Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- Did the EU top court prohibit websites with user-generated content and anonymous users?
- WA man jailed for stealing intimate material and using ‘evil twin’ WiFi networks
- Europol and partners shut down ‘Cryptomixer’
- Deloitte allegedly cited AI-generated research in a million-dollar report for a Canadian provincial government
- ‘End-to-end encrypted’ smart toilet camera is not actually end-to-end encrypted
For the more technical
- Android Security Bulletin—December 2025
- B2B guest access creates an unprotected attack vector
- React2Shell (CVE-2025-55182)
- Cloudflare outage caused by React2Shell mitigations
- Your IP address might be someone else's problem (and here's how to find out)
- Cloudflare's 2025 Q3 DDoS threat report - including Aisuru, the apex of botnets
- Bootstrap script exposes PyPI to domain takeover attacks
- How I reverse engineered a billion-dollar legal AI tool and found 100k+ confidential files
- From inbox to wipeout: Perplexity Comet’s AI browser quietly erasing Google Drive
- 4.3 million browsers infected: Inside ShadyPanda's 7-year malware campaign
- Malware analysis report Brickstorm backdoor (PDF)
- Albiriox exposed: A new RAT mobile malware targeting global finance and crypto wallets
- New FvncBot Android banking trojan targets Poland
- Shai-hulud 2.0 campaign targets cloud and developer ecosystems
- TangleCrypt: a sophisticated but buggy malware packer
- Intellexa’s global corporate web
- Smile, you’re on camera: A live stream from inside Lazarus Group’s IT workers scheme
- Gamaredon X Turla collab
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.
Comments