Australian Man Sentenced to Prison for Wi-Fi Attacks at Airports and on Flights

Michael Clapsis has been sentenced to 7 years and 4 months in prison for stealing sensitive information.

December 1, 2025

OpenAI User Data Exposed in Mixpanel Hack

Multiple Mixpanel customers were impacted by a recent cyberattack targeting the product analytics company.

November 27, 2025

Ransomware Attack Disrupts Local Emergency Alert System Across US

The OnSolve CodeRED platform has been targeted by the Inc Ransom ransomware group, resulting in disruptions and a data breach.

November 26, 2025

Dartmouth College Confirms Data Theft in Oracle Hack

Dartmouth College has disclosed a data breach after cybercriminals leaked over 226 Gb of files stolen from the university.

November 26, 2025

CISA Warns of Spyware Targeting Messaging App Users

CISA has described the techniques used by attackers and pointed out that the focus is on high-value individuals.

November 25, 2025

WormGPT 4 and KawaiiGPT: New Dark LLMs Boost Cybercrime Automation

Palo Alto Networks has conducted an analysis of malicious LLMs that help threat actors with phishing, malware development, and reconnaissance.

November 25, 2025

Canon Says Subsidiary Impacted by Oracle EBS Hack

More than 100 alleged victims of the Oracle EBS campaign have been added to the Cl0p ransomware website.

November 25, 2025

CISA Confirms Exploitation of Recent Oracle Identity Manager Vulnerability

CISA has added CVE-2025-61757 to its Known Exploited Vulnerabilities (KEV) catalog.

November 24, 2025

Mazda Says No Data Leakage or Operational Impact From Oracle Hack

The Cl0p ransomware group has listed Mazda and Mazda USA as victims of the Oracle EBS campaign on its leak website.

November 24, 2025

Cox Confirms Oracle EBS Hack as Cybercriminals Name 100 Alleged Victims

More than 1.6 Tb of data allegedly stolen from Cox was made public by the hackers.

November 24, 2025

Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day

CVE-2025-61757 is an unauthenticated remote code execution vulnerability affecting Oracle Identity Manager.

November 21, 2025

Over 370 Organizations Take Part in GridEx VIII Grid Security Exercise

The number of participants in the cyber and physical grid security exercise increased by nearly 50% compared to two years ago.

November 21, 2025

SquareX and Perplexity Quarrel Over Alleged Comet Browser Vulnerability

SquareX claims to have found a way to abuse a hidden Comet API to execute local commands, but Perplexity says the research is fake.

November 21, 2025

New Sturnus Banking Trojan Targets WhatsApp, Telegram, Signal Messages

The Android malware is in development and appears to be mainly aimed at users in Europe.

November 20, 2025

Vulnerability Allowed Scraping of 3.5 Billion WhatsApp Accounts

Researchers demonstrated a now-patched vulnerability that could have been used to enumerate all WhatsApp accounts.

November 20, 2025

SECURITYWEEK NETWORK:

ICS:

Eduard Kovacs

re:Invent 2025: AWS and Security Vendors Unveil New Products and Capabilities

Vulnerability in OpenAI Coding Agent Could Facilitate Attacks on Developers

$29 Million Worth of Bitcoin Seized in Cryptomixer Takedown

New Albiriox Android Malware Developed by Russian Cybercriminals

CISA Warns of ScadaBR Vulnerability After Hacktivist ICS Attack

Australian Man Sentenced to Prison for Wi-Fi Attacks at Airports and on Flights

OpenAI User Data Exposed in Mixpanel Hack

Ransomware Attack Disrupts Local Emergency Alert System Across US

Dartmouth College Confirms Data Theft in Oracle Hack

CISA Warns of Spyware Targeting Messaging App Users

WormGPT 4 and KawaiiGPT: New Dark LLMs Boost Cybercrime Automation

Canon Says Subsidiary Impacted by Oracle EBS Hack

CISA Confirms Exploitation of Recent Oracle Identity Manager Vulnerability

Mazda Says No Data Leakage or Operational Impact From Oracle Hack

Cox Confirms Oracle EBS Hack as Cybercriminals Name 100 Alleged Victims

Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day

Over 370 Organizations Take Part in GridEx VIII Grid Security Exercise

SquareX and Perplexity Quarrel Over Alleged Comet Browser Vulnerability

New Sturnus Banking Trojan Targets WhatsApp, Telegram, Signal Messages

Vulnerability Allowed Scraping of 3.5 Billion WhatsApp Accounts

Featured

ICS/OT

Iranian Cyber Group Handala Claims Cal Water Hack

Cybercrime

Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters

Incident Response

Alert Fatigue Is Becoming a Security Threat of Its Own

ICS/OT

Siemens Says Desigo CC Files Flagged as Malware by Security Engines

Vulnerabilities

Microsoft Patches Exploited Exchange Server Vulnerability

ICS/OT

Critical HVAC and UPS Vulnerabilities Could Let Hackers Disrupt Data Centers

Vulnerabilities

ServiceNow Patches Vulnerability Exploited Against Some Customers

Latest News

Artificial Intelligence

Anthropic Says It Has Taken Its Latest AI Models Offline to Comply With New Export Controls

Management & Strategy

In Other News: Google Security Layoffs, AudiA6 Takedown, $400 Million Coupang Fine

Artificial Intelligence

Industry Reactions to Claude Fable 5: Feedback Friday

Vulnerabilities

Ivanti Sentry Exploitation Attempts Hitting Honeypots

Vulnerabilities

Chrome 149 Update Patches 28 Vulnerabilities

Artificial Intelligence

Anthropic Disputes Fable 5 AI Jailbreak

Cybercrime

Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters

Daily Briefing Newsletter