Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for South Korea’s Shin ...

 Appointments

The Shinhan Card data breach has exposed the personal information of approximately 192,000 card merchants, the South Korea–based financial services company confirmed on Tuesday. The incident, which involved the unauthorized disclosure of phone numbers and limited personal details, has been reported to the   show more ...

country’s Personal Information Protection Commission (PIPC). According to Shinhan Card, the breach affected self-employed individuals who operate franchised merchant locations and had shared personal details as part of standard merchant agreements. The company said there is currently no evidence that sensitive financial information, such as credit card numbers, bank account details, or national identification numbers, was compromised. Employee Misconduct Identified as Cause of Shinhan Card Data Breach In a statement, Shinhan Card clarified that the Shinhan Card data breach was not the result of an external cyberattack. Instead, the company suspects internal misconduct, with an employee at a sales branch allegedly transmitting merchant data to a card recruiter for sales-related purposes. “This was not due to external hacking but an employee’s misconduct,” a Shinhan Card official said, adding that the internal process involved has since been blocked. The company launched an internal investigation immediately after becoming aware of the incident and has taken steps to prevent similar actions in the future. Scope of Personal Information Leak The leaked data primarily involved mobile phone numbers, which accounted for roughly 180,000 cases. In about 8,000 instances, phone numbers were leaked alongside names. A smaller subset of records also included additional details such as birthdates and gender. Shinhan Card stated that its investigation has not identified cases where citizen registration numbers, card numbers, account details, or credit information were exposed. At this stage, the company has also said that no confirmed cases of misuse of the leaked information have been reported. The personal information leak affected merchants who signed contracts with Shinhan Card between March 2022 and May 2025, according to findings shared with regulators. Shinhan Card Data Breach Timeline and Regulatory Notification The breach came to light last month following a report submitted to the Personal Information Protection Commission, South Korea’s data protection authority. After receiving the notification, the PIPC requested supporting materials from Shinhan Card to assess the scope and cause of the incident. Following its internal review, Shinhan Card formally reported the data breach to the PIPC on December 23, complying with regulatory disclosure requirements. The company has continued to cooperate with authorities as the review process continues. Company Response and Merchant Support Measures In response to the Shinhan Card data breach, the company published an apology and detailed guidance on its website and mobile application. It also launched a dedicated page allowing affected merchants to check whether their personal data was compromised. “We will make every effort to protect our customers and prevent similar incidents from recurring,” a Shinhan Card spokesperson said. The company has emphasized that it is strengthening internal controls and reviewing access permissions related to merchant data. Shinhan Card also urged merchants to remain vigilant for potential phishing or unsolicited contact attempts, even though no additional harm linked to the leaked data has been confirmed so far. Broader Implications for Financial Data Protection The Shinhan Card data breach incident highlights ongoing challenges around data governance and insider risk within financial institutions, even as companies continue to invest heavily in cybersecurity defenses against external threats. While many breaches globally involve hacking or ransomware, incidents stemming from employee misconduct remain a persistent concern for banks and payment providers. Authorities have not yet announced whether penalties or corrective actions will follow the investigation. For now, Shinhan Card maintains that it is focused on customer protection and restoring trust following the incident.

image for La Poste Cyberattack ...

 Cyber News

The La Poste cyberattack disrupted France’s national postal service just days before Christmas, temporarily knocking key websites and mobile applications offline and slowing parcel deliveries during one of the busiest periods of the year. La Poste confirmed that the incident was caused by a distributed   show more ...

denial-of-service (DDoS) attack, which impacted digital systems supporting postal operations. While the company stated there was no evidence that customer data had been compromised, it acknowledged that the cyberattack affected parcel distribution and access to online services. The timing of the La Poste cyberattack raised concerns among customers expecting holiday deliveries. Social media users reported delays and uncertainty around parcel arrivals, while French media outlets noted that some people attempting to send or collect packages were turned away from post offices operating under limited capacity. With Christmas being one of the most demanding periods for the postal network, even short-lived disruptions created visible operational challenges. La Poste Cyberattack Linked to DDoS Incident According to company, the La Poste cyberattack involved a DDoS attack that overwhelmed parts of its digital infrastructure. As a result, several online platforms became unavailable, and some post offices were forced to operate at reduced capacity. Despite the disruption, customers were still able to carry out essential postal and banking transactions at physical counters. “Our teams are fully mobilised to restore services as quickly as possible,” La Poste said in its Twitter post, noting that remediation efforts were ongoing. Cyberattack  on La Poste  Impacts La Banque Postale Services The La Poste cyberattack also affected La Banque Postale, limiting customer access to online banking services and the bank’s mobile application. In a public statement shared on social media, the bank acknowledged the incident and assured customers that its teams were working to resolve the issue. “A computer incident has temporarily unavailable access to our customers' mobile app and online banking. Our teams are working to resolve the situation as quickly as possible. Online payments are possible with SMS authentication,” the bank said. [caption id="attachment_107995" align="aligncenter" width="528"] Source: Twitter[/caption] While digital access was disrupted, card payments at in-store terminals, ATM withdrawals, and SMS-authenticated online payments remained functional, reducing the impact on day-to-day financial transactions. Recent Cyber Incidents in France The La Poste cyberattack occurred against the backdrop of several recent cyber incidents in France involving major public institutions. Last week, France’s Interior Ministry disclosed a data breach that resulted in unauthorized access to internal email accounts and confidential documents. On December 17, 2025, authorities arrested a 22-year-old man in connection with the Interior Ministry cyberattack after an investigation led by the Paris prosecutor’s cybercrime unit. The suspect faces charges including unauthorized access to a state-run automated personal data processing system, an offense that carries a potential prison sentence of up to 10 years. Earlier, in November 2025, the French Football Federation confirmed a separate breach in which attackers used stolen credentials to access centralized membership management software. The incident exposed personal information belonging to licensed players registered through clubs nationwide. At the time of writing, La Poste has not attributed the cyberattack to any specific threat actor, and the source of the disruption remains unknown. The Cyber Express Editorial team has contacted the company for further clarification, but no response has been received so far.

image for Kuaishou Cyberattack ...

 Firewall Daily

Chinese short-video platform Kuaishou Technology saw its shares fall sharply after the company confirmed a cyberattack that briefly disrupted its livestreaming services, exposed users to inappropriate content, and rattled investor confidence. The Kuaishou cyberattack, which occurred late on Monday night, triggered the   show more ...

stock’s steepest single-day decline in more than two months and pushed it to its lowest level since late November.  Shares of Hong Kong-listed Kuaishou Technology (HK:1024) fell by as much as 6% on Tuesday, dropping to HK$62.70 (approximately $8.06). This marked the company’s lowest share price since November 21 and represented its largest one-day percentage decline since October 14. The stock also emerged as the biggest decliner on the Hang Seng Tech Index, which itself fell about 0.5% on the day.  Market reaction followed confirmation of a cyberattack on Kuaishou that disrupted its livestreaming function. As one of China’s largest short-video platforms and a close competitor to Douyin, the Chinese version of TikTok, Kuaishou’s performance is closely watched by investors. The sudden service disruption and reports of exposed content raised concerns about platform security and operational resilience.  Kuaishou Cyberattack Timeline According to a company announcement issued on December 23, 2025, the Kuaishou cyberattack occurred at around 10:00 p.m. local time (14:00 GMT) on December 22, 2025. Cyberthreat actors targeted the live-streaming function of the Kuaishou app, temporarily interrupting services and exposing users to content described by some users as explicit and violent. Several reports characterized the incident as “unprecedented” for the platform.  Kuaishou stated that it activated its emergency response plan immediately after detecting the cyberattack on Kuaishou. Following system repairs and restoration efforts, livestreaming services gradually resumed normal operations. The company noted that other services on the Kuaishou app were not affected by the incident, although some livestreaming functions continued to experience limited disruption during the recovery phase.  Company Response and Legal Actions  In its press release, Kuaishou Technology said it had reported the incident to the police and relevant authorities and was pursuing further legal remedies. The company stated that it strongly condemns illegal and criminal activities linked to underground and gray industries and reiterated its opposition to any form of unlawful or harmful content.  Kuaishou also said it remains committed to operating in compliance with applicable laws and regulations and to safeguarding the interests of the company and its shareholders. While livestreaming services have largely returned to normal, the cyberattack on Kuaishou highlighted the operational and reputational risks associated with large-scale social and live-commerce platforms.  Broader Security Concerns and Prior Data Leak Claims  The recent cyberattack on Kuaishou has drawn renewed attention to earlier cybersecurity allegations involving the platform. In September, a threat actor on a known cybercrime forum claimed to have leaked order data allegedly stolen from Kuaishou. According to that claim, an attacker compromised a live broadcast room and used the access to place around 10,000 fraudulent orders for non-refundable virtual goods.  The data allegedly leaked included usernames, phone numbers, addresses, and order details of affected users. If accurate, the incident would represent a multi-layered security breach involving unauthorized access, financial fraud, and the exposure of personally identifiable information.   Implications for Platform Security  The December livestreaming Kuaishou cyberattack shows how attacks on social video and live-commerce platforms can quickly extend beyond service disruption to include content abuse, fraud, and potential data exposure, with immediate financial and regulatory impact.   As Kuaishou works to restore stability and address security gaps, the incident stresses the need for early threat detection, rapid investigation, and continuous monitoring of underground activity. Cyble supports this need through AI-powered threat intelligence that tracks dark web and cybercrime signals, correlates indicators of compromise, and enables faster response. Security teams can assess their exposure and book a personalized demo to better anticipate and mitigate similar attacks. 

image for Japan Adopts New Cyb ...

 Firewall Daily

The Japanese government has formally adopted a new cybersecurity strategy that will guide national policy over the next five years. The decision was approved at a cabinet meeting on Tuesday and aims at strengthening Japanese cybersecurity coordination across civilian, law enforcement, and defense institutions.    show more ...

Under the new cybersecurity strategy, Japan will establish a framework that enables closer cooperation between the police, the Defense Ministry, and the Self-Defense Forces when responding to serious cyber incidents. The goal is to ensure faster detection, analysis, and neutralization of attacks that could affect national security or critical infrastructure.  Officials described the move as a response to a severe threat environment, particularly from state-backed cyber actors.  State-Sponsored Attacks and AI-Driven Risks  The strategy explicitly identifies cyber operations linked to China, Russia, and North Korea as “serious threats” to Japan. Government officials noted that these attacks have grown in both scale and technical prowess, targeting public institutions, private companies, and essential services. The document also warned that cyberattacks leveraging artificial intelligence technologies are a new and dangerous risk.  This assessment builds on earlier concerns raised by Japan’s security agencies, which have observed a steady rise in ransomware attacks, financial fraud, and data breaches. In 2023 alone, online banking fraud in Japan resulted in losses exceeding 8.7 billion yen, underscoring the economic impact of cybercrime alongside its national security implications.  Government-Centered Cybersecurity Strategy  A central pillar of the new Japanese cybersecurity approach is the concept of “government-centered defense and deterrence.” This policy direction follows the enactment earlier this year of legislation introducing active cyber defense, which allows authorities to monitor communications in cyberspace during peacetime to prevent cyberattacks before they cause damage.  As part of this framework, all cybersecurity-related intelligence and incident data will be consolidated at the National Cybersecurity Office, which was established following the new law enactment. Centralizing information is intended to allow swift and accurate identification, analysis, and assessment of cyber incidents, reducing delays caused by fragmented reporting across agencies.  The government is also committed to strengthening human resources by developing specialized talent, improving technical systems, and conducting regular training and simulation exercises. Officials emphasized that technical capability and skilled personnel are critical components of any effective cybersecurity strategy.  Public-Private and International Cooperation  Recognizing that cyber threats do not respect national or sectoral boundaries, the strategy places strong emphasis on collaboration beyond government agencies. It includes plans to enhance cooperation between the public and private sectors, with operators of critical infrastructure invited to participate in a government-led council designed for two-way information sharing.  The strategy also stresses the importance of international cooperation. “No country could handle cyberattacks alone,” the document noted, calling for deeper engagement with allied and like-minded nations to share intelligence, coordinate responses, and build collective resilience.  At a news conference on Tuesday, Hisashi Matsumoto, Japan’s minister in charge of cybersecurity, said Prime Minister Sanae Takaichi had instructed him to prioritize public-private collaboration, strengthen international partnerships, and ensure unified action across government agencies. “We must work together with the private sector and cooperate with other countries to address cyber threats,” Matsumoto said. “This is the core of our new strategy.”  Legislative Challenges and Ongoing Debate  Despite the adoption of the strategy, Japan’s broader cybersecurity agenda has faced political and legal challenges. Plans to introduce a comprehensive cybersecurity bill centered on active cyber defense have been delayed following political upheaval, including a change in prime minister and the ruling coalition’s loss of its parliamentary majority in the October general election.  The proposed bill has generated debate over privacy and constitutional protections, particularly Japan’s strong safeguards for the secrecy of communications. Legal experts and some officials have raised concerns that active monitoring could conflict with these protections. As a result, momentum behind the legislation has slowed, with officials indicating that the earliest possible submission may be during the next regular Diet session.

 Feed

The U.S. Federal Communications Commission (FCC) on Monday announced a ban on all drones and critical components made in a foreign country, citing national security concerns. To that end, the agency has added to its Covered List Uncrewed aircraft systems (UAS) and UAS critical components produced in a foreign country, and all communications and video surveillance equipment and services pursuant

 Feed

The U.S. Justice Department (DoJ) on Monday announced the seizure of a web domain and database that it said was used to further a criminal scheme designed to target and defraud Americans by means of bank account takeover fraud. The domain in question, web3adspanels[.]org, was used as a backend web panel to host and manipulate illegally harvested bank login credentials. Users to the website are

 Feed

A critical security vulnerability has been disclosed in the n8n workflow automation platform that, if successfully exploited, could result in arbitrary code execution under certain circumstances. The vulnerability, tracked as CVE-2025-68613, carries a CVSS score of 9.9 out of a maximum of 10.0. The package has about 57,000 weekly downloads, according to statistics on npm. "Under certain

 Feed

A law enforcement operation coordinated by INTERPOL has led to the recovery of $3 million and the arrest of 574 suspects by authorities from 19 countries, amidst a continued crackdown on cybercrime networks in Africa. The coordinated effort, named Operation Sentinel, took place between October 27 and November 27, 2025, and mainly focused on business email compromise (BEC), digital extortion, and

 Feed

Passwd is designed specifically for organizations operating within Google Workspace. Rather than competing as a general consumer password manager, its purpose is narrow, and business-focused: secure credential storage, controlled sharing, and seamless Workspace integration. The platform emphasizes practicality over feature overload, aiming to provide a reliable system for teams that already rely

 Feed

Cybersecurity researchers have discovered two malicious Google Chrome extensions with the same name and published by the same developer that come with capabilities to intercept traffic and capture user credentials. The extensions are advertised as a "multi-location network speed test plug-in" for developers and foreign trade personnel. Both the browser add-ons are available for download as of

 AI

Is Santa Claus real? This Christmas special of The AI Fix podcast sets out to answer that question in the most sensible way possible: by consulting chatbots, Google's festive killjoys, and the laws of relativistic physics. Your hosts unwrap a festive grab-bag of AI absurdity as Waymo self-driving taxis run over a   show more ...

beloved San Francisco cat, then stage several fresh PR disasters by refusing to cross bridges, block holiday parades, and apparently chauffeur a man hiding in the trunk. Meanwhile, Microsoft’s Copilot struggles to find anyone who actually wants to use it, while new research suggests the programmers of the future won’t need coding skills at all - just the ability to psychologically profile an AI. All this and much more is discussed in the latest edition of "The AI Fix" podcast by Graham Cluley and Mark Stockley.

2025-12
Aggregator history
Tuesday, December 23
MON
TUE
WED
THU
FRI
SAT
SUN
DecemberJanuaryFebruary