Blog – Page 266 – Cyber Mike

⚡ Weekly Recap: Proxy Botnet, Office Zero-Day, MongoDB Ransoms, AI Hijacks & New Threats

Every week brings new discoveries, attacks, and defenses that shape the state of cybersecurity. Some threats are stopped quickly, while others go unseen until they cause real damage.
Sometimes a single update, exploit, or mistake changes how we think about risk and protection. Every incident shows how defenders adapt — and how fast attackers try to stay ahead.
This week’s recap brings you the

Over 1,400 MongoDB Databases Ransacked by Threat Actor

Of 3,100 unprotected MongoDB instances, half remain compromised, most of them by a single threat actor.

The post Over 1,400 MongoDB Databases Ransacked by Threat Actor appeared first on SecurityWeek.

Securing the Mid-Market Across the Complete Threat Lifecycle

For mid-market organizations, cybersecurity is a constant balancing act. Proactive, preventative security measures are essential to protect an expanding attack surface. Combined with effective protection that blocks threats, they play a critical role in stopping cyberattacks before damage is done.
The challenge is that many security tools add complexity and cost that most mid-market businesses

Microsoft fixes bug causing password sign-in option to disappear

Microsoft has fixed a known issue that was causing the password sign-in option to disappear from the lock screen options after installing Windows 11 updates released since August 2025. […]

Microsoft Moves Closer to Disabling NTLM

The next major Windows Server and Windows releases will have the deprecated authentication protocol disabled by default.

The post Microsoft Moves Closer to Disabling NTLM appeared first on SecurityWeek.

Japan, Britain to Boost Cybersecurity and Critical Minerals Cooperation as China’s Influence Grows

Japan and Britain agree to accelerate cooperation on cybersecurity and the supply of critical minerals, as China’s influence grows in the region.

The post Japan, Britain to Boost Cybersecurity and Critical Minerals Cooperation as China’s Influence Grows appeared first on SecurityWeek.

NationStates confirms data breach, shuts down game site

NationStates, a multiplayer browser-based game, has confirmed a data breach after taking its website offline earlier this week to investigate a security incident. […]

Notepad++ Supply Chain Hack Conducted by China via Hosting Provider

The likely state-sponsored threat actor had access to the hosting provider for months and targeted only certain Notepad++ customers.

The post Notepad++ Supply Chain Hack Conducted by China via Hosting Provider appeared first on SecurityWeek.

Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users

The maintainer of Notepad++ has revealed that state-sponsored attackers hijacked the utility’s update mechanism to redirect update traffic to malicious servers instead.
“The attack involved [an] infrastructure-level compromise that allowed malicious actors to intercept and redirect update traffic destined for notepad-plus-plus.org,” developer Don Ho said. “The compromise occurred at the hosting

eScan Antivirus Update Servers Compromised to Deliver Multi-Stage Malware

The update infrastructure for eScan antivirus, a security solution developed by Indian cybersecurity company MicroWorld Technologies, has been compromised by unknown attackers to deliver a persistent downloader to enterprise and consumer systems.
“Malicious updates were distributed through eScan’s legitimate update infrastructure, resulting in the deployment of multi-stage malware to enterprise

Cyber News