What's Hot
At the end of the year, digital activity increases sharply across the world. People shop online, send holiday messages, reset passwords, update systems, and close business accounts. This high level of online movement creates patterns that cybercriminals often try to exploit. Understanding how attacks happen and how systems protect themselves helps individuals and organizations reduce risk. This article explains the most common year-end cyber attack patterns and the protection mechanisms used to stop them. 1. Why Year-End Periods Attract Cyber Attacks The final weeks of the year involve: This creates noise and urgency, which attackers rely on. Attackers do not…
New York State has enacted a new cybersecurity-focused procurement law that restricts the technology products state and local government agencies are allowed to purchase. The law requires the State Chief Information Officer to create and maintain a list of technology products and vendors that government agencies are prohibited from buying due to cybersecurity and national security risks. The restrictions primarily apply to technology supplied by companies that may be subject to foreign government control or data-sharing obligations, which lawmakers said could pose risks to sensitive government information. Under the law, state and municipal agencies must avoid purchasing any product placed…
A data breach affecting a subcontractor linked to South Korean airline Korean Air has been disclosed, involving unauthorized access to internal employee records. According to company statements and regulatory disclosures, the incident occurred after attackers exploited vulnerabilities in systems operated by KC&D Service, a former in-flight catering subsidiary now owned by a private equity firm. Preliminary investigations indicate that approximately 30,000 employee records were accessed, including names, bank account details, and internal employment identifiers. Korean Air said that no customer data was affected and the exposure was limited to internal employee information. The airline confirmed that cybersecurity specialists and forensic…
A data security incident involving South Korean e-commerce company Coupang was disclosed on December 29, 2025, after a former employee admitted to accessing internal customer records without authorization. According to the company’s statement and ongoing legal filings, the individual accessed internal systems after leaving the organization and viewed or copied data linked to approximately 33 million customer accounts. Authorities confirmed that the access was not part of any approved internal activity and is being treated as a criminal violation under South Korean data protection laws. Coupang stated that the unauthorized access was limited to customer profile information and did not…
A major cybersecurity incident disrupted a globally popular online gaming platform on December 28, 2025, causing widespread service outages and unauthorized changes to internal systems. According to incident disclosures and user reports, attackers gained unauthorized access to backend infrastructure by exploiting a vulnerability in the platform’s server environment. This access allowed them to manipulate internal digital assets, temporarily disable moderation controls, and interfere with account management systems. As a result, the platform experienced instability across multiple regions, with users reporting sudden account changes, abnormal digital balances, and service interruptions. The company temporarily suspended its services to contain the incident and…