Cyber Security Headlines 'DroidLock' demands ransom, Google fixes secret Chrome 0-day, UK fines LastPass over 2022 breach
8 snips
Dec 12, 2025 Explore the alarming tactics of DroidLock malware, which targets Spanish users and demands ransoms while bricking devices. Google rolls out an emergency patch for a zero-day exploit affecting Chrome on major platforms. The UK imposes a hefty fine on LastPass for a breach that compromised user vaults due to stolen credentials. Additionally, learn about doxing attempts impersonating police to gather data from tech companies, and the rise of Docker Hub leaks exposing cloud credentials. Cybersecurity threats are evolving rapidly!
AI Snips
Chapters
Transcript
Episode notes
Lockscreen Control Is As Devastating As Ransomware
- DroidLock doesn't encrypt files but still bricks devices by changing pins and blocking interaction.
- That makes lockscreen control plus wipe and screen recording an effective extortion tactic.
Apply Chrome Emergency Patch Now
- Update Chrome immediately on Windows, macOS, and Linux because the zero-day is being exploited.
- Apply the emergency patch even though Google hasn't yet published CVE details.
Employee Device Compromise Undermines Vault Security
- LastPass's ICO fine highlights how employee device compromise can cascade to customer data exposure.
- Even encrypted vaults are vulnerable when master passwords are weak or attackers get cloud backup keys.