December 2025

UK watchdog urged to probe GDPR failures in Home Office eVisa rollout

Rights groups say digital-only record is leaking data and courting trouble Civil society groups are urging the UK's data watchdog to investigate whether the Home Office's digital-only eVisa scheme is breaching GDPR, sounding the alarm about systemic data errors and design failures that are exposing sensitive personal information…

Half of exposed React servers remain unpatched amid active exploitation

Wiz says React2Shell attacks accelerating, ranging from cryptominers to state-linked crews Half of the internet-facing systems vulnerable to a fast-moving React remote code execution flaw remain unpatched, even as exploitation has exploded into more than a dozen active attack clusters ranging from bargain-basement cryptominers to state-linked intrusion tooling.…

Crypto-crasher Do Kwon jailed for 15 years over $40bn UST bust

Judge said his fraud was on 'epic, generational scale' Terraform Labs founder Do Kwon will spend 15 years in jail after pleading guilty to committing fraud.…

Google fixes super-secret 8th Chrome 0-day

No details, no CVE, update your browser now Google issued an emergency fix for a Chrome vulnerability already under exploitation, which marks the world's most popular browser's eighth zero-day bug of 2025.…

LastPass hammered with £1.2M fine for 2022 breach fiasco

UK data regulator says failures were unacceptable for a company managing the world's passwords The UK's Information Commissioner's Office (ICO) says LastPass must cough up £1.2 million ($1.6 million) after its two-part 2022 data breach compromised information from up to 1.6 million UK users.…

Researcher claims Salt Typhoon spies attended Cisco training scheme

Skills gained later fed Beijing's cyber operations, according to SentinelLabs expert A security researcher specializing in tracking China threats claims two of Salt Typhoon's members were former attendees of a training scheme run by Cisco.…

10K Docker images spray live cloud creds across the internet

Flare warns devs are unwittingly publishing production-level secrets Docker Hub has quietly become a treasure trove of live cloud keys and credentials, with more than 10,000 public container images exposing sensitive secrets from over 100 companies, including a Fortune 500 firm and a major bank.…

Users report chaos as Legal Aid Agency stumbles back online after cyberattack

Workers frustrated with security-first changes to workflows and teething issues Exclusive  Seven months after a landmark cyberattack, the UK's Legal Aid Agency (LAA) says it's returning to pre-breach operations, although law firms are still wrestling with buggy and more laborious systems.…

US extradites Ukrainian woman accused of hacking meat processing plant for Russia

The digital intrusion allegedly caused thousands of pounds of meat to spoil and triggered an ammonia leak in the facility A Ukrainian woman accused of hacking US public drinking water systems and a meat processing facility on behalf of Kremlin-backed cyber groups was extradited to the US earlier…

Microsoft won’t fix .NET RCE bug affecting slew of enterprise apps, researchers say

Devs and users should know better, Microsoft tells watchTowr Security researchers have revealed a .NET security flaw thought to affect a host of enterprise-grade products that they say Microsoft refuses to fix.…

Copyright © 2026 Lugapel