Cryptographic keys from the PlayStation 5’s unchangeable boot ROM have reportedly been discovered. This is a foundational leak for security researchers, but a full console jailbreak remains a distant challenge requiring many more vulnerabilities.
The cyber threats facing our power grids, water systems, and transportation networks are escalating dramatically. New reports show near-universal breaches and a dangerous convergence of old technology and new, cloud-based attacks.
The European Space Agency has confirmed a security incident impacting external servers used for collaboration. Meanwhile, cybercriminals are offering a claimed 200 GB of stolen data, including source code and credentials, for sale on BreachForums.
A new report warns that federal cybersecurity progress is stalling. Staffing cuts at CISA and other agencies are creating major vulnerabilities that could take years to fix.
A severe vulnerability in MongoDB Server, compared to Heartbleed, is now being actively exploited. The flaw, CVE-2025-14847, lets attackers read heap memory to steal passwords and keys. Patches are available, and CISA has added it to its must-fix list.
An attack on Rainbow Six Siege granted players roughly 2 billion credits each, worth an estimated $13.3 million. Ubisoft was forced to take servers offline and is now investigating without banning users.
2025 was a year of relentless cyber threats. A Chinese APT group hit telecoms and the National Guard, while budget cuts crippled a key US security agency. And a vulnerability called React2Shell showed that the ghosts of Log4Shell are still with us.
A major hack hit Rainbow Six Siege over the weekend, corrupting accounts with fake credits and items. Ubisoft has shut down all servers and is rolling back all transactions to Saturday morning to fix the mess.
Microsoft has rolled out hardware-accelerated BitLocker in Windows 11 25H2, moving encryption off the CPU. The result is a massive reduction in performance penalty, especially for random I/O workloads that dominate daily use.
The Arch Linux main website is currently offline for most users following a DDoS attack that began on Christmas Day. The site is reportedly only reachable via IPv6 connections, while the Arch Wiki and status page remain functional.
