Zscaler's 2025 AI Security Report found that enterprise use of artificial intelligence and machine learning has grown more than 30-fold over the past year, leading to increased cybersecurity risks, SiliconAngle reports.

Reuters reports that Europol has raised concerns about the increasing use of artificial intelligence in organized crime, warning that the technology is enabling criminals to scale operations globally, evade detection, and automate illicit activities.

A new report by the University of Torontos Citizen Lab has identified suspected government customers of Paragon Solutions spyware in six additional countries: Australia, Canada, Cyprus, Denmark, Israel, and Singapore, according toCyberScoop.

An analysis of over 200,000 leaked internal messages from the Black Basta ransomware group covering September 2023 to September 2024 has revealed potential links to Russian authorities and detailed insights into the groups cyber operations, The Hacker News reports.

Cybersecurity firm ESET has uncovered a cyberespionage campaign, Operation FishMedley, which was conducted in 2022 by the operational arm of Chinese cybersecurity firm I-Soon and targeted seven organizations across Taiwan, Hungary, Turkey, Thailand, the US, and France, reports SecurityWeek.

ACROS Security has released unofficial patches for a novel Windows SCF File NTLM hash disclosure zero-day flaw.

State and local governments have been urged by the New America's Open Technology Institute to implement data encryption, hashing, de-identification, and other privacy enhancing technologies to avert potential breaches amid growing concerns regarding the Department of Government Efficiency's increasingly pervasive access to federal agencies' sensitive information, reports CyberScoop.

Major Australian trade tool retailer Sydney Tools had more than 34 million online order records and over 5,000 employees' records leaked by an unprotected ClickHouse database, according to Cybernews.

The Register reports that data breach notification service Have I Been Pwned had nearly 16,000 records belonging to current and former Mailchimp mailing list subscribers stolen following a successful phishing attack against HIBP Administrator Troy Hunt.

Major U.S. wheelchair and mobility equipment provider Numotion had data from over 494,000 individuals, or its entire customer base, compromised after the breach of certain email accounts from September to November, according to SecurityWeek.