Specialized Cyber Security Search

10+ min ago (310+ words) On December 7-8, 2025, my Next.js portfolio application luisfaria.dev running on a DigitalOcean Ubuntu droplet was compromised by an automated cryptomining attack. The attacker successfully executed remote code on the containerized Next.js application, deploying cryptocurrency miners that ran for several hours before detection. This document serves as a post-mortem analysis and educational resource for understanding how the attack occurred, what was compromised, and how to prevent similar incidents. An attacker exploited a vulnerability in my Next.js application to execute arbitrary shell commands within the Docker container. The attack resulted in: The attacker exploited a vulnerability that allowed execution of shell commands through HTTP requests. The exact entry point was identified through nginx access logs showing suspicious POST requests with URL-encoded shell commands. This is a common IoT/router exploit being sprayed at internet-facing servers. The fact that my…...

54+ min ago (374+ words) Apple has released iOS 26.2, along with a warning to update your iPhone now. That's because iOS 26.2 fixes 26 flaws in Apple's iOS software, two of which are already being used in real-life attacks. Tracked as CVE-2025-43529 and CVE-2025-14174, the two already exploited issues fixed in iOS 26.2 are related. The first flaw could lead to arbitrary code execution, if a user interacts with maliciously crafted web content may. "CVE-2025-14174 was also issued in response to this report," Apple said on its support page. Apple's iOS 26. 2 also fixes a vulnerability in the iPhone Kernel, tracked as CVE-2025-46285, which could allow an app to gain root privileges. The release of iOS 26.2 comes as Apple confirms its devices are being targeted by spyware. The iPhone maker sent out cyber threat notifications to users in at least 80 countries warning them that they are being targeted by…...

57+ min ago (920+ words) The AI Summarizer is only available on Chrome (v138+) and Microsoft Edge (v138+ with experimental flags enabled). It's been about one week since the disclosure of React2Shell (CVE-2025-55182). The initial "drop everything" panic has mostly subsided, and hopefully, your PagerDuty alerts have stopped screaming. Now that the smoke has cleared, we can actually take a breath and look at the wreckage to understand what just happened to the React ecosystem. For me, the reality of the situation really hit home when I got 8 emails from GCP (Google Cloud). It wasn't the usual billing alert warning (the other type of email that causes panic). It looked like this: Dear Google Cloud customer, When your cloud provider starts sending out a bunch of "Advisory Notification" emails naming a JavaScript framework, you know it's not just a bug; it's an event!. This wasn't just a bad…...

1+ hour, 12+ min ago (315+ words) As the market shifts away from pure speculation and toward projects that combine regulation, utility, and sustainable tokenomics, investors are beginning to reassess where to allocate their capital. BNB and Hyperliquid remain heavyweights, but BlockchainFX ($BFX) is making a strong case to be the superior growth play. With the BlockchainFX presale now surpassing $12 million and the token trading at $0.031 as it approaches a $0.05 launch price, early buyers are finding a rare opportunity to secure significant upside. The presale's tiered structure ensures that the token price rises with each completed stage, rewarding those who act early. And with the announcement of a Christmas promotion, now might be the best time to buy into the BFX presale. BlockchainFX's presale isn't a vague promise; it's a staged, transparent mechanism designed to favour early participation. Each tier closes as demand grows, and each closure…...

1+ hour, 15+ min ago (134+ words) " " " " " " " " " ", " " " " " " " " " " " " " " ", " " " " " " " " " " ", " " " " " " " " " " " ", " " " " " " " []...

1+ hour, 19+ min ago (350+ words) ServiceNow, Inc. (NYSE:NOW) is one of the best agentic AI stocks to buy now. On December 2, 2025, ServiceNow said it intends to acquire Veza, an AI-native identity security platform, to expand its Security and Risk portfolio. The company framed identity as central to modern breaches and said Veza will help customers see and control [] ServiceNow's Bet on Veza Points to Tighter AI Identity Controls On December 2, 2025, ServiceNow said it intends to acquire Veza, an AI-native identity security platform, to expand its Security and Risk portfolio. The company framed identity as central to modern breaches and said Veza will help customers see and control who and what can access data, applications, systems, and AI artifacts across clouds and enterprise environments. ServiceNow highlighted Veza's Access Graph, which maps relationships across human, machine, and AI identities, to support least-privilege governance and end-to-end visibility....

1+ hour, 19+ min ago (264+ words) The West Australian is a leading news source in Perth and WA. Breaking local and world news from sport and business to lifestyle and current affairs. Apple has released an urgent update for iPhones to address an issue when calling emergency services The upgrade, to iOS 26.2, contains a fix which "addresses a mobile network issue for iPhone 12 models when establishing a connection to emergency services in Australia, according to the official release notes Other models of iPhone are not affected, Apple said It follows other technical failures that prevented older mobile phones from other manufacturers being able to make emergency calls to Triple-0 when an alternate network was available and should have connected the call, and the well-publicised deaths linked to problems at Optus Testing conducted by Telstra in October identified dozens of older Samsung mobile phones could not connect…...

1+ hour, 56+ min ago (437+ words) ARTEMIS is designed to run autonomously for hours while scanning and studying network behaviour. An AI agent named ARTEMIS has successfully hacked Stanford University's computer network and performed better than professional human hackers who earn six-figure salaries. The experiment shows how fast artificial intelligence is evolving and how it may change the way cybersecurity testing is done in the future. According to reports, during the test, ARTEMIS was allowed to operate on Stanford's private and public computer science networks for 16 hours. In that time, the AI scanned nearly 8,000 devices, including servers and different smart systems used across the university. By the end of the trial, ARTEMIS had uncovered nine valid security vulnerabilities with an accuracy rate of 82 per cent. The researchers noted that this performance was better than nine out of ten human penetration testers. Also Read: Alert! Millions Of…...

1+ hour, 57+ min ago (239+ words) If you've been juggling laptops, tablets, and devices to get through work, school, or streaming, the ASUS Chromebook CM30 makes life simpler and more fun. This nimble 2-in-1 machine lets you'switch between laptop and tablet" and right now, it's just $159.99. The Chromebook's 10.5-inch WUXGA touchscreen delivers crisp visuals, while the garaged stylus lets you sketch, take notes, or annotate with precision. Flip it into tablet mode with the magnetic detachable keyboard and versatile stand for reading, browsing, or streaming anywhere. Dual 5MP cameras handle video calls and snapshots, while Wi-Fi 6 and Bluetooth 5.3 keep you connected wherever you go. It features a'MediaTek Kompanio 520 processor, 8GB RAM, and 128GB eMMC storage, giving you fast performance for multitasking, creative projects, and web-based apps. Built tough with a military-grade aluminum chassis and 30% recycled materials, this Chromebook can survive bumps and scrapes without compromising style or portability. The 12-hour…...

2+ hour, 29+ min ago (604+ words) Not every opportunity announces itself loudly. Sometimes the biggest moves begin quietly, while attention is still scattered elsewhere. As Ripple (XRP) sees renewed on-chain activity, BlockchainFX ($BFX) is emerging as one of the top cryptos to buy now for investors who understand the value of early positioning rather than late reaction. BlockchainFX is currently in one of the most active phases of its presale. The project has already raised over $12M from more than 19,600 participants and is moving rapidly toward its $14M soft cap. With the current presale price set at $0.031 and a confirmed launch price of $0.05, early buyers are locking in a clear pricing gap before public trading begins. Fueling this momentum is the limited XMAS50 Christmas bonus, a seasonal reward that adds 50% more BFX tokens for a short time. This festive incentive effectively boosts allocation at the ground level, giving early…...