110Articles
9Categories
2025-12-11Date
🚨 CISA KEV 1[−]
11 Dec KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-58360 OSGeo GeoServer Improper Restriction of XML External Entity Reference Vulnerability  This type of vulnerability is a frequent …CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 22[−]
11 DecHidden .NET HTTP proxy behavior can open RCE flaws in apps — a security issue Microsoft won’t fixResearchers uncovered an unexpected behavior of HTTP client proxies when created in .NET code, potentially allowing attackers to write malicious code to arbitrary files. This in turn can open remote code execution (RCE) attack paths through web shells and malicious PowerShell scr…CSOONLINE.COM
11 Dec KEVFortinet admins urged to update software to close FortiCloud SSO holesAdmins using FortiCloud SSO (single sign on) to authenticate access to Fortinet products are urged to upgrade the software running some of the company’s gateway products as soon as possible, or risk their networks being compromised. “Users of Fortinet appliances should, for now, …CSOONLINE.COM
11 DecCVE-2025-40336 drm/gpusvm: fix hmm_pfn_to_map_order() usageInformation published.MSRC.MICROSOFT.COM
11 DecCVE-2025-11933 DoS Vulnerability in wolfSSL TLS 1.3 CKS ExtensionInformation published.MSRC.MICROSOFT.COM
11 DecUnpatched Gogs Zero-Day Exploited Across 700+ Instances Amid Active AttacksA high-severity unpatched security vulnerability in Gogs has come under active exploitation, with more than 700 compromised instances accessible over the internet, according to new findings from Wiz. The flaw, tracked as CVE-2025-8110 (CVSS score: 8.7), is a case of file overwrit…THEHACKERNEWS.COM
11 DecIvantis EPM-Systeme anfällig für AngriffeUnternehmen sollten ihre EPM-Systeme von Ivanti so bald wie möglich patchen, da dort schwerwiegende Sicherheitslücken entdeckt wurden. ImageFlow – shutterstock.com Ivanti hat kürzlich einen schwerwiegenden Fehler in seinen EMP-Systemen gemeldet, der Admin-Sitzungen ohne Authentif…CSOONLINE.COM
11 DecHigh-Severity Jenkins Flaw Enables Unauthenticated DoS Through HTTP CLIJenkins has released a critical security advisory addressing a high-severity denial-of-service vulnerability affecting millions of organizations that rely on the popular automation server. The flaw, tracked as CVE-2025-67635, allows unauthenticated attackers to disrupt Jenkins in…GBHACKERS.COM
11 DecReact2Shell flaw (CVE-2025-55182) exploited for remote code executionThe availability of exploit code will likely lead to more widespread opportunistic attacksSOPHOS.COM
11 DecSAML authentication broken almost beyond repairResearchers have uncovered fresh techniques for breaking SAML-based authentication, further undermining the security assurances offered by the aging by still widely used authentication protocol. SAML (Security Assertion Markup Language) has been the backbone of enterprise single …CSOONLINE.COM
11 Dec2025 CWE Top 25 Most Dangerous Software WeaknessesThe Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Homeland Security Systems Engineering and Development Institute (HSSEDI), operated by the MITRE Corporation, has released the 2025 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Softwa…CISA.GOV
11 DecCVE-2025-64669 Windows Admin Center Elevation of Privilege VulnerabilityCorrected Build Number in the Security Updates table. This is an informational change only.MSRC.MICROSOFT.COM
11 DecChromium: CVE-2025-14373 Inappropriate implementation in ToolbarThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.MSRC.MICROSOFT.COM
11 DecChromium: CVE-2025-14372 Use after free in Password ManagerThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 28[−]
11 Dec.NET SOAPwn Flaw Opens Door for File Writes and Remote Code Execution via Rogue WSDLNew research has uncovered exploitation primitives in the .NET Framework that could be leveraged against enterprise-grade applications to achieve remote code execution. WatchTowr Labs, which has codenamed the "invalid cast vulnerability" SOAPwn, said the issue impacts Barracuda S…THEHACKERNEWS.COM
11 DecReact2Shell Exploitation Delivers Crypto Miners and New Malware Across Multiple SectorsReact2Shell continues to witness heavy exploitation, with threat actors leveraging the maximum-severity security flaw in React Server Components (RSC) to deliver cryptocurrency miners and an array of previously undocumented malware families, according to new findings from Huntres…THEHACKERNEWS.COM
11 DecSecurity researchers given new boostComputer security researchers are in the spotlight as governments look to tackle the growing threat of cybercrime. Last week, British security minister Dan Jarvis set out a new approach to combatting computer crime , highlighting the damage that security breaches have done to the…CSOONLINE.COM
11 DecSmashing Security podcast #447: Grok the stalker, the Louvre heist, and Microsoft 365 mayhemOn this week's show we learn that AI really can be a stalker’s best friend, as we explore a strange tale that starts with a manatee-shaped mailbox on a millionaire's lawn and ends with Grok happily doxxing real people, mapping out stalking "strategies," and handing out revenge-po…GRAHAMCLULEY.COM
11 Dec644K+ Websites at Risk Due to Critical React Server Components FlawThe Shadowserver Foundation has issued an urgent update regarding the critical “React2Shell” vulnerability, identifying a massive attack surface that remains exposed to potential exploitation. Following targeted improvements to their scanning infrastructure on Decembe…GBHACKERS.COM
11 Dec KEVActive Attacks Exploit Gladinet's Hard-Coded Keys for Unauthorized Access and Code ExecutionHuntress is warning of a new actively exploited vulnerability in Gladinet's CentreStack and Triofox products stemming from the use of hard-coded cryptographic keys that have affected nine organizations so far. "Threat actors can potentially abuse this as a way to access the web.c…THEHACKERNEWS.COM
11 Dec KEVGoogle Patches Mysterious Chrome Zero-Day Exploited in the WildThe Chrome zero-day does not have a CVE and it's unclear who reported it and which browser component it affects. The post Google Patches Mysterious Chrome Zero-Day Exploited in the Wild appeared first on SecurityWeek .SECURITYWEEK.COM
11 Dec700+ self-hosted Git instances battered in 0-day attacks (RCE in Gogs)submitted by solrize to cybersecurity 2 points | 0 comments https://www.theregister.com/2025/12/10/gogs_0day_under_active_exploitation/ Symlink bug in Gogs lets attacker commit a repo with a symlink pointing to a system file, and then Gogs will access the file under its own permi…SH.ITJUST.WORKS
11 Dec KEVGoogle fixes eighth Chrome zero-day exploited in attacks in 2025Google has released emergency updates to fix another Chrome zero-day vulnerability exploited in the wild, marking the eighth such security flaw patched since the start of the year. [...]BLEEPINGCOMPUTER.COM
11 DecChrome Targeted by Active In-the-Wild Exploit Tied to Undisclosed High-Severity FlawGoogle on Wednesday shipped security updates for its Chrome browser to address three security flaws, including one it said has come under active exploitation in the wild. The vulnerability, rated high in severity, is being tracked under the Chromium issue tracker ID "466192044." …THEHACKERNEWS.COM
11 DecWide Range of Malware Delivered in React2Shell AttacksCybersecurity companies have been seeing a wide range of malware being delivered in attacks exploiting the critical React vulnerability dubbed React2Shell. A researcher discovered recently that React, the popular open source library for creating application user interfaces, is af…SECURITYWEEK.COM
11 DecUnpatched Gogs Zero-Day Exploited for MonthsThe exploited flaw allows attackers to overwrite files outside the repository, leading to remote code execution. The post Unpatched Gogs Zero-Day Exploited for Months appeared first on SecurityWeek .SECURITYWEEK.COM
11 DecPierce County Library Data Breach Impacts 340,000In April 2025, hackers stole personal information belonging to patrons and employees and their family members. The post Pierce County Library Data Breach Impacts 340,000 appeared first on SecurityWeek .SECURITYWEEK.COM
11 DecHackers exploit unpatched Gogs zero-day to breach 700 serversAn unpatched zero-day vulnerability in Gogs, a popular self-hosted Git service, has enabled attackers to gain remote code execution on Internet-facing instances and compromise hundreds of servers. [...]BLEEPINGCOMPUTER.COM
11 DecNANOREMOTE Malware Uses Google Drive API for Hidden Control on Windows SystemsCybersecurity researchers have disclosed details of a new fully-featured Windows backdoor called NANOREMOTE that uses the Google Drive API for command-and-control (C2) purposes. According to a report from Elastic Security Labs, the malware shares code similarities with another im…THEHACKERNEWS.COM
11 Dec.NET SOAPwn Flaw Opens Door for File Writes and Remote Code Execution via Rogue WSDLsubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/12/net-soapwn-flaw-opens-door-for-file.htmlSH.ITJUST.WORKS
11 DecCybersecurity isn’t underfunded — It’s undermanagedMuch of the narrative I come across online around cybersecurity budgets revolves around convincing the Board and justifying investments. Some approaches are built around financial models and aim at justifying return on investment. Some others focus on quantifying risk and showing…CSOONLINE.COM
11 DecAIs Exploiting Smart ContractsI have long maintained that smart contracts are a dumb idea: that a human process is actually a security feature. Here’s some interesting research on training AIs to automatically exploit smart contracts: AI models are increasingly good at cyber tasks, as we’ve writte…SCHNEIER.COM
11 DecNew ClickFix Attacks Exploit Official ChatGPT Website to Deliver macOS InfostealerInfostealers have become 2025’s fastest-growing cyberthreat, targeting all operating systems and regions with sophisticated social engineering tactics. In a new campaign discovered by Kaspersky experts, attackers are exploiting users’ interest in OpenAI’s Atlas …GBHACKERS.COM
11 DecNew “SOAPwn” .NET Flaws Expose Barracuda, Ivanti, and Microsoft Devices to RCESecurity researchers have unveiled a critical series of vulnerabilities in the .NET Framework’s HTTP client proxy architecture, dubbed “SOAPwn,” that enables remote code execution across multiple enterprise-grade platforms. Presented at Black Hat Europe 2025 by …GBHACKERS.COM
11 DecHackers Are Using Shared AI Chats to Steal Your Passwords and CryptoA sophisticated malvertising campaign is exploiting ChatGPT and DeepSeek’s shared chat features to deliver credential-stealing malware to macOS users. Threat actors are purchasing sponsored Google search results and redirecting victims to legitimate-looking LLM-generated ch…GBHACKERS.COM
11 DecCISA Releases 12 Industrial Control Systems AdvisoriesCISA released 12 Industrial Control Systems (ICS) Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.  ICSA-25-345-01 Johnson Controls iSTAR ICSA-25-345-02 Johnson Controls iSTAR Ultra ICSA-25-…CISA.GOV
11 DecHackers exploit Gladinet CentreStack cryptographic flaw in RCE attacksHackers are exploiting a new, undocumented vulnerability in the implementation of the cryptographic algorithm present in Gladinet's CentreStack and Triofox products for secure remote file access and sharing. [...]BLEEPINGCOMPUTER.COM
11 DecWie im Netz gezielt manipuliert wirdCyberkriminelle nutzen SIM-Karten vom Graumarkt für virtuelle Bot-Armeen. K2LStudio – shutterstock.com Ein umfangreicher internationaler Graumarkt mit SIM-Mobilfunkkarten fördert im großen Stil Manipulationen und Betrügereien im Internet. Nach einer Studie der Universität Cambrid…CSOONLINE.COM
11 DecDNS Spoofing for Firmware Updates🚨 Dive into the world of DNS spoofing and firmware interception! In this clip, Paul reveals how controlling DNS can lead to intercepting traffic and manipulating firmware updates. With the rise of IoT vulnerabilities, understanding these tactics is crucial. Subscribe to our podca…YOUTUBE.COM
11 DecAdversarial Poetry and the Efficacy of AI GuardrailsWe investigate the rise of adversarial poetry in AI security. Understand how metaphor-based exploits circumvent guardrails and the defenses we need for LLMs moving forward.F5.COM
11 DecAdversarial Poetry and the Efficacy of AI GuardrailsWe investigate the rise of adversarial poetry in AI security. Understand how metaphor-based exploits circumvent guardrails and the defenses we need for LLMs moving forward.F5.COM
11 DecIntroducing mrva, a terminal-first approach to CodeQL multi-repo variant analysisIn 2023 GitHub introduced CodeQL multi-repository variant analysis (MRVA). This functionality lets you run queries across thousands of projects using pre-built databases and drastically reduces the time needed to find security bugs at scale. There’s just one problem: it’s largely…TRAILOFBITS.COM
📋 SECURITY BULLETINS 2[−]
11 DecThreatsDay Bulletin: Spyware Alerts, Mirai Strikes, Docker Leaks, ValleyRAT Rootkit — and 20 More StoriesThis week’s cyber stories show how fast the online world can turn risky. Hackers are sneaking malware into movie downloads, browser add-ons, and even software updates people trust. Tech giants and governments are racing to plug new holes while arguing over privacy and control. An…THEHACKERNEWS.COM
11 DecA big finish to 2025 in December’s Patch TuesdayA month with no Critical-severity Windows bugs is overshadowed by a mass of Mariner mop-upSOPHOS.COM
📢 SECURITY ADVISORIES 6[−]
11 DecHow to justify your security investmentsIn modern corporate environments, investments in security technologies are no longer judged solely on technical maturity. Funding increasingly depends on the extent to which they can generate revenue, mitigate risks, and create shareholder value. As a result, CISOs are expected t…CSOONLINE.COM
11 DecCISA: Pro-Russia Hacktivists Target US Critical Infrastructuresubmitted by kid to cybersecurity 3 points | 0 comments https://www.darkreading.com/threat-intelligence/hactivists-target-critical-infrastructureSH.ITJUST.WORKS
11 DecJust a moment...submitted by kid to cybersecurity 1 points | 0 comments https://securityboulevard.com/2025/12/nist-plans-to-build-threat-and-mitigation-taxonomy-for-ai-agents/SH.ITJUST.WORKS
🔥 INCIDENT REPORTING 11[−]
11 DecGOLD SALEM tradecraft for deploying Warlock ransomwareAnalysis of the tradecraft evolution across 6 months and 11 incidentsSOPHOS.COM
11 DecJapanese Firms Suffer Long Tail of Ransomware Damagesubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/cyberattacks-data-breaches/japanese-firms-suffer-long-tail-ransomware-damageSH.ITJUST.WORKS
11 DecAI is accelerating cyberattacks. Is your network prepared?AI-driven attacks now automate reconnaissance, generate malware variants, and evade detection at a speed that overwhelms traditional defenses. Corelight explains how network detection and response (NDR) provides the visibility and behavioral insights SOC teams need to spot and st…BLEEPINGCOMPUTER.COM
11 DecBreach of 120 000 IP cameras in South Korea: security tips | Kaspersky official blogThe hack of 120 000 IP cameras across South Korea led to the production and sale of sexually explicit footage. We break down how IP cameras work — and how to secure them.KASPERSKY.COM
11 DecUK fines LastPass over 2022 data breach impacting 1.6 million usersThe UK Information Commissioner's Office (ICO) fined the LastPass password management firm £1.2 million for failing to implement security measures that allowed an attacker to steal personal information and encrypted password vaults belonging to up to 1.6 million UK users in a 202…BLEEPINGCOMPUTER.COM
11 DecNew DroidLock Malware Locks Android Devices and Demands Ransom PaymentThe zLabs research team has identified a sophisticated new threat campaign targeting Spanish Android users through a malware strain called DroidLock. Unlike traditional ransomware that encrypts files, this Android-focused threat employs a more direct approach locking devices with…GBHACKERS.COM
11 DecNew 01Flip Ransomware Targets Both Windows and Linux SystemsSecurity researchers at Palo Alto Networks Unit 42 have identified a newly emerging ransomware family, 01flip, that represents a significant shift in malware development tactics. Discovered in June 2025, this sophisticated threat is entirely written in Rust a modern programming l…GBHACKERS.COM
11 DecUS banks scramble to assess data theft after hackers breach financial tech firm | TechCrunchsubmitted by ItWasntme223 to cybersecurity 2 points | 0 comments https://techcrunch.com/2025/11/24/us-banks-scramble-to-assess-data-theft-after-hackers-breach-financial-tech-firm/INFOSEC.PUB
11 DecBattering RAM hardware hack breaks secure CPU enclavesConfidential computing, powered by hardware technologies such as Intel SGX (Software Guard Extensions) and AMD SEV (Secure Encrypted Virtualization), promises strong isolation and transparent memory encryption. Designed to protect against privileged attackers and physical threats…CSOONLINE.COM
11 DecNotepad++ fixes flaw that let attackers push malicious update filesNotepad++ version 8.8.9 was released to fix a security weakness in its WinGUp update tool after researchers and users reported incidents in which the updater retrieved malicious executables instead of legitimate update packages. [...]BLEEPINGCOMPUTER.COM
11 DecBlack Hat Europe 2025: Reputation matters – even in the ransomware economyBeing seen as reliable is good for ‘business’ and ransomware groups care about 'brand reputation' just as much as their victimsWELIVESECURITY.COM
🕵️ THREAT INTELLIGENCE 28[−]
11 DecGitLab discovers widespread npm supply chain attacksubmitted by cm0002 to cybersecurity 1 points | 1 comments https://about.gitlab.com/blog/gitlab-discovers-widespread-npm-supply-chain-attack/INFOSEC.PUB
11 DecISC Stormcast For Thursday, December 11th, 2025 https://isc.sans.edu/podcastdetail/9734, (Thu, Dec 11th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
11 DecUsing AI Gemma 3 Locally with a Single CPU , (Wed, Dec 10th)Several months ago, I got a Nucbox K8 Plus minicomputer to use as a Proxmox 9 server. At the time of this acquisition, I didn&#;x26;#;39;t realize this minicomputer had an artificial intelligence (AI) engine [ 1 ] build in the CPU that could …ISC.SANS.EDU
11 DecSecurity Alert: 19 Fake PNG Extensions Found in VS Code MarketplaceReversingLabs (RL) researchers have identified a sophisticated supply chain campaign involving 19 malicious Visual Studio Code (VS Code) extensions. The campaign, which has been active since February 2025 and was uncovered on December 2, 2025, leverages the trust inherent in the …GBHACKERS.COM
11 DecNew “Spiderman” Phishing Kit Lets Hackers Build Fake Bank Login Pages InstantlyA sophisticated phishing toolkit dubbed “Spiderman” has emerged as a significant threat to European banking customers, enabling cybercriminals to create convincing fake login pages for dozens of financial institutions with just a few clicks. This development marks a d…GBHACKERS.COM
11 DecLW ROUNDTABLE: Lessons from 2025 — Cyber risk got personal; accountability enters a new phaseIn 2025, the stakes changed. CISOs were hauled into courtrooms. Boards confronted a wave of shareholder lawsuits. And the rise of autonomous systems introduced fresh ambiguity and risk around who’s accountable when algorithms act. Part one of a four-part series … (more…) Th…LASTWATCHDOG.COM
11 DecIBM Patches Over 100 VulnerabilitiesMost of the 100 vulnerabilities resolved this week, including critical flaws, were in third-party dependencies. The post IBM Patches Over 100 Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
11 DecWIRTE Leverages AshenLoader Sideloading to Install the AshTag Espionage BackdoorAn advanced persistent threat (APT) known as WIRTE has been attributed to attacks targeting government and diplomatic entities across the Middle East with a previously undocumented malware suite dubbed AshTag since 2020. Palo Alto Networks is tracking the activity cluster under t…THEHACKERNEWS.COM
11 DecNew DroidLock malware locks Android devices and demands a ransomsubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/new-droidlock-malware-locks-android-devices-and-demands-a-ransom/SH.ITJUST.WORKS
11 DecClickFix Style Attack Uses Grok, ChatGPT for Malware Deliverysubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/vulnerabilities-threats/clickfix-style-attack-grok-chatgpt-malwareSH.ITJUST.WORKS
11 DecMITRE Posts Results of 2025 ATT&CK Enterprise EvaluationsEleven companies took part in the evaluations and several have boasted 100% detection and coverage rates. The post MITRE Posts Results of 2025 ATT&CK Enterprise Evaluations appeared first on SecurityWeek .SECURITYWEEK.COM
11 DecFormer Accenture Employee Charged Over Cybersecurity FraudDanielle Hillmer allegedly concealed the fact that her employer’s cloud platform did not meet DoD requirements. The post Former Accenture Employee Charged Over Cybersecurity Fraud appeared first on SecurityWeek .SECURITYWEEK.COM
11 DecInvisible IT is becoming the next workplace priority - Help Net Securitysubmitted by kid to cybersecurity 2 points | 0 comments https://www.helpnetsecurity.com/2025/12/08/invisible-it-workplace-priority/SH.ITJUST.WORKS
11 DecOver 10,000 Docker Hub images found leaking credentials, auth keyssubmitted by kid to cybersecurity 3 points | 0 comments https://www.bleepingcomputer.com/news/security/over-10-000-docker-hub-images-found-leaking-credentials-auth-keys/SH.ITJUST.WORKS
11 DecAI Agents: The Next Big Challenge in Identity ManagementAgent identity and access management are crucial for cybersecurity. As agents become ubiquitous in both business and consumer sectors, organizations face the challenge of verifying identities and managing permissions. How will you ensure secure access? Subscribe to our podcasts: …YOUTUBE.COM
11 DecVirtual Event Today: Cyber AI & Automation Summit Day 2Day two of the Cyber AI & Automation Summit kicks off at 11AM ET. If you weren't able to attend yesterday, all Day One sessions are already available on-demand. The post Virtual Event Today: Cyber AI & Automation Summit Day 2 appeared first on SecurityWeek .SECURITYWEEK.COM
11 Dec1inch Named Exclusive Swap Provider at Launch for Ledger MultisigRoad Town, British Virgin Islands, December 11th, 2025, CyberNewsWire 1inch, the leading DeFi ecosystem, has been selected as the exclusive swap provider at launch for Ledger Multisig, deepening the collaboration between the two projects. By integrating the 1inch Swap API into it…GBHACKERS.COM
11 DecINE Highlights Enterprise Shift Toward Hands-On Training Amid Widening Skills GapsCary, North Carolina, USA, December 11th, 2025, CyberNewsWire As AI accelerates job transformation, INE supports organizations reallocating Q4 budgets to experiential, performance-driven upskilling. With 90% of organizations facing critical skills gaps (ISC2) and AI reshaping job…GBHACKERS.COM
11 DecCharming Kitten Leak Reveals Key Operatives, Front Firms, and Massive Global CompromiseThe latest materials from the Charming Kitten network access reveal three significant findings that expand our understanding of Iran’s APT35 cyber operations: complete salary records for operative teams, expanded surveillance platform capabilities, and a classified 2004 doc…GBHACKERS.COM
11 DecValleyRAT Malware Evades Windows 11 Security with Stealthy Driver InstallCheck Point Research (CPR) has published a comprehensive analysis of ValleyRAT, a widely distributed backdoor also known as Winos/Winos4.0, revealing its sophisticated modular architecture and dangerous kernel-mode rootkit capabilities. The research demonstrates how the malware&#…GBHACKERS.COM
11 DecContractors with hacking records accused of wiping 96 govt databasessubmitted by ItWasntme223 to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/contractors-with-hacking-records-accused-of-wiping-96-govt-databases/INFOSEC.PUB
11 DecImposter for hire: How fake people can gain very real accessFake employees are an emerging cybersecurity threat. Learn how they infiltrate organizations and what steps you can take to protect your business. The post Imposter for hire: How fake people can gain very real access appeared first on Microsoft Security Blog .MICROSOFT.COM
11 DecNANOREMOTE Malware Uses Google Drive API for Hidden Control on Windows Systemssubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/12/nanoremote-malware-uses-google-drive.htmlSH.ITJUST.WORKS
11 DecFresh CKS (and CKA) tips and takeawayssubmitted by fhoekstra to cloudsecurity 1 points | 0 comments cross-posted from: feddit.nl/post/47882275 fhoekstra.eu/posts/cks-tips/INFOSEC.PUB
11 DecNew DroidLock malware locks Android devices and demands a ransomsubmitted by ItWasntme223 to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/new-droidlock-malware-locks-android-devices-and-demands-a-ransom/INFOSEC.PUB
11 DecRedefining Workspace: Prisma Browser Secures Leadership in Frost RadarPrisma Browser is the Frost Radar leader for ZTBS! Learn how our Precision AI-powered security transforms your browser from attack vector to defense. The post Redefining Workspace: Prisma Browser Secures Leadership in Frost Radar appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
11 DecTech Segment: MITM Automation + Security News - Josh Bressers - PSW #904This week in our technical segment, you will learn how to build a MITM proxy device using Kali Linux, some custom scripts, and a Raspberry PI! In the security news: - Hacking Smart BBQ Probes - China uses us as a proxy - LOLPROX and living off the Hypervisor - Are we overreating …YOUTUBE.COM
11 DecNews alert: INE sees surge in Q4 budget shifts as enterprises embrace hands-on training for AI rolesCARY, N.C., Dec. 11, 2025, CyberNewswire — With 90% of organizations facing critical skills gaps (ISC2) and AI reshaping job roles across cybersecurity, cloud, and IT operations, enterprises are rapidly reallocating L&D budgets toward hands-on training that delivers measurabl…LASTWATCHDOG.COM
🌐 CYBER THREAT LANDSCAPE 3[−]
11 DecMalicious VSCode Marketplace extensions hid trojan in fake PNG fileA stealthy campaign with 19 extensions on the VSCode Marketplace has been active since February, targeting developers with malware hidden inside dependency folders. [...]BLEEPINGCOMPUTER.COM
11 DecSHADOW-VOID-042 Targets Multiple Industries with Void Rabisu-like TacticsIn November, a targeted spear-phishing campaign was observed using Trend Micro-themed lures against various industries, but this was quickly detected and thwarted by the Trend Vision One™ platform.TRENDMICRO.COM
11 DecPalestine Action: Operations and Global NetworkExplores Palestine Action’s post-designation global network, tactics, and targets, and evaluates key physical risks and mitigations for organizations.RECORDEDFUTURE.COM
📡 INFOSEC NEWS 9[−]
11 DecMicrosoft fixes Windows Explorer white flashes in dark modeMicrosoft has fixed a known issue that caused bright white flashes when launching File Explorer in dark mode on Windows 11 systems after installing the KB5070311 optional update. [...]BLEEPINGCOMPUTER.COM
11 DecThe Impact of Robotic Process Automation (RPA) on Identity and Access ManagementAs enterprises refine their strategies for handling Non-Human Identities (NHIs), Robotic Process Automation (RPA) has become a powerful tool for streamlining operations and enhancing security. However, since RPA bots have varying levels of access to sensitive information, enterpr…THEHACKERNEWS.COM
11 DecSecurity flaws in Freedom Chat app exposed users’ phone numbers and PINsThe founder of Freedom Chat said the company has reset user PINs and released a new version to app stores.TECHCRUNCH.COM
11 DecNew ConsentFix attack hijacks Microsoft accounts via Azure CLIA new variation of the ClickFix attack dubbed 'ConsentFix' abuses the Azure CLI OAuth app to hijack Microsoft accounts without the need for a password or to bypass multi-factor authentication (MFA) verifications. [...]BLEEPINGCOMPUTER.COM
11 DecMicrosoft bounty program now includes any flaw impacting its servicesMicrosoft now pays security researchers for finding critical vulnerabilities in any of its online services, regardless of whether the code was written by Microsoft or a third party. [...]BLEEPINGCOMPUTER.COM
11 DecA modern tale of blinkenlightsThis blog post demonstrates how a modern variant of an hardware attack found in the 2000's allowed the extraction of a €12 smartwatch's firmware using only cheap and robust hardware. Damien and Thomas (introduced later in this post) gave a talk on this subject at this year's leHA…QUARKSLAB.COM
11 DecBrave browser starts testing agentic AI mode for automated tasksBrave has introduced a new AI browsing feature that leverages Leo, its privacy-respecting AI assistant, to perform automated tasks for the user. [...]BLEEPINGCOMPUTER.COM
11 DecLocks, SOCs and a cat in a box: What Schrödinger can teach us about cybersecurityIf you don’t look inside your environment, you can’t know its true state – and attackers count on thatWELIVESECURITY.COM