-
Every year, cybercriminals find new ways to steal money and data from businesses. Breaching a business network, extracting sensitive data, and selling it on the dark web has become a reliable payday. But in 2025, the data breaches that affected small and medium-sized businesses (SMBs) challenged our perceived wisdom about exactly which types of businesses cybercriminals are targeting. 
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Researchers discovered critical flaws in Eurostar’s AI chatbot including prompt injection, HTML injection, guardrail bypass, and unverified chat IDs – Eurostar later accused them of blackmail.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has officially announced a major upgrade to its encryption technology with the introduction of hardware-accelerated BitLocker. Revealed by Microsoft’s Rafal Sosnowski following the Ignite conference, this new feature is designed to solve performance bottlenecks that have plagued high-speed storage drives, ensuring that users no longer have to choose between robust security and system speed. […]
The post Microsoft Enhances BitLocker with Hardware Acceleration Support appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The U.S. Securities and Exchange Commission (SEC) has filed charges against multiple companies for their alleged involvement in an elaborate cryptocurrency scam that swindled more than $14 million from retail investors. The complaint charged crypto asset trading platforms Morocoin Tech Corp., Berge Blockchain Technology Co., Ltd., and Cirkor Inc., as well as investment clubs AI Wealth Inc., Lane
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
NVIDIA released critical security updates for its Isaac Launchable platform on December 23, 2025, addressing three severe vulnerabilities that could allow unauthenticated attackers to execute arbitrary code remotely. All three flaws carry a maximum CVSS score of 9.8, placing them in the critical severity category and requiring immediate attention from affected organizations. The security bulletin […]
The post NVIDIA Isaac Vulnerabilities Enable Remote Code Execution Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Perhaps the only way to cap a precedent-breaking year for the military-industrial complex is to ring in the New Year with the president.
“Next week, I'm going to meet with the defense prime contractors. I'm going to meet with them here, [in] Florida, and we're going to be talking about production schedules because they're too slow,” President Donald Trump said Monday during a speech announcing plans to build a giant new surface combatant in the next three years. “We have many countries, allies that are wanting to buy. We make the greatest equipment in the world by far, nobody's even close, but they don't produce them fast enough. So, we're going to be meeting with them to talk about the production schedules. We're going to have strong production schedules. And the only way they're going to be able to do that is to build new plants.”
The short-notice summons is par for the course in 2025, which has been a lucrative yet bumpy ride for many defense companies. Policies have changed, and occasionally changed back, in rapid succession, from tariffs to federal personnel cuts that have slowed contracting, to shutdowns and, now, new shipbuilding demands on top of an already accumulating backlog.
But, overall, it’s been a win with defense companies expecting higher returns. S&P's aerospace and defense index, which tracks select stocks, has risen 50 percent for the past year as of Dec. 22, which is good for investors.
There’s also been a lot of tough talk from defense officials, who have lambasted traditional defense contractors for sluggish supply chains, increased costs, and yearslong production delays. Newer defense entrants, on the other hand, have been uplifted and highlighted as the model for primes to emulate.
So far, proposals to reform how the Pentagon buys everything from software to tanks have largely been welcome, though some vendors have expressed reticence and concerns about how things will ultimately be implemented.
“I think it's pretty positive. And, that's because, unfortunately, the world is more dangerous. So, when that's true, defense tends to do well,” Michael Brown, former head of the Pentagon’s Defense Innovation Unit, told Defense One.
That suggests more orders for prime defense contractors, especially now that Congress approved multiyear procurements for certain missile programs in the 2026 defense policy bill. But it’s also good news for defense tech companies.
“There's also the recognition [that] we need the new technology too. We need what we're winning with in Ukraine. So that means a whole new set of vendors are going to be successful—the Shield AI’s, c3.AI’s. You're going to see the next wave, after SpaceX, Palantir and Anduril,” said Brown, who is a partner at the venture firm Shield Capital.
Eyes on allies
Defense companies expect increased defense budgets abroad, but continuing resolutions and the inability to start new programs at home—plus DOD’s rattled defense contracting staff—could present more immediate challenges.
Higher demand for U.S. weapons from allies and partner nations could be promising for new and established defense companies, but politics could make things harder.
“There’s a tremendous amount of money to be spent. And so there is a big opportunity for U.S. companies to be selling to allies. I'm not enthused about the fact that we make that more difficult with some of the political rhetoric,” Brown said, noting the White House’s recent National Security Strategy, which has been heavily criticized.
“But there's a tremendous opportunity for American companies now and for us to see what the rest of the world is developing. I would love to see with the US and allies, more of a collaborative approach of ‘we're looking for technology in your cupboard, and you can look in our cupboards.’ And we make ITAR less restrictive. We go faster on foreign military sales, which has been addressed a bit with this transformation acquisition. But imagine a world where that was happening in a more frictionless environment. That would be better for everyone.”
Pressure to perform
Garrett Smith, an active Marine Corps officer and CEO of Reveal Technology, an AI company that develops biometric tech for operators, said 2026 will be the year that everyone performs.
“Pressure is building to actually deliver. So, I think it's a healthy thing for the industry to have,” Smith said. “All of that pressure from private finance on the companies to actually deliver, and then the pressure from the journalistic crowd and from the customer…all that pressure on coal, it turns it into a diamond.”
But could the momentum be curbed by ongoing budget woes given that the U.S. government has been operating under a continuing resolution for over a year?
There’s also still shutdown concerns even though the government is currently funded until the end of January.
The government shutdown has a longer tail than people realize, Jackie Barbieri, CEO of Whitespace, a data and intelligence analysis company, told Defense One.
While there was “immediate pain” for some companies, the shutdown’s effects could “reverberate over time. And I definitely think that will be the case in 2026 even if we don't have a CR,” Barbieri said. “Things are just a little bit slower than usual and so folks are having to change their calculus a bit.”
Even beyond companies, those inside the Pentagon are waiting for budget dollars to start new projects but efforts are stalled until there’s full defense appropriations. But there’s upside, hopefully.
“That pent-up drive to move technology plans forward—we’re going to see some priority areas actually get addressed. And I think the number one thing I see from where we sit is that intelligence is going to move to the edge,” along with the use of agentic AI, she said.
Smith also hopes to see more data solutions in troops’ hands. He cites the Army’s Soldier Born Mission Commander program. But he notes that the current continuing resolution hampers innovation.
“CRs don't allow for new starts and if you claim to be doing innovative stuff, you need to start new programs. You need to start new things,” Smith said, noting that Congress was able to align program spending in fiscal 2025 with the president’s budget despite a full year of stopgap funding.
“But also, there's a bit of a silver lining, where, if [your technology is] an actual priority for the Trump administration's view on what's important, now there's every chance in the world that your thing gets funded anyway. So, it's a strange time. Very, very strange time.”
]]>¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
MARINE CORPS BASE HAWAII—The Japan-based III Marine Expeditionary Force has made some “significant modernization changes” in the past few years as part of the service’s ongoing force design efforts, and is looking forward to a “busy, busy year” of exercises in 2026 amid increasing Chinese aggression in the region, the unit’s commander said.
“My mandate is to deliver combat credible capability, and to do it in conjunction with our partners and allies…So I don't think too much about the deterrence space. I really just think about: ‘Is the capability and capacity relevant, and is it credible?’ And really, that's kind of the space that we're really grinding,” Lt. Gen. Roger Turner told Defense One during a recent visit here.
The unit, made up of nearly 7,000 Marines and sailors across the Pacific, includes the service’s two Marine Littoral Regiments—as well as 4th Marine Regiment, which leaders recently decided to leave as a traditional infantry regiment instead of turning it into a MLR.
The Hawaii-based 3rd MLR, the first to be converted, is “leading the service,” and has grown rapidly to have a host of capabilities, Turner said, including the Marine Air Defense Integrated System, or MADIS, and the Navy-Marine Expeditionary Ship Interdiction System, or NMESIS. The Okinawa-based 12th MLR, the second to be converted, has the advantage of being able to learn from the 3rd MLR, making the learning curve “much shorter,” Turner said.
“The other big advantage that 12th has is they essentially sit right on top of their mission, so they don’t need to travel to be able to do their mission. And every day, they can work with their partner. And because of the location, being in Okinawa, they’re already on some of the terrain that they would need to operate from,” he said.
And while 4th Marine Regiment will not become an MLR, the sea-denial capabilities that were planned for the unit will still come to III MEF, Turner said, “In my view, that gives me more capability and, most importantly, capacity, in the first two MLRs, while still retaining traditional combat capability provided by 4th Marines. And so it was a good decision, and it was necessary, and it was aligned with what INDOPACOM is asking us to do.”
Though many people equate Force Design with the MLRs, that is “an oversimplification of the concept,” Turner said. The idea behind Force Design is to move beyond the Marine Corps’ traditional capability—to project power from the sea to the land—to having the ability to also project power “from the land to the sea, into the air, and into space and cyberspace from key maritime terrain,” Turner said. “That really kind of underpins the thesis of Force Design, is the ability to do both. And that was a capability that, let’s say five years ago, we didn’t have.”
While the MLR does have that capability, it’s not just confined to the MLR, Turner said. “It’s really a whole-of-MEF effort.”
Turner pointed out that the 31st Marine Expeditionary Unit is now on its third deployment this year. The unit has “shown incredible agility over this last year, with its ability to rapidly composite and then, you know, do really meaningful activities in support of crisis response and support deterrence.”
The Marine Corps has been struggling to get its medium landing ship funded and fielded, to give it the maneuver capability it needs in the shallow waters around Pacific islands, but Turner said he is appreciative of the funding the Marine Corps received in the reconciliation bill for that capability.
“We are encouraged to see that the department [of the Navy] is moving in a way that is going to provide that capability with a program in the future. But I think our main concern is, how do we bridge a program of record with some sort of capability in the near term.”
And as the Marines’ capabilities grow, the contributions they’re seeing from partner militaries in the Pacific—including Japan, Korea, and the Philippines—have also become exponentially more meaningful Turner said.
“These are not token in any stretch of the imagination,” he said, which was illustrated in Resolute Dragon 25, an exercise in which the Marines and the Japanese defense forces rehearsed the bilateral defense of Japan.
About 20,000 troops participated in the exercise, defending from Kyushu—Japan’s southernmost main island—to Yonaguni—the westernmost island of Japan, which is less than 70 miles from Taiwan.
During the exercise, the Marines deployed a new advanced radar system called the AN/TPS-80 Ground/Air-Task-Oriented Radar, or G/ATOR; the MADIS air defense system; and the NMESIS missile launcher. The U.S. Army also brought a Typhon missile system to the exercise.
“We were able to successfully integrate those new systems into our systems, and then also successfully coordinate bilaterally with the Japanese,” Turner said. “So Resolute Dragon 25 really was a significant increase in capability from what we did in 24 and in years before.”
]]>¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SEQRITE Labs’ Advanced Persistent Threat (APT) Team has uncovered a sophisticated campaign targeting Israeli organizations through weaponized Microsoft Word and PDF documents disguised as legitimate antivirus software. The operation, tracked as UNG0801 or “Operation IconCat,” exploits the trusted branding of security vendors SentinelOne and Check Point to deceive victims into deploying malicious payloads. The threat […]
The post Israeli Organizations Targeted by AV-Themed Malicious Word and PDF Files appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security vulnerability in M-Files Server could allow authenticated attackers to capture active user session tokens via the M-Files Web interface, enabling identity impersonation and unauthorized access to sensitive information. The flaw, tracked as CVE-2025-13008, was disclosed on December 19, 2025, and affects multiple M-Files Server versions deployed across enterprise environments. Field Details CVE […]
The post M-Files Vulnerability Allows Attackers to Steal Active User Session Tokens appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical buffer overflow vulnerability in Net-SNMP’s snmptrapd daemon allows remote attackers to crash the service by sending specially crafted packets, potentially disrupting network monitoring operations across enterprise environments. The flaw, tracked as CVE-2025-68615, affects all versions of Net-SNMP before the recently released patches. Security researcher Buddurid, working with Trend Micro Zero Day Initiative, discovered […]
The post Net-SNMP Vulnerability Triggers Buffer Overflow, Crashing the Daemon appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
