Latest News New MacSync macOS Stealer Variant Uses Signed App to Bypass Apple Gatekeeper and Steal Data December 29, 2025 Eagl3Sec A sophisticated new variant of the MacSync macOS information stealer has been uncovered that bypasses Apple’s built-in security protections by exploiting legitimate code-signing and notarization processes. According to researchers at…
Latest News Critical MongoDB Vulnerability “MongoBleed” Exposes Unauthenticated Memory Leak — Patch Immediately December 28, 2025 Eagl3Sec A newly disclosed, high-severity security flaw in MongoDB, the widely used NoSQL database, has sent shockwaves through the cybersecurity and developer communities. The vulnerability, tracked as CVE-2025-14847 and dubbed “MongoBleed”,…
Latest News The Breach You Didn’t Expect: Why Your AppSec Stack Could Be Your Biggest Security Blind Spot in 2026 December 27, 2025 Eagl3Sec As organizations brace for an ever-expanding threat landscape, a new warning from software security leader JFrog highlights a counterintuitive yet critical danger: the very security tools designed to protect your…
Latest News Trust Wallet Chrome Extension Hack Drains $7 Million in Crypto — What You Need to Know December 26, 2025 Eagl3Sec In a shocking incident that rocked the cryptocurrency community just days after Christmas 2025, a security breach involving the Trust Wallet Chrome extension has resulted in nearly $7 million worth…
Latest News China-Linked “Evasive Panda” APT Used DNS Poisoning to Deliver MgBot Malware in Espionage Campaign December 25, 2025 Eagl3Sec In one of the most technically sophisticated cyber espionage campaigns uncovered in 2025, researchers have attributed a long-running malware distribution effort to a China-linked advanced persistent threat (APT) group dubbed…
Latest News Critical LangChain Core Vulnerability “LangGrinch” Exposes AI Apps to Secret Theft and Prompt Injection December 24, 2025 Eagl3Sec A critical security vulnerability has been disclosed in LangChain Core, the foundational Python package used in building large language model (LLM)‑powered applications, raising alarm across the AI and software development…
Latest News ThreatsDay Bulletin: Stealth Loaders, AI Chatbot Flaws, Docker Exploits and the Evolving Cyber Threat Landscape December 23, 2025 Eagl3Sec In this week’s edition of the ThreatsDay Bulletin, cybersecurity researchers warn of a rapidly shifting threat landscape where traditional attack vectors are fused with advanced stealth techniques, artificial intelligence (AI)…
Latest News LastPass 2022 Data Breach Fuels Years-Long Crypto Theft Campaign, Blockchain Forensics Reveals December 22, 2025 Eagl3Sec New findings from blockchain intelligence firm TRM Labs confirm that the far-reaching consequences of the 2022 LastPass data breach have continued to unfold years later — with threat actors cracking…
Latest News Fortinet Warns of Active Exploitation of Critical Vulnerabilities in FortiOS and Fortinet Products December 21, 2025 Eagl3Sec Fortinet, a leading vendor of network security appliances and firewalls, has issued an urgent warning that threat actors are actively exploiting serious vulnerabilities in multiple Fortinet products — including FortiOS…
Latest News CISA Flags Actively Exploited Digiever NVR Vulnerability Enabling Remote Code Execution — What You Need to Know December 20, 2025 Eagl3Sec The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw affecting Digiever DS-2105 Pro network video recorders (NVRs) to its Known Exploited Vulnerabilities (KEV) Catalog, based…
