Security Land | Decoding the Cyber Threat Landscape

Sign In Sign Up

Spanish Authorities Dismantle Major "Black Axe" Fraud Network — Photo: Europol

News

Spanish Authorities Dismantle Major "Black Axe" Fraud Network

An 15-year criminal investigation has led to 34 arrests in Spain. Linked to the global Black Axe organization, the group is accused of causing nearly €6 million in total damages through various fraudulent activities.

SC • 2 min read

The 24-Hour Recovery Myth: Why CISOs are Prioritizing Resilience — Illustration - Cyber Resilience (Credit: iuriimotov)

Business Shield

The 24-Hour Recovery Myth: Why CISOs are Prioritizing Resilience

New comprehensive research from Absolute Security exposes a "recovery reality gap." With 0% of organizations achieving sub-24-hour recovery, the industry is shifting focus from detecting threats to the speed of restoring business operations.

Editorial Team • 2 min read

WEF 2026: NCSC Warns of Increased Cyber Risks — Photo by Evangeline Shaw

News

WEF 2026: NCSC Warns of Increased Cyber Risks

With the World Economic Forum approaching, the NCSC is warning of a surge in cyber disruptions. From DDoS attacks to credential theft, here are the essential steps the Swiss government recommends for maintaining digital resilience.

SC • 2 min read

FreeBSD IPv6 Flaw Enables Remote Code Execution Attacks — Photo by Kevin Ache

Cyber Watch

FreeBSD IPv6 Flaw Enables Remote Code Execution Attacks

A critical vulnerability in FreeBSD's IPv6 auto-configuration feature (CVE-2025-14558) scores 9.8/10 and allows attackers on the same network to execute arbitrary commands with a single malicious packet.

SL • 5 min read

Latest

2025 Cyber Year in Review: AI Attacks, Data Breaches & Takedowns

News

2025 Cyber Year in Review: AI Attacks, Data Breaches & Takedowns

From React2Shell's perfect CVSS 10.0 score to the first autonomous AI cyberattack, 2025 pushed cybersecurity to its limits. This comprehensive analysis covers the top 10 breaches, critical vulnerabilities, why ransomware economics is slowly collapsing and big LEA operations against cybercriminals.

Editorial Team • 17 min read

The Critical Role of Human Expertise in Securing Machine-Generated Code — Photo by Daniil Komov

Expert Decode

The Critical Role of Human Expertise in Securing Machine-Generated Code

Automated code generation introduces critical security gaps. Learn why human expertise remains essential for identifying vulnerabilities in machine-written code.

Editorial Team • 6 min read

How ICSS Conference 2026 Reframes ICS Security Priorities — Photo: Andrei Stratu

News

How ICSS Conference 2026 Reframes ICS Security Priorities

Industrial incidents linked to ransomware and exploited network devices are no longer edge cases in Japan. They are forcing factory shutdowns, disrupting supply chains, and pulling executive teams into security decisions that once sat deep in engineering departments. Against this backdrop, the Control System Security Conference 2026 (ICSS 2026) arrives

SL • 4 min read

BSI Warns of Quantum Computing Threats to Encryption by 2040 — Photo: BoliviaInteligente

Emerging Tech

BSI Warns of Quantum Computing Threats to Encryption by 2040

Germany's BSI revises quantum computing study, estimating crypto-breaking devices by 2040 amid error correction progress. It warns of 'store now, decrypt later' threats and urges quantum-resistant encryption for data protection.

LC • 2 min read

Photo: Security.land (Edit: AI)

Cyber Watch

MongoBleed Alert: CVE-2025-14847 Exploited in the Wild

Dubbed "MongoBleed," CVE-2025-14847 allows unauthenticated attackers to exfiltrate sensitive data from MongoDB heap memory. With 87,000 instances exposed, active exploitation is now confirmed.

Editorial Team • 3 min read

Npm Registry Weaponized in Spearphishing Campaign Against Critical Infrastructure — Illustration (Credit: Security.land)

Threat Horizon

Npm Registry Weaponized in Spearphishing Campaign Against Critical Infrastructure

A five-month spearphishing operation has transformed the npm registry into a durable hosting layer for AiTM credential theft, specifically targeting sales teams in the manufacturing and healthcare industries.

Editorial Team • 3 min read

Swiss Government Assesses AI's Role in Bolstering and Threatening Cybersecurity — Photo: Engin Akyurt

News

Swiss Government Assesses AI's Role in Bolstering and Threatening Cybersecurity

Swiss Federal Council reviews AI's impact on cybersecurity, from phishing risks to threat detection benefits, updating NCS for transparency.

LC • 1 min read

Skills Lab

Level up your cybersecurity skills with practical, hands-on tutorials, cyber tools and expert-led guides. From beginner basics to advanced techniques, master the tools and tactics used by security professionals to defend against threats and build robust defenses.

Weaponizing Shodan: From Adversarial Recon to Continuous Defense — Photo: Glen Carrie

Weaponizing Shodan: From Adversarial Recon to Continuous Defense

Learn how to weaponize dorks for red teaming or automate perimeter defense.

Editorial Team • 3 min read

Kali Linux 2025.4: Refined Workflows and Practical Updates — Kali Linux - Release 2025.4 (Source: Kali)

Kali Linux 2025.4: Refined Workflows and Practical Updates

Kali Linux 2025.4 improves desktop usability, VM support, and tooling. Key changes include Wayland enhancements and distribution adjustments.

SL • 1 min read

Arkime Logo

Arkime: Practical Network Traffic Visibility at Scale

Arkime captures and indexes network traffic so teams can search, review, and understand activity across large environments.

Editorial Team • 3 min read

Digital Sovereignty: The Definitive Guide to Self-Hosting an Encrypted DNS Server — Photo: Growtika

Digital Sovereignty: The Definitive Guide to Self-Hosting an Encrypted DNS Server

The era of passive trust is over. Deploying your own encrypted DNS server using the DNSCrypt project is the essential first step toward securing your network metadata and achieving digital sovereignty.

Editorial Team • 6 min read

Latest

2025 Cyber Year in Review: AI Attacks, Data Breaches & Takedowns

News

2025 Cyber Year in Review: AI Attacks, Data Breaches & Takedowns

From React2Shell's perfect CVSS 10.0 score to the first autonomous AI cyberattack, 2025 pushed cybersecurity to its limits. This comprehensive analysis covers the top 10 breaches, critical vulnerabilities, why ransomware economics is slowly collapsing and big LEA operations against cybercriminals.

Editorial Team • 17 min read

The Critical Role of Human Expertise in Securing Machine-Generated Code — Photo by Daniil Komov

Expert Decode

The Critical Role of Human Expertise in Securing Machine-Generated Code

Automated code generation introduces critical security gaps. Learn why human expertise remains essential for identifying vulnerabilities in machine-written code.

Editorial Team • 6 min read

How ICSS Conference 2026 Reframes ICS Security Priorities — Photo: Andrei Stratu

News

How ICSS Conference 2026 Reframes ICS Security Priorities

Industrial incidents linked to ransomware and exploited network devices are no longer edge cases in Japan. They are forcing factory shutdowns, disrupting supply chains, and pulling executive teams into security decisions that once sat deep in engineering departments. Against this backdrop, the Control System Security Conference 2026 (ICSS 2026) arrives

SL • 4 min read

BSI Warns of Quantum Computing Threats to Encryption by 2040 — Photo: BoliviaInteligente

Emerging Tech

BSI Warns of Quantum Computing Threats to Encryption by 2040

Germany's BSI revises quantum computing study, estimating crypto-breaking devices by 2040 amid error correction progress. It warns of 'store now, decrypt later' threats and urges quantum-resistant encryption for data protection.

LC • 2 min read

Photo: Security.land (Edit: AI)

Cyber Watch

MongoBleed Alert: CVE-2025-14847 Exploited in the Wild

Dubbed "MongoBleed," CVE-2025-14847 allows unauthenticated attackers to exfiltrate sensitive data from MongoDB heap memory. With 87,000 instances exposed, active exploitation is now confirmed.

Editorial Team • 3 min read

Npm Registry Weaponized in Spearphishing Campaign Against Critical Infrastructure — Illustration (Credit: Security.land)

Threat Horizon

Npm Registry Weaponized in Spearphishing Campaign Against Critical Infrastructure

A five-month spearphishing operation has transformed the npm registry into a durable hosting layer for AiTM credential theft, specifically targeting sales teams in the manufacturing and healthcare industries.

Editorial Team • 3 min read

Swiss Government Assesses AI's Role in Bolstering and Threatening Cybersecurity — Photo: Engin Akyurt

News

Swiss Government Assesses AI's Role in Bolstering and Threatening Cybersecurity

Swiss Federal Council reviews AI's impact on cybersecurity, from phishing risks to threat detection benefits, updating NCS for transparency.

LC • 1 min read

Breach Breakdown

Dive deep into the anatomy of cyberattacks and data breaches. We analyze the what, why, and how of real-world incidents, providing actionable lessons and insights to prevent future compromises.

Japanese Chemical Trader Hit by Ransomware Attack — Kowa Emori Japan (Credit: Emori)

Japanese Chemical Trader Hit by Ransomware Attack

Kowa Emori, a Japanese chemical and electronics materials trading company, disclosed a ransomware attack on January 7, 2026, that knocked out email systems and caused delays in order processing and shipments to customers.

SC • 2 min read

Nissan Japan Data Breach Affects 21,000 Fukuoka Customers — Photo by Kenjiro Yagi

Nissan Japan Data Breach Affects 21,000 Fukuoka Customers

Nissan Motor Co. confirms a data breach affecting 21,000 customers in Japan following a security incident at third-party vendor Red Hat. No financial data was stolen.

Editorial Team • 4 min read

Inside Medusa Ransomware: Tactics, Targets, and Trends in Recent Operations — Medusa Ransomware Group

Inside Medusa Ransomware: Tactics, Targets, and Trends in Recent Operations

In‑depth analysis of recent Medusa ransomware group operations, victim data and extortion schemes.

SL • 5 min read

Ransomware Attack Hits Diamond Electric’s Thai Subsidiary

Ransomware Attack Hits Diamond Electric’s Thai Subsidiary

Diamond Electric Holdings has confirmed that its Thai subsidiary, Thai Diamond & Zebra Electric, suffered a ransomware attack earlier this month. The company is now investigating the scope of the damage, including whether any sensitive information was leaked. Attack Details On September 8, 2025, at around 11 a.m., local

Editorial Team • 1 min read

Okuma’s German Subsidiary Hit by Ransomware Attack — Okuma Japan (Photo: Wikipedia)

Okuma’s German Subsidiary Hit by Ransomware Attack

Japanese machine tool manufacturer Okuma has confirmed that its German subsidiary, Okuma Europe GmbH (OEG), was hit by a ransomware attack. The company is working with external experts to investigate the incident and restore affected systems. On September 20, 2025, OEG discovered that intruders had compromised its servers, encrypting internal

Editorial Team • 1 min read

SonicWall Cloud Backup Attack Exposes Firewall Data

Network security giant SonicWall has disclosed a significant cyberattack targeting its cloud backup service, potentially exposing sensitive firewall configuration data belonging to customers worldwide. The SonicWall backup attack represents a concerning breach of trust in a service designed to protect critical network infrastructure. The company has issued urgent advisories to

Editorial Team • 4 min read

Nikke Confirms Dark Web Data Leak: Official Response Reveals Thousands Affected in Japanese Textile Breach

Japan’s textile industry faced a cybersecurity incident when Nikke (Japan Wool Textile Co., Ltd.) confirmed that cybercriminals had breached their systems and leaked sensitive employee and customer data onto the dark web. This attack represents another significant blow to Japanese corporate cybersecurity, highlighting the persistent vulnerabilities that continue to

Editorial Team • 6 min read

UNC6395 Stealth Attack: How the Salesloft Drift Breach Shook Salesforce Users

In the spring and summer of 2025, a cunning cyber adversary, tracked as UNC6395, slipped through the digital defenses of Salesloft’s Drift platform, sending shockwaves through organizations relying on Salesforce and other integrations. This wasn’t just a breach—it was a wake-up call for companies navigating the complexities

Editorial Team • 4 min read

Orange Belgium Data Breach: 850K Customers Exposed in Growing Telecom Cyberattack Wave

Telecommunications giants face an unprecedented wave of cyberattacks as Orange Belgium becomes the latest victim, with hackers accessing personal data from nearly one million customer accounts across multiple European operations. Orange Belgium has confirmed a significant data breach affecting 850,000 customers after detecting unauthorized access to one of its

Editorial Team • 3 min read

Massive NPM Supply Chain Attack Compromises JavaScript Ecosystem

Massive NPM Supply Chain Attack Compromises JavaScript Ecosystem

A sophisticated phishing operation has successfully infiltrated the NPM repository, compromising multiple high-profile JavaScript packages and exposing millions of development projects worldwide to malicious code execution. The attack, orchestrated through credential theft and strategic package manipulation, represents one of the most significant supply chain breaches in the Node.js ecosystem’

Editorial Team • 3 min read

Explore Categories

Emerging Tech category image

Emerging Tech

Expert Decode category image

Expert Decode

Threat Horizon category image

Threat Horizon

Human Factor category image

Human Factor

Navigating the Complexities

Dive deeper into intelligence,geopolitics, human factors and tomorrow's threats.

Swiss Government Assesses AI's Role in Bolstering and Threatening Cybersecurity — Photo: Engin Akyurt

News

Swiss Government Assesses AI's Role in Bolstering and Threatening Cybersecurity

Swiss Federal Council reviews AI's impact on cybersecurity, from phishing risks to threat detection benefits, updating NCS for transparency.

LC • 1 min read

Crypto Theft Campaign Exploits NuGet Packages for Months — Photo: Vadim Artyukhin

Cyber Watch

Crypto Theft Campaign Exploits NuGet Packages for Months

Security researchers uncovered 14 malicious NuGet packages that impersonated legitimate cryptocurrency tools to steal funds and OAuth tokens. The campaign ran undetected from July through October 2025, using social engineering tactics.

Editorial Team • 4 min read

WhatsApp-Stealing Malware Lurked in NPM Package With 56,000 Downloads — Photo by Pankaj Patel

Cyber Watch

WhatsApp-Stealing Malware Lurked in NPM Package With 56,000 Downloads

Researchers at Koi Security have uncovered a malicious npm package that stole WhatsApp credentials and messages while functioning perfectly as a legitimate API library. The lotusbail package accumulated over 56,000 downloads in six months.

Editorial Team • 3 min read