DJBSEC's CyberNews 2025-12-30

1. Hacker Claims Leak of Wired Database with 23 Million Records

A hacker has claimed responsibility for leaking a database allegedly belonging to Wired, containing roughly 23 million records. The data is said to include subscriber information, email addresses, and internal metadata tied to Condé Nast systems. While the authenticity of the full dataset is still under investigation, samples shared online suggest the breach may be legitimate. If confirmed, this incident would represent one of the largest media-related data exposures of the year. Condé Nast has stated it is investigating the claims.

2. Condé Nast Investigates Alleged Wired.com Data Breach

Further reporting indicates the alleged Wired data leak may stem from a broader breach at Condé Nast. Security researchers analyzing the leaked samples found records consistent with subscriber and marketing databases rather than editorial systems. The incident highlights ongoing risks facing media companies that store large volumes of consumer data. Condé Nast has not yet confirmed the scope but says containment and forensic reviews are underway. Customers are being urged to monitor accounts for suspicious activity.

3. Microsoft Teams Admins Can Block External Users via Defender Portal

Microsoft announced a new capability allowing administrators to block external users in Microsoft Teams directly from the Defender portal. The feature gives security teams centralized visibility and control over cross-tenant collaboration risks. Admins can now detect suspicious external activity and take immediate action without switching tools. This change is aimed at reducing data leakage and social engineering risks through Teams. The rollout is expected to benefit organizations with strict collaboration policies.

4. Microsoft Introduces Hardware-Accelerated BitLocker Enhancements

Microsoft has announced improvements to BitLocker that leverage hardware acceleration for stronger and faster disk encryption. The updates improve performance while increasing resistance to offline attacks and credential theft. These enhancements are particularly beneficial for modern devices with supported CPUs and TPMs. Microsoft says the changes will roll out gradually through Windows updates. Enterprises are encouraged to review BitLocker policies to take advantage of the new protections.

5. Google Will Allow Users to Change Gmail Addresses

Google revealed plans to finally allow users to change their @gmail.com addresses without creating new accounts. The long-requested feature aims to reduce account sprawl and improve security hygiene by limiting abandoned inboxes. While the change is primarily user-focused, it has security implications for account recovery and identity management. Google says safeguards will be in place to prevent impersonation or abuse. The feature is expected to roll out in phases.

6. Five-Year-Old Fortinet SSL VPN Flaw Actively Exploited

Researchers warn that a Fortinet FortiOS SSL VPN vulnerability first disclosed five years ago is now being actively exploited. Attackers are targeting unpatched systems to gain unauthorized network access. The resurgence highlights how legacy vulnerabilities remain dangerous long after disclosure. Security teams are urged to audit VPN infrastructure and ensure all historical patches are applied. The activity is linked to both criminal and state-aligned actors.

7. Aflac Confirms Data Breach Affecting Over 22 Million Customers

Insurance giant Aflac confirmed a data breach that occurred in June, impacting more than 22 million customers. Exposed data includes names, Social Security numbers, and health-related information. The breach went undisclosed for months while investigations were ongoing. Aflac is now notifying affected individuals and offering credit monitoring services. The incident underscores the sensitivity and high value of insurance data to attackers.

8. Spotify Cracks Down on Unlawful Scraping of 86 Million Songs

Spotify has launched a major crackdown against unlawful scraping of its platform, targeting the automated extraction of data from more than 86 million songs. The company says scraping threatens artist rights, user privacy, and platform integrity. New technical controls and legal actions are being deployed to deter abuse. Spotify is also warning developers to comply with API terms or risk bans. The move reflects broader industry efforts to protect data from mass harvesting.

9. Developers Embrace AI Agents, but Security Risks Loom

As developers increasingly adopt AI agents to automate coding and workflows, security experts warn of emerging risks. Poorly controlled agents can introduce vulnerabilities, leak credentials, or execute unsafe actions autonomously. Researchers caution that many organizations lack governance frameworks for AI-driven development. Without proper guardrails, AI agents may expand attack surfaces significantly. Security teams are urged to treat AI agents as privileged systems.

10. China-Linked Evasive Panda Uses DNS for Stealthy Attacks

The China-linked threat group known as Evasive Panda has been observed abusing DNS infrastructure for command-and-control operations. By blending malicious traffic with normal DNS queries, the group evades traditional detection tools. Researchers say this technique enables long-term persistence in targeted environments. The campaign primarily targets government and strategic organizations. Defenders are advised to inspect DNS traffic more closely for anomalies.

11. Pro-Russian Hacktivist Group Claims Attack on La Poste

The pro-Russian hacktivist group NoName057 has claimed responsibility for a cyberattack against France’s La Poste services. The attack reportedly caused temporary service disruptions through distributed denial-of-service techniques. Analysts say such operations are often politically motivated rather than financially driven. This incident reflects the continued use of cyberattacks as a tool of geopolitical signaling. Authorities are assessing the impact and strengthening defenses.