🚨 CISA KEV 1[−]
5 Dec KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-55182 Meta React Server Components Remote Code Execution Vulnerability This type of vulnerability is a frequent attack vector for malicio…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 36[−]
5 DecShady Panda Hides For Years In Legitimate Browser Extensions: Cybersecurity TodayIn this episode of 'Cybersecurity Today,' host Jim Love discusses several significant cybersecurity issues. Highlights include a maximum severity vulnerability in React Server Components dubbed React2Shell (CVE-2025-55182), a recently patched Windows shortcut flaw by Microsoft, a…CYBERSECURITYTODAY.LIBSYN.COM
5 DecChinese Hackers Exploiting React2Shell VulnerabilityAWS has seen multiple China-linked threat groups attempting to exploit the React vulnerability CVE-2025-55182. The post Chinese Hackers Exploiting React2Shell Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
5 DecCVE-2025-39833 mISDN: hfcpci: Fix warning when deleting uninitialized timerInformation published.MSRC.MICROSOFT.COM
5 DecCVE-2025-55552 pytorch v2.8.0 was discovered to display unexpected behavior when the components torch.rot90 and torch.randn_like are used together.Information published.MSRC.MICROSOFT.COM
5 DecCVE-2023-53218 rxrpc: Make it so that a waiting process can be abortedInformation published.MSRC.MICROSOFT.COM
5 DecCVE-2023-53221 bpf: Fix memleak due to fentry attach failureInformation published.MSRC.MICROSOFT.COM
5 DecCVE-2023-53247 btrfs: set_page_extent_mapped after read_folio in btrfs_cont_expandInformation published.MSRC.MICROSOFT.COM
5 DecCVE-2025-38709 loop: Avoid updating block size under exclusive ownerInformation published.MSRC.MICROSOFT.COM
5 DecCVE-2022-50316 orangefs: Fix kmemleak in orangefs_sysfs_init()Information published.MSRC.MICROSOFT.COM
5 DecCVE-2023-53248 drm/amdgpu: install stub fence into potential unused fence pointersInformation published.MSRC.MICROSOFT.COM
5 DecCVE-2023-53254 cacheinfo: Fix shared_cpu_map to handle shared caches at different levelsInformation published.MSRC.MICROSOFT.COM
5 DecCVE-2025-11731 Libxslt: type confusion in exsltfuncresultcompfunction of libxsltInformation published.MSRC.MICROSOFT.COM
5 Dec KEVReact2Shell critical flaw actively exploited in China-linked attacksMultiple China-linked threat actors began exploiting the React2Shell vulnerability (CVE-2025-55182) affecting React and Next.js just hours after the max-severity issue was disclosed. [...]BLEEPINGCOMPUTER.COM
5 DecCloudflare firewall reacts badly to React exploit mitigationCloudflare’s network suffered a brief but widespread outage Friday, after an update to its Web Application Firewall to mitigate a vulnerability in React Server Components went wrong. At 9:09 a.m. UTC, the company reported that it was investigating issues with the Cloudflare Dashb…CSOONLINE.COM
5 DecCacti Command Injection Flaw Allows Remote Execution of Malicious CodeA newly disclosed security flaw in the open-source monitoring platform Cacti could allow attackers to execute arbitrary commands on vulnerable servers. The issue, rated High severity and tracked as CVE-2025-66399, affects Cacti versions up to and including 1.2…GBHACKERS.COM
5 DecChina-Nexus Hackers Exploiting React2Shell Vulnerability in Active AttacksWithin hours of the public disclosure of CVE-2025-55182 on December 3, 2025, Amazon threat intelligence teams detected active exploitation attempts from multiple China-nexus threat groups, including Earth Lamia and Jackpot Panda. This critical vulnerability in React Server Compon…GBHACKERS.COM
5 DecChinese Hackers Have Started Exploiting the Newly Disclosed React2Shell VulnerabilityTwo hacking groups with ties to China have been observed weaponizing the newly disclosed security flaw in React Server Components (RSC) within hours of it becoming public knowledge. The vulnerability in question is CVE-2025-55182 (CVSS score: 10.0), aka React2Shell, which allows …THEHACKERNEWS.COM
5 DecAvast Antivirus Sandbox Vulnerabilities Allow Privilege EscalationSAFA researchers uncovered four kernel heap overflow vulnerabilities in Avast Antivirus’s aswSnx.sys driver, designated CVE-2025-13032, affecting versions before 25.3 on Windows. These flaws originate from double-fetch issues in IOCTL handling, allow local attackers to trig…GBHACKERS.COM
5 DecApache Tika Core Flaw Allows Attackers to Exploit Systems with Malicious PDF UploadsA newly disclosed critical vulnerability in Apache Tika could allow attackers to compromise servers by simply uploading a malicious PDF file, according to a security advisory published by Apache maintainers. Tracked as CVE-2025-66516, the flaw affects Apache Tika core,&…GBHACKERS.COM
5 DecCritical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent PatchA critical security flaw has been disclosed in Apache Tika that could result in an XML external entity (XXE) injection attack. The vulnerability, tracked as CVE-2025-66516, is rated 10.0 on the CVSS scoring scale, indicating maximum severity. "Critical XXE in Apache Tika tika-cor…THEHACKERNEWS.COM
5 DecCVE-2025-12819 Untrusted search path in auth_query connection in PgBouncerInformation published.MSRC.MICROSOFT.COM
5 DecCVE-2025-13836 Excessive read buffering DoS in http.clientInformation published.MSRC.MICROSOFT.COM
5 DecCVE-2025-66476 Vim for Windows Uncontrolled Search Path Element Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
5 DecCVE-2025-40218 mm/damon/vaddr: do not repeat pte_offset_map_lock() until successInformation published.MSRC.MICROSOFT.COM
5 DecCVE-2025-61729 Excessive resource consumption when printing error string for host certificate validation in crypto/x509Information published.MSRC.MICROSOFT.COM
5 DecCVE-2025-66293 LIBPNG has an out-of-bounds read in png_image_read_compositeInformation published.MSRC.MICROSOFT.COM
5 DecCVE-2025-40220 fuse: fix livelock in synchronous file put from fuseblk workersInformation published.MSRC.MICROSOFT.COM
5 DecCVE-2025-40219 PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOVInformation published.MSRC.MICROSOFT.COM
5 DecCVE-2025-34297 KissFFT Integer Overflow Heap Buffer Overflow via kiss_fft_allocInformation published.MSRC.MICROSOFT.COM
5 DecWarning: React2Shell vulnerability already being exploited by threat actorsPlugging the React2Shell vulnerability in the open source React server and Next.js in IT environments has just become even more urgent with reports that exploits are already in the wild. Researchers at Greynoise said today they are seeing “opportunistic, largely automated exploit…CSOONLINE.COM
5 DecCritical React Server Components Vulnerability CVE-2025-55182: What Security Teams Need to KnowCVE-2025-55182 is a critical (CVSS 10.0) pre-authentication remote code execution vulnerability affecting React Server Components used in React.js, Next.js, and related frameworks (see the context section for a more exhaustive list of affected frameworks).TRENDMICRO.COM
⚠️ VULNERABILITY DISCLOSURE 27[−]
5 DecCoupang breach of 33.7 million accounts allegedly involved engineer insiderA prolonged lack of management of valid authentication keys for signed access tokens issued to authenticators is believed to be the root cause of over 30 million accounts being exposed externally by ecommerce giant Coupang. Ongoing analysis suggests that these keys could have bee…CSOONLINE.COM
5 DecDas CISO-Paradoxon: Innovation ermöglichen und Risiken managenCISOs sollten eng mit anderen Teams zusammenarbeiten. eamesBot – shutterstock.com Eine der Hauptaufgaben von CISOs besteht darin, nicht mehr die „Abteilung des Neins“ zu sein. Sie müssen Wege finden, die schnelle Bereitstellung von Produkten und Dienstleistungen für das Unternehm…CSOONLINE.COM
5 DecNew SVG Technique Enables Highly Interactive Clickjacking AttacksA security researcher has unveiled a novel web exploitation technique dubbed “SVG clickjacking,” which significantly elevates the sophistication of traditional user-interface redress attacks. Unlike standard clickjacking, which typically involves tricking users into c…GBHACKERS.COM
5 Dec KEVJPCERT Confirms Active Command Injection Attacks on Array AG GatewaysA command injection vulnerability in Array Networks AG Series secure access gateways has been exploited in the wild since August 2025, according to an alert issued by JPCERT/CC this week. The vulnerability, which does not have a CVE identifier, was addressed by the company on May…THEHACKERNEWS.COM
5 DecSpyCloud Data Shows Corporate Users 3x More Likely to Be Targeted by Phishing Than by MalwarePhishing has surged 400% year-over-year, highlighting need for real-time visibility into identity exposures. SpyCloud , the leader in identity threat protection, today released new data showing a sharp rise in phishing attacks that disproportionately target corporate users. The c…CSOONLINE.COM
5 Dec15 years in, zero trust remains elusive — with AI rising to complicate the challengeThe zero trust approach cybersecurity access control is more than 15 years old but organizations continue to struggle with its implementation due in large part to fragmented tooling and legacy infrastructure. A recent report from Accenture paints a picture of widespread industry …CSOONLINE.COM
5 DecIntellexa Leaks Reveal Zero-Days and Ads-Based Vector for Predator Spyware DeliveryA human rights lawyer from Pakistan's Balochistan province received a suspicious link on WhatsApp from an unknown number, marking the first time a civil society member in the country was targeted by Intellexa's Predator spyware, Amnesty International said in a report. The link, t…THEHACKERNEWS.COM
5 DecTo Catch a Predator: Leak exposes the internal operations of Intellexa’s mercenary spyware - Amnesty International Security Labsubmitted by kid to cybersecurity 2 points | 0 comments https://securitylab.amnesty.org/latest/2025/12/intellexa-leaks-predator-spyware-operations-exposed/SH.ITJUST.WORKS
5 DecHackers Exploiting ArrayOS AG VPN Vulnerability to Deploy WebshellsA critical command injection vulnerability in Array Networks’ ArrayOS AG systems has become the focus of active exploitation campaigns, with Japanese organizations experiencing confirmed attacks since August 2025. According to alerts from JPCERT/CC, threat actors are levera…GBHACKERS.COM
5 DecHackers Abuse Microsoft Teams Notifications to Launch Callback Phishing AttacksA sophisticated phishing campaign is targeting users through Microsoft Teams notifications, exploiting the platform’s trusted status to deliver deceptive messages that appear legitimate to both recipients and email security filters. Threat actors are leveraging Teams’…GBHACKERS.COM
5 DecMicrosoft ignores LNK vulnerability, 0patch steps in | Cybernewssubmitted by kid to cybersecurity 1 points | 0 comments https://cybernews.com/security/microsoft-ignores-windows-lnk-file-abuse-by-hackers/SH.ITJUST.WORKS
5 DecHackers are exploiting ArrayOS AG VPN flaw to plant webshellssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/hackers-are-exploiting-arrayos-ag-vpn-flaw-to-plant-webshells/SH.ITJUST.WORKS
5 Dec KEVCloudflare blames today's outage on emergency React2Shell patchCloudflare has blamed today's outage on the emergency patching of a critical React remote code execution vulnerability, which is now actively exploited in attacks. [...]BLEEPINGCOMPUTER.COM
5 DecAI in CI/CD pipelines can be tricked into behaving badlyAI agents embedded in CI/CD pipelines can be tricked into executing high-privilege commands hidden in crafted GitHub issues or pull request texts. Researchers at Aikido Security have traced the problem back to workflows that pair GitHub Actions or GitLab CI/CD with AI tools such …CSOONLINE.COM
5 DecAvoiding the next technical debt: Building AI governance before it breaksThe AI rush is repeating a familiar mistake. Early in my career, a risk executive I worked with used to say, “You didn’t invite me to drink the beer; now you want me to pay the bill?” whenever problems came up because a project moved ahead without enough oversight. If someone tri…CSOONLINE.COM
5 Dec KEVCloudflare Outage Caused by React2Shell MitigationsThe critical React vulnerability has been exploited in the wild by Chinese and other threat actors. The post Cloudflare Outage Caused by React2Shell Mitigations appeared first on SecurityWeek .SECURITYWEEK.COM
5 DecThreat Actors Distribute CoinMiner Malware through USB Drives to Infect WorkstationsCybercriminals continue to exploit USB drives as infection vectors, with recent campaigns delivering sophisticated CoinMiner malware that establishes persistent cryptocurrency-mining operations on compromised workstations. Security researchers have documented an evolving threat t…GBHACKERS.COM
5 DecIn Other News: X Fined €120 Million, Array Flaw Exploited, New Iranian BackdoorOther noteworthy stories that might have slipped under the radar: Akamai patches HTTP smuggling vulnerability, Claude Skills used to execute ransomware, PickleScan flaws. The post In Other News: X Fined €120 Million, Array Flaw Exploited, New Iranian Backdoor appeared first on Se…SECURITYWEEK.COM
5 DecHardening browser security with zero-trust controlsThe shift from perimeter-based security to zero trust is now indispensable for combating modern threats. The obsolete “castle-and-moat” model, granting implicit trust to any device or user inside the network, collapsed with the rise of cloud, remote work and BYOD. Attackers now b…CSOONLINE.COM
5 DecMalicious AI Tools Assist in Phishing and Ransomware AttacksResearchers at Palo Alto Networks’ Unit 42 are tracking two new malicious AI tools, WormGPT 4 and KawaiiGPT, that allow threat actors to craft phishing lures and generate ransomware code.KNOWBE4.COM
5 DecCloudflare blames today's outage on emergency React2Shell patchsubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/cloudflare-blames-todays-outage-on-emergency-react2shell-patch/ This was not an attack; the change was deployed by our team to help mitigate the industry-wide vulnerability disc…SH.ITJUST.WORKS
5 Dec2025 ISC2 Cybersecurity Workforce Studysubmitted by kid to cybersecurity 1 points | 0 comments https://www.isc2.org/insights/2025/12/2025-ISC2-Cybersecurity-Workforce-StudySH.ITJUST.WORKS
5 DecBarts Health NHS discloses data breach after Oracle zero-day hackBarts Health NHS Trust has announced that Clop ransomware actors have stolen files from a database by exploiting a vulnerability in its Oracle E-business Suite software. [...]BLEEPINGCOMPUTER.COM
5 DecChinese cyberspies target VMware vSphere for long-term persistenceChinese state-sponsored threat actors are backdooring VMware vCenter and VMware ESXi servers with a malware program written in Go, allowing them to maintain long-term persistence in victim networks. According to a joint report by the US Cybersecurity and Infrastructure Security A…CSOONLINE.COM
5 DecInsecure use of Signal app part of wider Department of Defense problem, suggests Senate reportThe Signalgate scandal that enveloped US Secretary of Defense Pete Hegseth in March appears to be symptomatic of a wider lax attitude towards the use of non-approved messaging apps by officials and employees, a Senate Committee has concluded. In March, the US Senate Committee on …CSOONLINE.COM
5 DecA Vulnerability in React Server Component (RSC) Could Allow for Remote Code ExecutionA vulnerability in the React Server Components (RSC) implementation has been discovered that could allow for remote code execution. Specifically, it could allow for unauthenticated remote code execution on affected servers. The issue stems from unsafe deserialization of RSC “Flig…CISECURITY.ORG
5 DecPro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Critical InfrastructureSummary Note: This joint Cybersecurity Advisory is being published as an addition to the Cybersecurity and Infrastructure Security Agency (CISA) May 6, 2025, joint fact sheet Primary Mitigations to Reduce Cyber Threats to Operational Technology and European Cybercrime Centre’s (E…CISA.GOV
📢 SECURITY ADVISORIES 10[−]
5 DecSuspicious traffic could be testing CDN evasion, says expertAn individual or group is doing new probing of content delivery networks (CDNs), an effort that CSOs, CIOs and network administrators should worry about if they use CDNs instead of web application firewalls to protect websites. That’s the conclusion of Johannes Ullrich , dean of …CSOONLINE.COM
5 DecCISA, NSA Alert on BRICKSTORM Malware Targeting VMware ESXi and Windows SystemsThe Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA), joined by Canadian cyber authorities, have issued a joint alert warning of a sophisticated new malware campaign dubbed “BRICKSTORM.” According to the advisory released,…GBHACKERS.COM
5 DecAnlagebetrüger ködern mit falscher Promi-WerbungCyberkriminelle sollen deutschlandweit mindestens 120 Menschen um einen Gesamtbetrag von mehr als 1,3 Millionen Euro gebracht haben. MiniStocker – shutterstock.com Die Werbung mit Promis für ein “geheimes Finanzprodukt” war gefälscht, Anleger verloren ihr Geld: Mutmaßliche Intern…CSOONLINE.COM
5 DecCISA Reports PRC Hackers Using BRICKSTORM for Long-Term Access in U.S. SystemsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released details of a backdoor named BRICKSTORM that has been put to use by state-sponsored threat actors from the People's Republic of China (PRC) to maintain long-term persistence on compromised system…THEHACKERNEWS.COM
5 DecNCSC Launches Proactive Notification Service to Alert System Owners of VulnerabilitiesThe UK’s National Cyber Security Centre (NCSC) has introduced a new initiative designed to protect organisations from cyber threats. Working alongside Netcraft, the NCSC has launched the Proactive Notification Service, a groundbreaking program that identifies and alerts sys…GBHACKERS.COM
5 DecKnowBe4 Earns Multiple 2026 Buyer's Choice Awards from TrustRadiusKnowBe4 is proud to announce that three of its leading security products — Security Awareness Training , PhishER/PhishER Plus and Compliance Plus — have been recognized as 2026 Buyer's Choice award winners by TrustRadius, a HG Insights company and buyer intelligence platform for …KNOWBE4.COM
5 DecCanada, US warn of China’s BRICKSTORM malware after incident response effortssubmitted by Scotty to cybersecurity 3 points | 0 comments https://therecord.media/cisa-nsa-warn-brickstorm-china cross-posted from: scribe.disroot.org/post/5953090 Archived version Here is the original Cisa report: BRICKSTORM Backdoor … Chinese hackers are using a strain of malw…INFOSEC.PUB
5 DecCanada, US warn of China’s BRICKSTORM malware after incident response effortssubmitted by Scotty to cybersecurity 2 points | 0 comments https://therecord.media/cisa-nsa-warn-brickstorm-china cross-posted from: scribe.disroot.org/post/5953090 Archived version Here is the original Cisa report: BRICKSTORM Backdoor … Chinese hackers are using a strain of malw…SH.ITJUST.WORKS
🔥 INCIDENT REPORTING 9[−]
5 DecWeekly Update 481Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite Twelve years (and one day) since launching Have I Been Pwned, it's now a service that Charlotte and I live and breathe every day. …TROYHUNT.COM
5 Dec700Credit Reveals Data Breach - TechRepublicsubmitted by kid to cybersecurity 1 points | 0 comments https://www.techrepublic.com/article/news-700credit-data-breach/SH.ITJUST.WORKS
5 DecLummaC2 Infects North Korean Hacker Device Linked to Bybit Heist – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and Moresubmitted by kid to cybersecurity 1 points | 0 comments https://hackread.com/north-korean-hacker-device-lummac2-infostealer-bybit/SH.ITJUST.WORKS
5 DecPharma firm Inotiv discloses data breach after ransomware attackAmerican pharmaceutical firm Inotiv is notifying thousands of people that they're personal information was stolen in an August 2025 ransomware attack. [...]BLEEPINGCOMPUTER.COM
5 DecSharpening the knife: GOLD BLADE’s strategic evolutionUpdates include novel abuse of recruitment platforms, modified infection chains, and expansion into a hybrid operation that combines data theft and ransomware deploymentSOPHOS.COM
5 DecRansomware: Trotz besserer Abwehr hoher Anteil an Lösegeldzahlungensrcset="https://b2b-contenthub.com/wp-content/uploads/2025/12/shutterstock_2409735251.jpg?quality=50&strip=all 6485w, https://b2b-contenthub.com/wp-content/uploads/2025/12/shutterstock_2409735251.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.c…CSOONLINE.COM
5 DecWebXR Flaw Hits 4 Billion Chromium Users, Update Your Browser Now – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and Moresubmitted by kid to cybersecurity 1 points | 0 comments https://hackread.com/webxr-flaw-chromium-users-browser-update/SH.ITJUST.WORKS
5 DecCriminal IP to Host Webinar: Beyond CVEs – From Visibility to Action with ASMTorrance, California, USA, December 5th, 2025, CyberNewsWire Criminal IP will host a live webinar on December 16 at 11:00 AM Pacific Time (PT), focusing on the shift in cyberattack strategies. The session will examine how an increasing number of incidents now originate from expos…GBHACKERS.COM
5 DecThe Hidden Cascade: Why Law Firm Breaches Destroy More than DataDiscover how law firm breaches expose decades of M&A intelligence, client data, and privileged strategy—and how to reduce cascading vendor risk before it hits.RECORDEDFUTURE.COM
🕵️ THREAT INTELLIGENCE 30[−]
5 DecISC Stormcast For Friday, December 5th, 2025 https://isc.sans.edu/podcastdetail/9726, (Fri, Dec 5th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
5 DecNew Stealthy Linux Malware Merges Mirai-based DDoS Botnet with Fileless CryptominerCybersecurity researchers uncover a sophisticated Linux campaign that blends legacy botnet capabilities with modern evasion techniques. A newly discovered Linux malware campaign is demonstrating the evolving sophistication of threat actors by combining Mirai-derived distributed d…GBHACKERS.COM
5 DecAutoIT3 Compiled Scripts Dropping Shellcodes, (Fri, Dec 5th)AutoIT3[ 1 ] is a powerful language that helps to built nice applications for Windows environments, mainly to automate tasks. If it looks pretty old, the latest version was released last September and it remains popular amongst developers, for the goodâ€
…ISC.SANS.EDU
5 DecNew Anonymous Phone ServiceA new anonymous phone service allows you to sign up with just a zip code.SCHNEIER.COM
5 DecHelmet Security Emerges From Stealth Mode With $9 Million in FundingHelmet Security has built an end-to-end platform that secures the infrastructure for agentic AI communication. The post Helmet Security Emerges From Stealth Mode With $9 Million in Funding appeared first on SecurityWeek .SECURITYWEEK.COM
5 DecAisuru Botnet Powers Record DDoS Attack Peaking at 29 TbpsCloudflare recently mitigated a new record-breaking Aisuru attack that peaked at 14.1 Bpps. The post Aisuru Botnet Powers Record DDoS Attack Peaking at 29 Tbps appeared first on SecurityWeek .SECURITYWEEK.COM
5 DecLumia Security Raises $18 Million for AI Security and GovernanceThe startup will invest in expanding its engineering and research teams, deepening product integrations, and scaling go-to-market efforts. The post Lumia Security Raises $18 Million for AI Security and Governance appeared first on SecurityWeek .SECURITYWEEK.COM
5 DecCloudflare down, websites offline with 500 Internal Server Errorsubmitted by kid to cybersecurity 4 points | 0 comments https://www.bleepingcomputer.com/news/technology/cloudflare-down-websites-offline-with-500-internal-server-error/ Seems to be over now.SH.ITJUST.WORKS
5 DecIntroducing Sophos Intelix for Microsoft 365 CopilotBringing Sophos threat intelligence directly into Microsoft 365 Copilot.SOPHOS.COM
5 DecIntroducing Sophos Intelix for Microsoft Security CopilotElevating threat intelligence for all Security Copilot users.SOPHOS.COM
5 DecSplunk Enterprise Vulnerabilities Allows Privileges Escalation Via Incorrect File Permissionssubmitted by kid to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/splunk-enterprise-permission-vulnerabilities/SH.ITJUST.WORKS
5 DecHackers Using CastleRAT Malware to Attack Windows Systems and Gain Remote AccessThe cybersecurity landscape continues to evolve as threat actors deploy increasingly sophisticated tools to compromise Windows-based infrastructure. CastleRAT, a Remote Access Trojan that emerged around March 2025, represents a significant addition to the malware arsenal that def…GBHACKERS.COM
5 DecRussian Hackers Imitate European Events in Coordinated Phishing CampaignsRussian state-linked hackers are impersonating high-profile European security conferences to compromise cloud email and collaboration accounts at governments, think tanks, and policy organizations, according to new research from cybersecurity firm Volexity. The campaigns, active …GBHACKERS.COM
5 DecRussian Calisto Hackers Target NATO Research with ClickFix MalwareRussian intelligence-linked cyber threat actors have intensified their operations against NATO research organizations, Western defense contractors, and NGOs supporting Ukraine, employing sophisticated phishing and credential harvesting techniques. The Calisto intrusion set, attri…GBHACKERS.COM
5 DecCloudflare Outage Triggers Widespread 500 Internal Server ErrorsCloudflare has announced that it is currently experiencing a significant outage impacting its Dashboard and Cloudflare API services. Many users around the world are reporting issues such as 500 Internal Server Errors, failed API requests, and sudden disruptions in tools that depe…GBHACKERS.COM
5 DecChina-Nexus Hackers Target VMware vCenter Systems to Deploy Web Shells and Malware ImplantsThroughout 2025, CrowdStrike has identified multiple intrusions targeting VMware vCenter environments at U.S.-based entities, in which newly identified China-nexus adversary WARP PANDA deployed BRICKSTORM malware. WARP PANDA exhibits sophisticated technical capabilities, advanced…GBHACKERS.COM
5 DecNew GhostFrame Phishing Framework Hits Over One Million Attacks - Infosecurity Magazinesubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/ghostframe-phishing-hits-one/SH.ITJUST.WORKS
5 DecUS Organizations Warned of Chinese Malware Used for Long-Term PersistenceWarp Panda has been using the BrickStorm, Junction, and GuestConduit malware in attacks against US organizations. The post US Organizations Warned of Chinese Malware Used for Long-Term Persistence appeared first on SecurityWeek .SECURITYWEEK.COM
5 DecImper.ai Emerges From Stealth Mode With $28 Million in FundingThe cybersecurity startup detects impersonation risk in real-time, across video, phone, and chat communication. The post Imper.ai Emerges From Stealth Mode With $28 Million in Funding appeared first on SecurityWeek .SECURITYWEEK.COM
5 DecMuddyWater Hackers Use UDPGangster Backdoor to Bypass Network Defenses on WindowsThe MuddyWater threat group has escalated its cyber espionage operations by deploying UDPGangster, a sophisticated UDP-based backdoor designed to infiltrate Windows systems while systematically evading traditional network defenses. Recent intelligence gathered by FortiGuard Labs …GBHACKERS.COM
5 DecGoldFactory Hits Southeast Asia with Modified Banking Apps Driving 11,000+ Infectionssubmitted by kid to cybersecurity 2 points | 0 comments https://thehackernews.com/2025/12/goldfactory-hits-southeast-asia-with.htmlSH.ITJUST.WORKS
5 DecAI in Penetration TestingStep into the future of cybersecurity with AI! Ed Skoudis and Paul Asadoorian reveal how AI is reshaping penetration testing, exposing elusive vulnerabilities in record time. Dive into this electrifying discussion and elevate your security game! Subscribe to our podcasts: https:/…YOUTUBE.COM
5 DecCrossing the Autonomy ThresholdAutonomous offensive cyber agents are here. Shift from human-led, reactive defense to proactive, machine-driven security for cyber resilience. The post Crossing the Autonomy Threshold appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
5 DecNEW TECH Q&A: Start-up Indentient debuts reimagined AI copilots trained on experts’ insightsCybersecurity has always been a moving target. But AI has shifted the center of gravity. Related: The workflow cadences of Gen AI Over just the past two years, we’ve watched decision cycles compress, incentive structures change beneath us, and the … (more…) The post NEW TEC…LASTWATCHDOG.COM
5 DecOff-Topic Fridaysubmitted by shellsharks to cybersecurity 1 points | 0 comments Wanna chat about something non-infosec amongst those of us who frequent /c/cybersecurity? Here’s your chance! (Keep things civil & respectful please)INFOSEC.PUB
5 DecMicrosoft named a leader in the 2025 Gartner® Magic Quadrant™ for Email SecurityMicrosoft has been named a Leader in the 2025 Gartner® Magic Quadrant™ for Email Security, which we believe highlights the innovative capabilities of Microsoft Defender for Office 365. The post Microsoft named a leader in the 2025 Gartner® Magic Quadrant™ for Email Security appea…MICROSOFT.COM
5 DecFriday Squid Blogging: Vampire Squid GenomeThe vampire squid ( Vampyroteuthis infernalis ) has the largest cephalopod genome ever sequenced: more than 11 billion base pairs. That’s more than twice as large as the biggest squid genomes. It’s technically not a squid: “The vampire squid is a fascinating twi…SCHNEIER.COM
5 DecToilet Cams, N. Korea, Brickstorm, MCP, React2Shell, Proxmox, Metaverse, Josh Marpet - SWN #535Toilet Cams, North Korea, Brickstorm, MCP, India, React2Shell, Proxmox, Metaverse, Josh Marpet, and More, on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-535YOUTUBE.COM
5 DecSmart Toilets: Health Insights or Data Concerns?Kohler's DEKODA: A $600 smart toilet attachment promising health insights through optical sensors and machine learning. But is this the future of wellness or just another data privacy concern in our increasingly digital world? As cybersecurity experts warn about data vulnerabilit…YOUTUBE.COM
5 DecSprocket Security Earns Repeat Recognition in G2’s Winter 2025 Relationship Index for Penetration TestingMadison, United States, December 5th, 2025, CyberNewsWire Sprocket Security is proud to announce that it has once again been recognized by G2 for “High Performer,” “Best Support,” and “Easiest to Do Business With” in the Winter 2025 Relationship Index for Penetration Testing. Thi…GBHACKERS.COM
📡 INFOSEC NEWS 11[−]
5 DecCloudflare down, websites offline with 500 Internal Server ErrorCloudflare is down, as websites are crashing with a 500 Internal Server Error. [...]BLEEPINGCOMPUTER.COM
5 Dec"Getting to Yes": An Anti-Sales Guide for MSPsMost MSPs and MSSPs know how to deliver effective security. The challenge is helping prospects understand why it matters in business terms. Too often, sales conversations stall because prospects are overwhelmed, skeptical, or tired of fear-based messaging. That’s why we created ”…THEHACKERNEWS.COM
5 DecEU fines X $140 million over deceptive blue checkmarksThe European Commission has fined X €120 million ($140 million) for violating transparency obligations under the Digital Services Act (DSA). [...]BLEEPINGCOMPUTER.COM
5 DecPetco confirms security lapse exposed customers’ personal dataThe pet company has published almost no details about what happened, who was affected, and what personal data was exposed.TECHCRUNCH.COM
5 DecFBI warns of virtual kidnapping scams using altered social media photosThe FBI warns that criminals are altering images shared on social media and using them as fake proof of life photos in virtual kidnapping ransom scams. [...]BLEEPINGCOMPUTER.COM
5 DecA Practical Guide to Continuous Attack Surface VisibilityPassive scan data goes stale fast as cloud assets shift daily, leaving teams blind to real exposures. Sprocket Security shows how continuous, automated recon gives accurate, up-to-date attack surface visibility. [...]BLEEPINGCOMPUTER.COM
5 DecZero-Click Agentic Browser Attack Can Delete Entire Google Drive Using Crafted EmailsA new agentic browser attack targeting Perplexity's Comet browser that's capable of turning a seemingly innocuous email into a destructive action that wipes a user's entire Google Drive contents, findings from Straiker STAR Labs show. The zero-click Google Drive Wiper technique h…THEHACKERNEWS.COM
5 DecHashJack Attack Targets AI Browsers and Agentic AI SystemsA new wave of client-side attacks bypasses enterprise defenses.F5.COM
5 DecHashJack Attack Targets AI Browsers and Agentic AI SystemsA new wave of client-side attacks bypasses enterprise defenses.F5.COM
5 DecThe Bug That Won't Die: 10 Years of the Same MistakeExplore a decade of deserialization vulnerabilities, from Java to React/Next.js CVEs, and learn how to harden apps and stay ahead with Recorded Future.RECORDEDFUTURE.COM