Astronomers have finally weighed a wandering “rogue” planet, uncovering a Saturn-mass world flung into the galaxy after a dramatic planetary breakup.
Get the latest international news and world events from around the world.
Astronomers Measure The Mass of a Planet With No Star For The First Time
Not all planets are lucky enough to live in a neighborhood like our Solar System – some are doomed to roam the cosmos alone. Astronomers have now, for the first time, measured the mass of, and distance to, one of these lonely worlds.
The planet packs about a fifth of the mass of Jupiter, and is located a little under 10,000 light-years away from Earth, towards the center of our galaxy. That size suggests it most likely formed as part of a planetary system, before being exiled by a game of gravitational billiards.
Related: Record-Smashing Rogue Planet Caught Growing at 6 Billion Tons Per Second.
NASA Confirms It Has Lost Contact With Mars Orbiter MAVEN
NASA has officially lost contact with a spacecraft that has been orbiting Mars since 2014.
The MAVEN spacecraft – Mars Atmosphere and Volatile Evolution – abruptly lost contact with Earth on 6 December 2025 while passing behind the red planet in the normal course of its orbit. When MAVEN re-emerged from behind Mars, however, NASA ground control was unable to reestablish a connection.
On December 9, the space agency announced it is investigating the issue and attempting to locate a signal.
Transparent Tribe Launches New RAT Attacks Against Indian Government and Academia
The threat actor known as Transparent Tribe has been attributed to a fresh set of attacks targeting Indian governmental, academic, and strategic entities with a remote access trojan (RAT) that grants them persistent control over compromised hosts.
“The campaign employs deceptive delivery techniques, including a weaponized Windows shortcut (LNK) file masquerading as a legitimate PDF document and embedded with full PDF content to evade user suspicion,” CYFIRMA said in a technical report.
Transparent Tribe, also called APT36, is a hacking group that’s known for mounting cyber espionage campaigns against Indian organizations. Assessed to be of Indian origin, the state-sponsored adversary has been active since at least 2013.
The ROI Problem in Attack Surface Management
Attack Surface Management (ASM) tools promise reduced risk. What they usually deliver is more information.
Security teams deploy ASM, asset inventories grow, alerts start flowing, and dashboards fill up. There is visible activity and measurable output. But when leadership asks a simple question, “Is this reducing incidents?” the answer is often unclear.
This gap between effort and outcome is the core ROI problem in attack surface management, especially when ROI is measured primarily through asset counts instead of risk reduction.
Cybercriminals Abuse Google Cloud Email Feature in Multi-Stage Phishing Campaign
In response to the findings, Google has blocked the phishing efforts that abuse the email notification feature within Google Cloud Application Integration, adding that it’s taking more steps to prevent further misuse.
Check Point’s analysis has revealed that the campaign has primarily targeted manufacturing, technology, financial, professional services, and retail sectors, although other industry verticals, including media, education, healthcare, energy, government, travel, and transportation, have been singled out.
“These sectors commonly rely on automated notifications, shared documents, and permission-based workflows, making Google-branded alerts especially convincing,” it added. “This campaign highlights how attackers can misuse legitimate cloud automation and workflow features to distribute phishing at scale without traditional spoofing.”
The biggest cybersecurity and cyberattack stories of 2025
2025 was a big year for cybersecurity, with major cyberattacks, data breaches, threat groups reaching new notoriety levels, and, of course, zero-day vulnerabilities exploited in incidents.
Some stories, though, were more impactful or popular with our readers than others.
Below are fifteen of what BleepingComputer believes are the most impactful cybersecurity topics of 2025, with a summary of each. These stories are in no particular order.
New GlassWorm malware wave targets Macs with trojanized crypto wallets
A fourth wave of the “GlassWorm” campaign is targeting macOS developers with malicious VSCode/OpenVSX extensions that deliver trojanized versions of crypto wallet applications.
Extensions in the OpenVSX registry and the Microsoft Visual Studio Marketplace expand the capabilities of a VS Code-compatible editor by adding features and productivity enhancements in the form of development tools, language support, or themes.
The Microsoft marketplace is the official extension store for Visual Studio Code, whereas OpenVSX serves as an open, vendor-neutral alternative, primarily used by editors that do not support or choose not to rely on Microsoft’s proprietary marketplace.
Covenant Health says May data breach impacted nearly 478,000 patients
The Covenant Health organization has revised to nearly 500,000 the number of individuals affected by a data breach discovered last May.
The healthcare entity initially reported in July that the data of 7,864 people had been exposed, but further analysis has revealed a larger impact.
After completing “the bulk of its data analysis,” Covenant Health now says that 478,188 individuals were affected.