Amazon's secret GitHub data grab

There's a rush to amass as much data as possible to train AI models. Amazon is trying to scrape Microsoft's Github for some of the data it needs.

Malicious npm package steals WhatsApp accounts and messages

A malicious package in the Node Package Manager (NPM) registry poses as a legitimate WhatsApp Web API library to steal ...
Decrypt

New Malware Poses as Roblox Mods to Steal Crypto Credentials

The Stealka malware is inserted into pirated mods for video games including Roblox, and can lift sensitive info from apps.
The Hacker News

New ForumTroll Phishing Attacks Target Russian Scholars Using Fake eLibrary Emails

Kaspersky reports ForumTroll phishing attacks targeting Russian academics, using fake eLibrary emails, personalized files & Windows malware delivery.

Critical React2Shell flaw exploited in ransomware attacks

A ransomware gang exploited the critical React2Shell vulnerability (CVE-2025-55182) to gain initial access to corporate ...
Forbes

Hackers Bypass Signal, Telegram And WhatsApp Encryption To Read Messages

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Updated November 25 with a new warning from America’s Cyber ...