190Articles
10Categories
2025-12-09Date
🚨 CISA KEV 1[−]
9 Dec KEVCISA Adds Two Known Exploited Vulnerabilities to CatalogCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-6218 RARLAB WinRAR Path Traversal Vulnerability CVE-2025-62221 Microsoft Windows Use After Free Vulnerability  These types of vuln…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 84[−]
9 DecCVE-2025-40308 Bluetooth: bcsp: receive data only if registeredInformation published.MSRC.MICROSOFT.COM
9 DecCVE-2025-40309 Bluetooth: SCO: Fix UAF on sco_conn_freeInformation published.MSRC.MICROSOFT.COM
9 DecCVE-2025-40292 virtio-net: fix received length check in big packetsInformation published.MSRC.MICROSOFT.COM
9 DecCVE-2025-40306 orangefs: fix xattr related buffer overflow...Information published.MSRC.MICROSOFT.COM
9 DecCVE-2025-40312 jfs: Verify inode mode when loading from diskInformation published.MSRC.MICROSOFT.COM
9 DecCVE-2025-40313 ntfs3: pretend $Extend records as regular filesInformation published.MSRC.MICROSOFT.COM
9 DecCVE-2025-40324 NFSD: Fix crash in nfsd4_read_release()Information published.MSRC.MICROSOFT.COM
9 DecBurp Suite Upgrades Scanner With Detection for Critical React2Shell FlawsActiveScan++, a widely used extension for the popular penetration testing tool Burp Suite, has released a significant upgrade. The scanner now includes specific detection capabilities for the critical “React2Shell” vulnerabilities. This update addresses two high-sever…GBHACKERS.COM
9 DecReact2Shell Attacks Linked to North Korean HackersNorth Korean threat actors are believed to be behind CVE-2025-55182 exploitation delivering EtherRAT. The post React2Shell Attacks Linked to North Korean Hackers appeared first on SecurityWeek .SECURITYWEEK.COM
9 DecCVE-2025-62454 Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityHeap-based buffer overflow in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62456 Windows Resilient File System (ReFS) Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Resilient File System (ReFS) allows an authorized attacker to execute code over a network.MSRC.MICROSOFT.COM
9 DecCVE-2025-62457 Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityOut-of-bounds read in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62458 Win32k Elevation of Privilege VulnerabilityHeap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62466 Windows Client-Side Caching Elevation of Privilege VulnerabilityNull pointer dereference in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62469 Microsoft Brokering File System Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62470 Windows Common Log File System Driver Elevation of Privilege VulnerabilityHeap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62472 Windows Remote Access Connection Manager Elevation of Privilege VulnerabilityUse of uninitialized resource in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62473 Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityBuffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
9 DecCVE-2025-62549 Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityUntrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
9 DecCVE-2025-62561 Microsoft Excel Remote Code Execution VulnerabilityUntrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62562 Microsoft Outlook Remote Code Execution VulnerabilityUse after free in Microsoft Office Outlook allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62563 Microsoft Excel Remote Code Execution VulnerabilityUse after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62564 Microsoft Excel Remote Code Execution VulnerabilityOut-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62571 Windows Installer Elevation of Privilege VulnerabilityImproper input validation in Windows Installer allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62572 Application Information Service Elevation of Privilege VulnerabilityOut-of-bounds read in Application Information Services allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62573 DirectX Graphics Kernel Elevation of Privilege VulnerabilityUse after free in Windows DirectX allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-64658 Windows File Explorer Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows Shell allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-64667 Microsoft Exchange Server Spoofing VulnerabilityUser interface (ui) misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
9 DecCVE-2025-64666 Microsoft Exchange Server Elevation of Privilege VulnerabilityImproper input validation in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
9 DecCVE-2025-64670 Windows DirectX Information Disclosure VulnerabilityExposure of sensitive information to an unauthorized actor in Microsoft Graphics Component allows an authorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
9 DecCVE-2025-64673 Windows Storage VSP Driver Elevation of Privilege VulnerabilityImproper access control in Storvsp.sys Driver allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-59516 Windows Storage VSP Driver Elevation of Privilege VulnerabilityMissing authentication for critical function in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-59517 Windows Storage VSP Driver Elevation of Privilege VulnerabilityImproper access control in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62455 Microsoft Message Queuing (MSMQ) Elevation of Privilege VulnerabilityImproper input validation in Windows Message Queuing allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62461 Windows Projected File System Elevation of Privilege VulnerabilityBuffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62462 Windows Projected File System Elevation of Privilege VulnerabilityBuffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62463 DirectX Graphics Kernel Denial of Service VulnerabilityNull pointer dereference in Windows DirectX allows an authorized attacker to deny service locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62464 Windows Projected File System Elevation of Privilege VulnerabilityBuffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62465 DirectX Graphics Kernel Denial of Service VulnerabilityNull pointer dereference in Windows DirectX allows an authorized attacker to deny service locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-55233 Windows Projected File System Elevation of Privilege VulnerabilityOut-of-bounds read in Windows Projected File System allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62467 Windows Projected File System Elevation of Privilege VulnerabilityInteger overflow or wraparound in Windows Projected File System allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62468 Windows Defender Firewall Service Information Disclosure VulnerabilityOut-of-bounds read in Windows Defender Firewall Service allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62474 Windows Remote Access Connection Manager Elevation of Privilege VulnerabilityImproper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62550 Azure Monitor Agent Remote Code Execution VulnerabilityOut-of-bounds write in Azure Monitor Agent allows an authorized attacker to execute code over a network.MSRC.MICROSOFT.COM
9 DecCVE-2025-62552 Microsoft Access Remote Code Execution VulnerabilityRelative path traversal in Microsoft Office Access allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62553 Microsoft Excel Remote Code Execution VulnerabilityUse after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62554 Microsoft Office Remote Code Execution VulnerabilityAccess of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62555 Microsoft Word Remote Code Execution VulnerabilityUse after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62556 Microsoft Excel Remote Code Execution VulnerabilityUntrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62557 Microsoft Office Remote Code Execution VulnerabilityUse after free in Microsoft Office allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62558 Microsoft Word Remote Code Execution VulnerabilityUse after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62559 Microsoft Word Remote Code Execution VulnerabilityUse after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62560 Microsoft Excel Remote Code Execution VulnerabilityUntrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62567 Windows Hyper-V Denial of Service VulnerabilityInteger underflow (wrap or wraparound) in Windows Hyper-V allows an authorized attacker to deny service over a network.MSRC.MICROSOFT.COM
9 DecCVE-2025-62569 Microsoft Brokering File System Elevation of Privilege VulnerabilityUse after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62570 Windows Camera Frame Server Monitor Information Disclosure VulnerabilityImproper access control in Windows Camera Frame Server Monitor allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62565 Windows File Explorer Elevation of Privilege VulnerabilityUse after free in Windows Shell allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-64661 Windows Shell Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows Shell allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-64671 GitHub Copilot for Jetbrains Remote Code Execution VulnerabilityImproper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-64672 Microsoft SharePoint Server Spoofing VulnerabilityImproper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
9 DecCVE-2025-64678 Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
9 DecCVE-2025-64679 Windows DWM Core Library Elevation of Privilege VulnerabilityHeap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-64680 Windows DWM Core Library Elevation of Privilege VulnerabilityHeap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-54100 PowerShell Remote Code Execution VulnerabilityImproper neutralization of special elements used in a command ('command injection') in Windows PowerShell allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
9 DecCVE-2025-62221 Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityUse after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
9 DecZoom Rooms on Windows and macOS Exposed to Privilege Escalation and Data Leakage FlawsZoom has released security patches addressing two critical vulnerabilities in Zoom Rooms deployments on both Windows and macOS. The vulnerabilities expose users to privilege escalation attacks and unauthorized software manipulation, prompting immediate update recommendations acro…GBHACKERS.COM
⚠️ VULNERABILITY DISCLOSURE 35[−]
9 DecIgnoring AI in the threat chain could be a costly mistake, experts warnAs AI adoption accelerates across enterprises — and among digital adversaries — a heated debate has erupted over whether AI’s role in the cyber threat chain should be a top concern for CISOs. A vocal handful of experts , along with one cybersecurity vendor , insist that warnings …CSOONLINE.COM
9 DecMaking OAuth Scale Securely for MCPs - Aaron Parecki - ASW #360The MCP standard gave rise to dreams of interconnected agents and nightmares of what those interconnected agents would do with unfettered access to APIs, data, and local systems. Aaron Parecki explains how OAuth's new Client ID Metadata Documents spec provides more security for M…YOUTUBE.COM
9 DecProofpoint Completes $1.8 Billion Acquisition of HornetsecurityEnterprise cybersecurity giant Proofpoint has completed the acquisition of Germany-based Microsoft 365 security solutions provider Hornetsecurity. Financial details were not officially disclosed when news of the transaction came to light, but it was reported that Proofpoint would…SECURITYWEEK.COM
9 DecGoogle Adds Layered Defenses to Chrome to Block Indirect Prompt Injection ThreatsGoogle on Monday announced a set of new security features in Chrome, following the company's addition of agentic artificial intelligence (AI) capabilities to the web browser. To that end, the tech giant said it has implemented layered defenses to make it harder for bad actors to …THEHACKERNEWS.COM
9 DecAkira Group Targets Hyper-V and VMware ESXi with Ransomware Exploiting VulnerabilitiesHypervisors the invisible backbone of modern corporate IT have become the new primary battleground for ransomware groups. According to new data from Huntress, attacks targeting hypervisors to deploy ransomware have skyrocketed in late 2025. While hypervisors like VMware ESXi and …GBHACKERS.COM
9 DecNew Vishing Attack Exploits Microsoft Teams and QuickAssist to Deploy .NET MalwareA sophisticated vishing campaign has emerged that combines social engineering with legitimate Microsoft tools to establish command execution chains leading to multi-stage .NET malware deployment. Security researchers have identified an attack flow that begins with impersonated IT…GBHACKERS.COM
9 DecMalicious MCP Servers Enable Stealthy Prompt Injection to Drain System ResourcesSecurity researchers have uncovered critical vulnerabilities in the Model Context Protocol (MCP) sampling feature that enable malicious servers to execute stealthy prompt injection attacks, drain computational resources, and compromise large language model applications without us…GBHACKERS.COM
9 DecHackers Exploit Ivanti Connect Secure Vulnerabilities to Spread MetaRAT MalwareLAC’s Cyber Emergency Center has identified a sophisticated cyberespionage campaign targeting Japanese shipping and transportation companies. The operation, orchestrated by a China-based threat actor in April 2025, leveraged critical vulnerabilities in Ivanti Connect Secure (ICS)…GBHACKERS.COM
9 DecNew Variant of Mirai Botnet ‘Broadside’ Launches Active Attacks on UsersCydome’s Cybersecurity Research Team has uncovered a sophisticated new variant of the notorious Mirai botnet, designated as “Broadside,” currently executing an active campaign against the maritime logistics sector. Unlike generic botnet waves, Broadside is specificall…GBHACKERS.COM
9 Dec KEVSneeit WordPress RCE Exploited in the Wild While ICTBroadcast Bug Fuels Frost Botnet Attackssubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/12/sneeit-wordpress-rce-exploited-in-wild.htmlSH.ITJUST.WORKS
9 DecNIS2 umsetzen – ohne im Papierkrieg zu endensrcset="https://b2b-contenthub.com/wp-content/uploads/2025/12/shutterstock_2082667993.jpg?quality=50&strip=all 6173w, https://b2b-contenthub.com/wp-content/uploads/2025/12/shutterstock_2082667993.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.c…CSOONLINE.COM
9 DecNorth Korean hackers exploit React2Shell flaw in EtherRAT malware attacksA new malware implant called EtherRAT, deployed in a recent React2Shell attack, runs five separate Linux persistence mechanisms and leverages Ethereum smart contracts for communication with the attacker. [...]BLEEPINGCOMPUTER.COM
9 DecSpain arrests teen who stole 64 million personal data recordsThe National Police in Spain have arrested a suspected 19-year-old hacker in Barcelona, for allegedly stealing and attempting to sell 64 million records obtained from breaches at nine companies. [...]BLEEPINGCOMPUTER.COM
9 DecGemini for Chrome gets a second AI agent to watch over itGoogle is deploying a second AI model to monitor its Gemini-powered Chrome browsing agent after acknowledging the agent could be tricked into taking unauthorized actions through prompt injection attacks. “We’re introducing a user alignment critic where the agent’s actions are vet…CSOONLINE.COM
9 DecRacks, sprawl and the myth of redundancy: Why your failover isn’t as safe as you thinkThe physical roots of resilience Five years ago, at 2 a.m., I stood in a data center aisle watching a core switch lose a power supply. The room was cold, the fans loud and the alert light blinked amber. Within four seconds, the backup unit took over. Not a single packet dropped. …CSOONLINE.COM
9 DecIvanti warns of critical Endpoint Manager code execution flawAmerican IT software company Ivanti warned customers today to patch a newly disclosed vulnerability in its Endpoint Manager (EPM) solution that could allow attackers to execute code remotely. [...]BLEEPINGCOMPUTER.COM
9 DecMaintaining enterprise IT hygiene using Wazuh SIEM/XDRPoor IT hygiene, such as unused accounts, outdated software, and risky extensions, creates hidden exposure in your infrastructure. Wazuh, the open-source XDR and SIEM, shows how continuous inventory monitoring across endpoints helps teams spot drift and tighten security. [...]BLEEPINGCOMPUTER.COM
9 DecCISA Releases Three Industrial Control Systems AdvisoriesCISA released three Industrial Control Systems (ICS) Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.  ICSA-25-343-01 Universal Boot Loader (U-Boot)   ICSA-25-343-02 Festo LX Appliance …CISA.GOV
9 DecFurther Hardening Android GPUsPosted by Liz Prucka, Hamzeh Zawawy, Rishika Hooda, Android Security and Privacy Team Last year, Google's Android Red Team partnered with Arm to conduct an in-depth security analysis of the Mali GPU, a component used in billions of Android devices worldwide. This collaboration wa…SECURITY.GOOGLEBLOG.COM
9 Dec KEVMicrosoft December 2025 Patch Tuesday fixes 3 zero-days, 57 flawsMicrosoft's December 2025 Patch Tuesday fixes 57 flaws, including one actively exploited and two publicly disclosed zero-day vulnerabilities. [...]BLEEPINGCOMPUTER.COM
9 DecNorth Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT MalwareThreat actors with ties to North Korea have likely become the latest to exploit the recently disclosed critical security React2Shell flaw in React Server Components (RSC) to deliver a previously undocumented remote access trojan dubbed EtherRAT. "EtherRAT leverages Ethereum smart…THEHACKERNEWS.COM
9 DecMicrosoft releases Windows 10 KB5071546 extended security updateMicrosoft has released the KB5071546 extended security update to resolve 57 security vulnerabilities, including three zero-day flaws. [...]BLEEPINGCOMPUTER.COM
9 DecMicrosoft Names New Operating CISOs in Strategic Move to Strengthen CyberdefensePromotions across Microsoft’s security organization reinforce the company’s shift toward AI-driven defense and tighter operational oversight under Global CISO Igor Tsyganskiy. The post Microsoft Names New Operating CISOs in Strategic Move to Strengthen Cyberdefense appeared first…SECURITYWEEK.COM
9 DecMicrosoft Patches 57 Vulnerabilities, Three Zero-DaysMicrosoft has addressed a Windows vulnerability exploited as zero-day that allows attackers to obtain System privileges. The post Microsoft Patches 57 Vulnerabilities, Three Zero-Days appeared first on SecurityWeek .SECURITYWEEK.COM
9 DecMicrosoft Patch Tuesday December 2025, (Tue, Dec 9th)This release addresses 57 vulnerabilities. 3 of these vulnerabilities are rated critical. One vulnerability was already exploited, and two were publicly disclosed before the patch was released. ISC.SANS.EDU
9 DecOpportunistic Pro-Russia Hacktivists Attack US and Global Critical InfrastructureCISA, in partnership with Federal Bureau of Investigation, the National Security Agency, Department of Energy, Environmental Protection Agency, the Department of Defense Cyber Crime Center, and other international partners published a joint cybersecurity advisory, Pro-Russia Hack…CISA.GOV
9 DecWarning: Phishing Campaign Leveraging Evilginx Targets U.S. UniversitiesThreat actors are using the open-source phishing framework Evilginx to target universities across the United States, according to researchers at Infoblox. The attackers have targeted at least 18 universities and educational entities since April 2025, using phishing pages that spo…KNOWBE4.COM
9 DecMicrosoft Patch Tuesday, December 2025 EditionMicrosoft today pushed updates to fix at least 56 security flaws in its Windows operating systems and supported software. This final Patch Tuesday of 2025 tackles one zero-day bug that is already being exploited, as well as two publicly disclosed vulnerabilities.KREBSONSECURITY.COM
9 Dec KEVMicrosoft December 2025 Patch Tuesday Fixes 56 Vulnerabilities Fixed and 3 Zero-daysMicrosoft’s final Patch Tuesday of 2025 has been released, addressing 56 vulnerabilities across its product suite. The December update includes patches for three zero-day vulnerabilities, one of which is confirmed to be actively exploited in the wild. Among the resolved fla…GBHACKERS.COM
9 DecMakop Ransomware Targets RDP Systems Using AV Killer and Additional ExploitsMakop, a ransomware strain derived from Phobos, continues to pose a significant threat by exploiting exposed Remote Desktop Protocol (RDP) systems and integrating new attack components, including antivirus-killer modules and advanced privilege-escalation exploits. Recent investig…GBHACKERS.COM
9 DecMultiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code ExecutionMultiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Adobe ColdFusion is a rapid web application development platform that uses the ColdFusion Markup Language (CFML). Adobe Experience Manager (AEM) is …CISECURITY.ORG
9 DecCritical Patches Issued for Microsoft Products, December 9, 2025Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user. …CISECURITY.ORG
9 DecMultiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code ExecutionMultiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large…CISECURITY.ORG
9 DecGrayBravo’s CastleLoader Activity Clusters Target Multiple IndustriesNote: The analysis cut-off date for this report was November 10, 2025 Executive Summary Insikt Group continues to monitor GrayBravo (formerly tracked as TAG-150), a technically sophisticated and rapidly evolving threat actor first identified in September 2025. GrayBravo demonstra…RECORDEDFUTURE.COM
9 DecNovember 2025 CVE Landscape: 10 Critical Vulnerabilities Show 69% Drop from OctoberNovember 2025 CVE landscape: 10 exploited critical vulnerabilities, a 69% drop from October, and why Fortinet and Samsung flaws need urgent patching.RECORDEDFUTURE.COM
📋 SECURITY BULLETINS 3[−]
9 DecFortinet warns of critical FortiCloud SSO login auth bypass flawsFortinet has released security updates to address two critical vulnerabilities in FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager that could allow attackers to bypass FortiCloud SSO authentication. [...]BLEEPINGCOMPUTER.COM
9 DecAdobe Patches Nearly 140 VulnerabilitiesThe Experience Manager security update resolves 117 vulnerabilities, including 116 identified as cross-site scripting (XSS) bugs. The post Adobe Patches Nearly 140 Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
9 DecSAP fixes three critical vulnerabilities across multiple productsSAP has released its December security updates addressing 14 vulnerabilities across a range of products, including three critical-severity flaws. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 9[−]
9 DecSAP Security Patch Day Fixes Critical Flaws in Solution Manager, NetWeaver & MoreSAP has released its December 2025 Security Patch Day updates, addressing 14 new security notes that fix multiple critical and high‑severity vulnerabilities across key enterprise products. Administrators are strongly advised to review the latest security notes in the SAP Support …GBHACKERS.COM
9 DecOAuth Mix-Up Attack ExplainedOAuth clients are vulnerable to mix-up attacks, where authorization codes may be exchanged with incorrect servers. By including an issue identifier in server responses, these threats can be effectively detected and prevented, ensuring compliance with cybersecurity standards. Subs…YOUTUBE.COM
🔥 INCIDENT REPORTING 16[−]
9 DecManufacturing fares better against ransomware — with room for improvementThe manufacturing industry is performing better in protecting itself against ransomware, according to a recent study from security provider Sophos . Compared to previous years’ results, many manufacturing companies are now able to stop ransomware attacks before data is encrypted.…CSOONLINE.COM
9 DecOver 300,000 Individuals Impacted by Vitas Hospice Data BreachVitas, the largest for-profit hospice chain in the United States, discovered a cybersecurity intrusion in October. The post Over 300,000 Individuals Impacted by Vitas Hospice Data Breach appeared first on SecurityWeek .SECURITYWEEK.COM
9 DecSTAC6565 Targets Canada in 80% of Attacks as Gold Blade Deploys QWCrypt RansomwareCanadian organizations have emerged as the focus of a targeted cyber campaign orchestrated by a threat activity cluster known as STAC6565. Cybersecurity company Sophos said it investigated almost 40 intrusions linked to the threat actor between February 2024 and August 2025. The …THEHACKERNEWS.COM
9 DecMicrosoft investigates Copilot outage affecting users in EuropeMicrosoft is working to mitigate an ongoing incident that has been blocking users in Europe from accessing the company's AI-powered Copilot digital assistant. [...]BLEEPINGCOMPUTER.COM
9 DecData breach at Marquis Software Solutions affected over 780,000 people - Infosecurity Magazinesubmitted by kid to cybersecurity 2 points | 0 comments https://www.infosecurity-magazine.com/news/marquis-software-breach/SH.ITJUST.WORKS
9 DecFinCEN says ransomware gangs extorted over $2.1B from 2022 to 2024submitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/fincen-says-ransomware-gangs-extorted-over-21b-from-2022-to-2024/SH.ITJUST.WORKS
9 DecRansomware gangs turn to Shanya EXE packer to hide EDR killerssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/ransomware-gangs-turn-to-shanya-exe-packer-to-hide-edr-killers/SH.ITJUST.WORKS
9 DecHackers Using FLIPPER Devices to Breach IT Systems Arrested by AuthoritiesPolish authorities have arrested three Ukrainian citizens after discovering sophisticated hacking equipment, including FLIPPER devices, during a routine traffic stop in Warsaw. The discovery marks a significant operation targeting cybercriminals allegedly traveling across Europe …GBHACKERS.COM
9 DecNew JS#SMUGGLER Campaign Drops NetSupport RAT Through Infected Sites – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and Moresubmitted by kid to cybersecurity 1 points | 0 comments https://hackread.com/jssmuggler-netsupport-rat-infected-sites/SH.ITJUST.WORKS
9 DecStorm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL SideloadingThe threat actor known as Storm-0249 is likely shifting from its role as an initial access broker to adopt a combination of more advanced tactics like domain spoofing, DLL side-loading, and fileless PowerShell execution to facilitate ransomware attacks. "These methods allow them …THEHACKERNEWS.COM
9 DecTri-Century Eye Care Data Breach Impacts 200,000 Individuals - SecurityWeeksubmitted by kid to cybersecurity 2 points | 0 comments https://www.securityweek.com/tri-century-eye-care-data-breach-impacts-200000-individuals/SH.ITJUST.WORKS
9 DecRansomware IAB abuses EDR for stealthy malware executionAn initial access broker tracked as Storm-0249 is abusing endpoint detection and response solutions and trusted Microsoft Windows utilities to load malware, establish communication, and persistence in preparation for ransomware attacks. [...]BLEEPINGCOMPUTER.COM
9 DecRansomwareCYBER.GC.CA
9 DecDeadLock Ransomware Uses BYOVD to Evade Security Measuressubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/deadlock-ransomware-uses-byovd/SH.ITJUST.WORKS
9 DecGOLD BLADE: Custom QWCrypt Locker for Data Exfiltration and Ransomware DeploymentBetween February 2024 and August 2025, security researchers uncovered a significant campaign orchestrated by the GOLD BLADE threat group, previously known as RedCurl, RedWolf, and Earth Kapre. The investigation of nearly 40 intrusions linked to STAC6565 reveals a sophisticated th…GBHACKERS.COM
9 Dec5 Real-Word Third-Party Risk ExamplesExplore 5 third-party risk examples, from vendor data breaches to supply chain attacks and learn how third-party risk management can prevent cyberattacks.RECORDEDFUTURE.COM
🕵️ THREAT INTELLIGENCE 32[−]
9 DecHacking an Entire Country's Prison System...submitted by InternetCitizen2 to cybersecurity 0 points | 0 comments https://www.youtube.com/watch?v=-xCp7nag3GM cross-posted from: lemmy.world/post/39919486SH.ITJUST.WORKS
9 DecISC Stormcast For Tuesday, December 9th, 2025 https://isc.sans.edu/podcastdetail/9730, (Tue, Dec 9th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
9 DecErmittler kappen Tausende Nummern von mutmaßlichen Betrügernsrcset="https://b2b-contenthub.com/wp-content/uploads/2025/12/shutterstock_2290639589.jpg?quality=50&strip=all 6240w, https://b2b-contenthub.com/wp-content/uploads/2025/12/shutterstock_2290639589.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.c…CSOONLINE.COM
9 DecEquixly Raises $11 Million for AI-Powered API Penetration TestingThe Italian startup will use the investment to build proprietary AI models, accelerate global expansion, and hire new talent. The post Equixly Raises $11 Million for AI-Powered API Penetration Testing appeared first on SecurityWeek .SECURITYWEEK.COM
9 DecNew ‘Broadside’ Botnet Poses Risk to Shipping CompaniesThe botnet attempts to steal credentials from infected TBK DVR devices, in addition to abusing them to launch DDoS attacks. The post New ‘Broadside’ Botnet Poses Risk to Shipping Companies appeared first on SecurityWeek .SECURITYWEEK.COM
9 DecAI vs. Human DriversTwo competing arguments are making the rounds. The first is by a neurosurgeon in the New York Times . In an op-ed that honestly sounds like it was paid for by Waymo, the author calls driverless cars a “public health breakthrough”: In medical research, there’s a practi…SCHNEIER.COM
9 DecMalicious VSCode extensions on Microsoft's registry drop infostealerssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/malicious-vscode-extensions-on-microsofts-registry-drop-infostealers/SH.ITJUST.WORKS
9 DecUS Posts $10 Million Bounty for Iranian HackersThe US seeks information on the leader of Emennet Pasargad, Mohammad Bagher Shirinkar, and long-time employee Fatemeh Sedighian Kashi. The post US Posts $10 Million Bounty for Iranian Hackers appeared first on SecurityWeek .SECURITYWEEK.COM
9 DecScammers harvesting Facebook photos to stage fake kidnappings, warns FBI | Malwarebytessubmitted by kid to cybersecurity 1 points | 0 comments https://www.malwarebytes.com/blog/news/2025/12/scammers-harvesting-facebook-photos-to-stage-fake-kidnappings-warns-fbiSH.ITJUST.WORKS
9 DecMalicious VS Code on Microsoft Registry Steals WiFi Passwords and Captures ScreensSecurity researchers at Koi Security have uncovered a sophisticated malware campaign targeting developers through the Visual Studio Code Marketplace. The attack uses two seemingly innocent extensions a dark theme and an AI assistant to unleash a potent infostealer capable of capt…GBHACKERS.COM
9 DecAI-Driven Tools Uncover GhostPenguin Backdoor Attacking Linux ServersA sophisticated Linux backdoor named GhostPenguin has been discovered by Trend Micro Research, evading detection for over four months after its initial submission to VirusTotal in July 2025. The threat represents a new breed of stealthy malware designed to maintain a low profile …GBHACKERS.COM
9 DecAndroid Malware FvncBot, SeedSnatcher, and ClayRat Gain Stronger Data Theft Featuressubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/12/android-malware-fvncbot-seedsnatcher.htmlSH.ITJUST.WORKS
9 DecWhy the Sanitizer API is just <code>setHTML()</code>submitted by CodiUnicorn to cybersecurity 1 points | 0 comments https://frederikbraun.de/why-sethtml.htmlSH.ITJUST.WORKS
9 DecUK intelligence warns AI 'prompt injection' attacks might never go away | The Record from Recorded Future Newssubmitted by kid to cybersecurity 2 points | 0 comments https://therecord.media/prompt-injection-attacks-uk-intelligence-warningSH.ITJUST.WORKS
9 Dec"Broadside" Mirai Variant Targets Maritime Logistics Sectorsubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/threat-intelligence/broadside-mirai-variant-maritime-logisticsSH.ITJUST.WORKS
9 DecJust a moment...submitted by kid to cybersecurity -1 points | 0 comments https://www.techrepublic.com/article/news-splunk-windows-flaw-dec-2025/SH.ITJUST.WORKS
9 DecIdentity Security Firm Saviynt Raises $700 Million at $3 Billion ValuationThe funding round was led by KKR, with participation from Sixth Street Growth, TenEleven, and Carrick Capital Partners. The post Identity Security Firm Saviynt Raises $700 Million at $3 Billion Valuation appeared first on SecurityWeek .SECURITYWEEK.COM
9 DecWebinar Today: Inside the First 72 hours of a Cyber EventLearn how GRC and SOC teams can turn shared threat intelligence into faster action, clearer communication, and stronger organizational resilience. The post Webinar Today: Inside the First 72 hours of a Cyber Event appeared first on SecurityWeek .SECURITYWEEK.COM
9 DecFour Threat Clusters Using CastleLoader as GrayBravo Expands Its Malware Service InfrastructureFour distinct threat activity clusters have been observed leveraging a malware loader known as CastleLoader, strengthening the previous assessment that the tool is offered to other threat actors under a malware-as-a-service (MaaS) model. The threat actor behind CastleLoader has b…THEHACKERNEWS.COM
9 DecAndroid Malware FvncBot, SeedSnatcher, and ClayRat Gain Stronger Data Theft Featuressubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/12/android-malware-fvncbot-seedsnatcher.htmlSH.ITJUST.WORKS
9 DecWinning the AI Race Starts with the Right Security PlatformAccelerate your AI transformation safely. See why Palo Alto Networks' integrated AI Security Platform is essential to secure GenAI usage and development. The post Winning the AI Race Starts with the Right Security Platform appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
9 DecSAP Security Patch Day: Fix for Critical Vulnerabilities in SAP Solution Manager, NetWeaver, and Other Productssubmitted by kid to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/sap-security-patch-day-december/SH.ITJUST.WORKS
9 DecPrime Security Raises $20 Million to Build Agentic Security ArchitectPrime Security, which offers an AI-powered platform to help security teams detect, prioritize, and mitigate risks at the software design phase, today announced a $20M Series A funding round. Founded in 2023 and headquartered in New York with offices in Tel Aviv, the company …SECURITYWEEK.COM
9 DecChanging the physics of cyber defenseCyber defense is evolving. Find out how graph-powered strategies and AI can help organizations detect threats faster and improve security hygiene. The post Changing the physics of cyber defense appeared first on Microsoft Security Blog .MICROSOFT.COM
9 DecPartners Are Fueling Innovation with Cortex XSIAM and Prisma SASESolution providers voted us #1 – Cortex XSIAM is CRN’s 2025 Product of the Year and Prisma SASE is a 2025 Tech Innovator. The post Partners Are Fueling Innovation with Cortex XSIAM and Prisma SASE appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
9 DecDynamic Client Registration SimplifiedDynamic client registration in OAuth allows developers to streamline the process by using a URL as a client ID, containing metadata like name and logo. This eliminates the need for pre-registration with each OAuth server, enhancing security and efficiency. By fetching metadata dy…YOUTUBE.COM
9 DecHypnotoad, AI Galore, Storm-0249, DocuSign, Broadside, Goldblade, Aaran Leyland... - SWN #536We've got: Hypnotoad, AI Galore, Storm-0249, DocuSign, Broadside, Goldblade, Ships at Sea, Sora, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-536YOUTUBE.COM
9 DecShai-Hulud 2.0: Guidance for detecting, investigating, and defending against the supply chain attackThe Shai‑Hulud 2.0 supply chain attack represents one of the most significant cloud-native ecosystem compromises observed recently. Attackers maliciously modified hundreds of publicly available packages, targeting developer environments, continuous integration and continuous…MICROSOFT.COM
9 DecThe Rise of AI: Fake Videos and Social Media ChaosAI-generated fake videos are changing the landscape of social media, raising concerns about misinformation and digital trust. This clip delves into the cybersecurity measures needed to tackle these challenges and protect online integrity. Subscribe to our podcasts: https://securi…YOUTUBE.COM
9 DecThreat Actors Poison SEO to Spread Fake Microsoft Teams InstallerThe Chinese advanced persistent threat (APT) group Silver Fox (also known as Void Arachne) has launched a sophisticated search engine optimization (SEO) poisoning campaign targeting Chinese-speaking employees at organizations worldwide. The campaign distributes a counterfeit Micr…GBHACKERS.COM
9 DecMicrosoft Copilot Outage Disrupts UK and Europe With Access Failures and Broken FeaturesMicrosoft Copilot, the AI tool many businesses use daily, is facing significant problems today. Users in the United Kingdom and parts of Europe are reporting that they cannot access the service. Others say that even if they can log in, many features are broken or not working corr…GBHACKERS.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
9 DecResearchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer DataCybersecurity researchers have discovered two new extensions on Microsoft Visual Studio Code (VS Code) Marketplace that are designed to infect developer machines with stealer malware. The VS Code extensions masquerade as a premium dark theme and an artificial intelligence (AI)-po…THEHACKERNEWS.COM
9 DecThe AMOS infostealer is piggybacking ChatGPT's chat-sharing feature | Kaspersky official blogWe break down a new infostealer attack that combines the ClickFix technique with a shared chat containing malicious user guides on the official ChatGPT website.KASPERSKY.COM
🎙️ PODCASTS 1[−]
9 DecThe AI Fix #80: DeepSeek’s cheap GPT-5 rival, Antigravity fails, and why being rude to AI makes it smarterIn episode 80 of The AI Fix, your hosts look at DeepSeek 3.2 “Speciale”, the bargain-basement model that claims GPT-5-level brains at 10% of the price, Jensen Huang’s reassuring vision of a robot fashion industry, and a 75kg T-800 style humanoid that can do flying kicks because r…GRAHAMCLULEY.COM
📡 INFOSEC NEWS 7[−]
9 DecSophos Named One of Computerworld’s 2026 Best Places to Work in ITSophos has been named one of Computerworld’s 2026 Best Places to Work in IT for the second consecutive year, earning 10th place among large organizations for its innovative, people-focused, and high-impact IT culture.SOPHOS.COM
9 DecSophos Firewall v22 is now availableSecure by Design.SOPHOS.COM
9 DecHow to Streamline Zero Trust Using the Shared Signals FrameworkZero Trust helps organizations shrink their attack surface and respond to threats faster, but many still struggle to implement it because their security tools don’t share signals reliably. 88% of organizations admit they’ve suffered significant challenges in trying to implement s…THEHACKERNEWS.COM
9 DecCalifornia man admits role in $263 million cryptocurrency theft that funded lavish lifestyleWhen you spend half a million dollars in a single night at a nightclub, purchase exotic cars worth millions, and rent mansions under false names, you are risking drawing attention to yourself... Read more in my article on the Hot for Security blog.BITDEFENDER.COM
9 DecWindows 11 KB5072033 & KB5071417 cumulative updates releasedMicrosoft has released Windows 11 KB5072033 and KB5071417 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities, bugs, and add new features. [...]BLEEPINGCOMPUTER.COM
9 DecWindows PowerShell now warns when running Invoke-WebRequest scriptsMicrosoft says Windows PowerShell now warns when running scripts that use the Invoke-WebRequest cmdlet to download web content, aiming to prevent potentially risky code from executing. [...]BLEEPINGCOMPUTER.COM
9 DecThe big catch: How whaling attacks target top executivesIs your organization’s senior leadership vulnerable to a cyber-harpooning? Learn how to keep them safe.WELIVESECURITY.COM