Security news.
Today's security brief highlights a critical Adobe Reader zero-day under active exploitation since December, alongside significant data breaches impacting Eurail and crypto ATM giant Bitcoin Depot. Additionally, a widespread vulnerability in the EngageLab SDK exposed data for millions of Android users, including crypto wallets.
Adobe Reader Zero-Day Actively Exploited Since December 2025
A sophisticated zero-day vulnerability in Adobe Reader has been actively exploited via malicious PDF documents since at least December 2025.
Eurail Data Breach Impacts 300,000 Individuals
European travel operator Eurail B.V. announced a December 2025 data breach that exposed personal information, including names and passport numbers, for over 300,000 individuals.
Bitcoin Depot Suffers $3.6 Million Crypto Theft
Hackers breached Bitcoin Depot's systems, stealing $3.665 million worth of Bitcoin from the crypto ATM giant's wallets last month.
EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallets
A patched vulnerability in the EngageLab Android SDK allowed apps to bypass the Android security sandbox, exposing private data for 50 million users, including 30 million crypto wallets.
Healthcare IT Provider ChipSoft Hit by Ransomware
Dutch healthcare software vendor ChipSoft experienced a ransomware attack, forcing its website and digital services offline.
Smart Slider Updates Hijacked to Push Malicious WordPress, Joomla Versions
Hackers compromised the update system for the Smart Slider 3 Pro plugin, distributing malicious versions with multiple backdoors for WordPress and Joomla.
Google Chrome Adds Infostealer Protection Against Session Cookie Theft
Google has rolled out Device Bound Session Credentials (DBSC) protection in Chrome 146 for Windows to prevent info-stealing malware from harvesting session cookies.
Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities
Both Palo Alto Networks and SonicWall have released patches for high-severity vulnerabilities that could allow attackers to modify protected resources and escalate privileges.