🚨 CISA KEV 1[−]
17 Dec KEVCISA Adds Actively Exploited Fortinet Signature Verification Flaw to KEV CatalogThe Cybersecurity and Infrastructure Security Agency (CISA) has officially added CVE-2025-59718 to its Known Exploited Vulnerabilities (KEV) catalog, marking the latest Fortinet vulnerability being actively exploited in the wild. The flaw affects multiple Fortinet products and po…GBHACKERS.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 63[−]
17 Dec KEVFortiGate firewall credentials being stolen after vulnerabilities discoveredThreat actors aren’t wasting time taking advantage of newly-revealed vulnerabilities in Fortinet device authentication. Researchers at Arctic Wolf said they are seeing malicious single sign on (SSO) attempts trying to leverage the holes in FortiGate next generation firewalls sinc…CSOONLINE.COM
17 Dec KEVCISA Alerts on Actively Exploited Gladinet CentreStack and Triofox FlawsThe Cybersecurity and Infrastructure Security Agency (CISA) has issued a new alert regarding a critical security vulnerability affecting Gladinet CentreStack and Triofox. The agency has added this flaw to its Known Exploited Vulnerabilities (KEV) catalog, indicating that hackers …GBHACKERS.COM
17 DecNVIDIA Isaac Lab Flaw Enables Remote Code ExecutionNVIDIA has disclosed a critical security vulnerability in Isaac Lab, a component of the NVIDIA Isaac Sim framework, that could allow attackers to execute arbitrary code remotely. The company released security patches in December 2025 to address the deserialization flaw tracked as…GBHACKERS.COM
17 DecCVE-2025-38384 mtd: spinand: fix memory leak of ECC engine confInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-38386 ACPICA: Refuse to evaluate a method if arguments are missingInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-38389 drm/i915/gt: Fix timeline left held on VMA alloc errorInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-38387 RDMA/mlx5: Initialize obj_event->obj_sub_list before xa_insertInformation published.MSRC.MICROSOFT.COM
17 DecRussische APT-Gruppe greift westliche KRITIS-Betreiber anEine russische Cyberspionage-Kampagne zielt auf Energieversorger. Evgeny_V – shutterstock.com Das Team von Amazon Threat Intelligence stellte fest, dass eine vom russischen Staat geförderte Cyberspionagegruppe vermehrt Energieunternehmen und Anbieter kritischer Infrastrukturen (K…CSOONLINE.COM
17 DecJumpCloud agent turns uninstall into a system shortcutJumpCloud’s Remote Assist for Windows agent contained a critical local privilege escalation flaw, allowing full system compromise. Disclosed by XM Cyber, the vulnerability stems from insecure file operations during uninstall or update flows that execute with Windows NT AUTHORITY\…CSOONLINE.COM
17 DecCritical React2Shell flaw exploited in ransomware attacksA ransomware gang exploited the critical React2Shell vulnerability (CVE-2025-55182) to gain initial access to corporate networks and deployed the file-encrypting malware less than a minute later. [...]BLEEPINGCOMPUTER.COM
17 Dec KEVSonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 AppliancesSonicWall has rolled out fixes to address a security flaw in Secure Mobile Access (SMA) 100 series appliances that it said has been actively exploited in the wild. The vulnerability, tracked as CVE-2025-40602 (CVSS score: 6.6), concerns a case of local privilege escalation that a…THEHACKERNEWS.COM
17 DecForumTrol Operation Uses Chrome Zero-Day in Fresh Phishing AttacksThe ForumTroll APT group has resurfaced with a sophisticated phishing campaign targeting Russian academics, marking a significant escalation in their ongoing operations against entities in Russia and Belarus. While the group initially gained notoriety for exploiting CVE-2025-2783…GBHACKERS.COM
17 DecMicrosoft Desktop Window Manager Flaw Allows Privilege EscalationA critical vulnerability has been discovered in the Windows Desktop Window Manager (DWM) that could allow attackers to escalate privileges to system level. The flaw, tracked as CVE-2025-55681, resides in the dwmcore.dll component and was disclosed during the TyphoonPWN Windows se…GBHACKERS.COM
17 DecNagios XI 2026R1.1 Released to Patch Privilege Escalation VulnerabilityNagios has released version 2026R1.1 to address a critical privilege escalation vulnerability affecting earlier versions of its monitoring platform. The flaw, tracked as CVE-2025-34288, poses a significant risk to enterprise infrastructure by enabling local attackers to execute a…GBHACKERS.COM
17 DecCVE-2025-31133 runc container escape via "masked path" abuse due to mount race conditionsInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68223 drm/radeon: delete radeon_fence_process in is_signaled, no deadlockInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68201 drm/amdgpu: remove two invalid BUG_ON()sInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68266 bfs: Reconstruct file type when loading from diskInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-40354 drm/amd/display: increase max link count and fix link->enc NULL pointer accessInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68263 ksmbd: ipc: fix use-after-free in ipc_msg_send_requestInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68230 drm/amdgpu: fix gpu page fault after hibernation on PF passthroughInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68264 ext4: refresh inline data size before write operationsInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68231 mm/mempool: fix poisoning order>0 pages with HIGHMEMInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68219 cifs: fix memory leak in smb3_fs_context_parse_param error pathInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68261 ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock()Information published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68174 amd/amdkfd: enhance kfd process check in switch partitionInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-40355 sysfs: check visibility before changing group attribute ownershipInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68259 KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replacedInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68239 binfmt_misc: restore write access before closing files opened by open_exec()Information published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68257 comedi: check device's attached status in compat ioctlsInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68206 netfilter: nft_ct: add seqadj extension for natted connectionsInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68254 staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsingInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68237 mtdchar: fix integer overflow in read/write ioctlsInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-67897 In Sequoia before 2.1.0, aes_key_unwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an application by sending a victim an encrypted message with a crafted PKESK or SKESK packet.Information published.MSRC.MICROSOFT.COM
17 DecCVE-2025-13912 Potential non-constant time compiled code with Clang LLVMInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68224 scsi: core: Fix a regression triggered by scsi_host_busy()Information published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68193 drm/xe/guc: Add devm release action to safely tear down CTInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68190 drm/amdgpu/atom: Check kcalloc() for WS buffer in amdgpu_atom_execute_table_locked()Information published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68211 ksm: use range-walk function to jump over holes in scan_get_next_rmap_itemInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68255 staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsingInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68203 drm/amdgpu: fix lock warning in amdgpu_userq_fence_driver_processInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68196 drm/amd/display: Cache streams targeting link when performing LT automationInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68235 nouveau/firmware: Add missing kfree() of nvkm_falcon_fw::bootInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68229 scsi: target: tcm_loop: Fix segfault in tcm_loop_tpg_address_show()Information published.MSRC.MICROSOFT.COM
17 DecCVE-2025-40353 arm64: mte: Do not warn if the page is already tagged in copy_highpage()Information published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68214 timers: Fix NULL function pointer race in timer_shutdown_sync()Information published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68204 pmdomain: arm: scmi: Fix genpd leak on provider registration failureInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68175 media: nxp: imx8-isi: Fix streaming cleanup on releaseInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68236 scsi: ufs: ufs-qcom: Fix UFS OCP issue during UFS power down (PC=3)Information published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68227 mptcp: Fix proto fallback detection with BPFInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68256 staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parserInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68220 net: ethernet: ti: netcp: Standardize knav_dma_open_channel to return NULL on errorInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68222 pinctrl: s32cc: fix uninitialized memory in s32_pinctrl_descInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68281 ASoC: SDCA: bug fix while parsing mipi-sdca-control-cn-listInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68217 Input: pegasus-notetaker - fix potential out-of-bounds accessInformation published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68188 tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check()Information published.MSRC.MICROSOFT.COM
17 DecCVE-2025-68258 comedi: multiq3: sanitize config options in multiq3_attach()Information published.MSRC.MICROSOFT.COM
17 DecCVE-2025-2296 Un-verified kernel bypass Secure Boot mechanism in direct boot modeInformation published.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 22[−]
17 DecReact2Shell Vulnerability, Black Force Phishing Kit, Microsoft OAuth Attacks, and PornHub Data BreachIn this episode of Cybersecurity Today, host Jim Love discusses a range of pressing cybersecurity threats. The show covers the escalating React2Shell vulnerability, which has led to widespread automated exploitation campaigns involving crypto miners and back doors. Additionally, …CYBERSECURITYTODAY.LIBSYN.COM
17 DecClickFix Spoof of “Word Online” Used to Spread DarkGate MalwareA sophisticated social engineering campaign leveraging a fake “Word Online” extension error message has been discovered distributing the notorious DarkGate malware. This attack employs the increasingly popular “ClickFix” technique, where threat actors mani…GBHACKERS.COM
17 DecNew Moonwalk++ PoC Demonstrates How Malware Can Forge Windows Call Stacks to Evade DetectionSecurity researchers have unveiled a dangerous new technique that allows malware to completely hide its tracks by faking Windows call stacks a method designed to bypass modern endpoint detection systems. The technique, called Moonwalk++, extends previous research on Stack Moonwal…GBHACKERS.COM
17 DecBlind Eagle Hackers Exploit Trust to Bypass Email Security ControlsBlindEagle threat actors are exploiting compromised internal email accounts to launch spear-phishing campaigns that bypass traditional email security controls, targeting Colombian government agencies with sophisticated multi-stage malware attacks, according to Zscaler ThreatLabz …GBHACKERS.COM
17 DecChrome Security Update Fixes Remote Code Execution FlawsGoogle has released an emergency security update for the Chrome browser, addressing two high-severity vulnerabilities that could enable remote code execution attacks. The stable channel update version 143.0.7499.146/.147 is now rolling out to Windows, Mac, and Linux users. Criti…GBHACKERS.COM
17 DecThe devil of proposed SEC AI disclosure rule is in the detailsA US Securities and Exchange Commission committee has recommended a new rule that would mandate companies to analyze and report all AI efforts — including decisions to not use AI for some purposes. Attorneys who have studied the proposal note that the AI rule — just like the SEC’…CSOONLINE.COM
17 DecDux Emerges From Stealth Mode With $9 Million in FundingThe startup takes an agentic approach to preventing vulnerability exploitation by uncovering exposure across assets. The post Dux Emerges From Stealth Mode With $9 Million in Funding appeared first on SecurityWeek .SECURITYWEEK.COM
17 DecCybersecurity Hiring Trends as Boards Bridge Confidence Gap and Build Strategic Lever - BSW #426Business Security Weekly is well aware of the cybersecurity hiring challenges. From hiring CISOs to finding the right skills to developing your employees, we cover it weekly in the leadership and communications segment. But this week, our guest interview digs into the global cybe…YOUTUBE.COM
17 DecHackers exploit newly patched Fortinet auth bypass flawssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/hackers-exploit-newly-patched-fortinet-auth-bypass-flaws/SH.ITJUST.WORKS
17 DecA tool for monitoring integrity of bootchainsubmitted by nemesis1733 to cybersecurity 3 points | 0 comments Description : TPMGuard verifies that a computer’s boot process hasn’t been tampered with. On first run, it creates a trusted “golden” set of PCRs and later compares current values to detect changes, logging any diffe…SH.ITJUST.WORKS
17 DecGPU Efficiency in VLAI Model Trainingsubmitted by cm0002 to cybersecurity 1 points | 0 comments https://www.vulnerability-lookup.org/2025/12/12/gpu-efficiency-in-vlai-model-training/INFOSEC.PUB
17 DecChinese espionage crew 'Ink Dragon' expands its snooping activities into European government servers, security researchers saysubmitted by Sepia to cybersecurity 2 points | 0 comments https://www.theregister.com/2025/12/16/chinas_ink_dragon_hides_out/ cross-posted from: mander.xyz/post/43813312 Chinese espionage crew ‘Ink Dragon’ expands its snooping activities into European government servers In the la…INFOSEC.PUB
17 DecEOR Interview: 3 Key QuestionsUncover the critical questions to ask when choosing an Employer of Record (EOR) to ensure your global workforce is secure. Learn how legal presence, industry experience, and HR infrastructure play pivotal roles in cybersecurity. Subscribe to our podcasts: https://securityweekly.c…YOUTUBE.COM
17 DecMaybe a Little Bit More Interesting React2Shell Exploit, (Wed, Dec 17th)I have already talked about various React2Shell exploit attempts we have observed in the last weeks. But new varieties of the exploit are popping up, and the most recent one is using this particular version of the exploit:
ISC.SANS.EDU
17 DecSonicwall warns of new SMA1000 zero-day exploited in attacksSonicWall warned customers today to patch a vulnerability in the SonicWall SMA1000 Appliance Management Console (AMC) that was chained in zero-day attacks to escalate privileges. [...]BLEEPINGCOMPUTER.COM
17 DecApple & Google Emergency Patches for Zero DaysBreaking News: Apple and Google rush to patch zero-day vulnerabilities under active exploitation! 🍏🔒 Both tech giants have issued emergency updates to combat these sophisticated attacks, with Apple targeting WebKit vulnerabilities and Google addressing a Chrome memory access flaw…YOUTUBE.COM
17 Dec KEVCisco warns of unpatched AsyncOS zero-day exploited in attacksCisco warned customers today of an unpatched, maximum-severity Cisco AsyncOS zero-day actively exploited in attacks targeting Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) appliances. [...]BLEEPINGCOMPUTER.COM
17 DecCisco says Chinese hackers are exploiting its customers with a new zero-dayCisco said it discovered a Chinese hacking campaign targeting its customers by exploiting a zero-day in some of the company's most popular products.TECHCRUNCH.COM
17 DecHackers Can Seize Control of Car Dashboards Through Modem VulnerabilitiesImagine cruising down the highway in your brand-new electric car when suddenly the multimedia display fills with Doom, the iconic 3D shooter game completely replacing your navigation map and vehicle controls. Shockingly, this isn’t science fiction. Security researchers have…GBHACKERS.COM
17 DecGhostPoster Attack Uses PNG Icons to Compromise 50,000 Firefox UsersA sophisticated malware campaign dubbed “GhostPoster” has compromised approximately 50,000 Firefox users by exploiting browser extension icons. Security researchers at Koi Security discovered that malicious actors are embedding hidden malware payloads directly within …GBHACKERS.COM
17 DecZeroday Cloud hacking event awards $320,0000 for 11 zero daysThe Zeroday Cloud hacking competition in London has awarded researchers $320,000 for demonstrating critical remote code execution vulnerabilities in components used in cloud infrastructure. [...]BLEEPINGCOMPUTER.COM
17 DecChina’s Zero-Day Pipeline: From Discovery to DeploymentChina is consolidating cyber power through zero-days. Explore how state control of vulnerabilities enables long-term strategic advantage.RECORDEDFUTURE.COM
📢 SECURITY ADVISORIES 9[−]
17 DecDeliberate Internet ShutdownsFor two days in September, Afghanistan had no internet . No satellite failed; no cable was cut. This was a deliberate outage, mandated by the Taliban government. It followed a more localized shutdown two weeks prior, reportedly instituted “to prevent immoral activities.R…SCHNEIER.COM
17 DecFrance arrests suspect tied to cyberattack on Interior MinistryFrench authorities arrested a 22-year-old suspect on Tuesday for a cyberattack that targeted France's Ministry of the Interior earlier this month. [...]BLEEPINGCOMPUTER.COM
🔥 INCIDENT REPORTING 11[−]
17 DecAuto Parts Giant LKQ Confirms Oracle EBS BreachLKQ said the personal information of thousands of individuals was compromised as a result of the hacker attack. The post Auto Parts Giant LKQ Confirms Oracle EBS Breach appeared first on SecurityWeek .SECURITYWEEK.COM
17 DecVenezuelan Oil Company Downplays Alleged US Cyberattacksubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/cyber-risk/venezuela-oil-company-downplays-alleged-us-cyberattackSH.ITJUST.WORKS
17 DecFix SOC Blind Spots: See Threats to Your Industry & Country in Real TimeModern security teams often feel like they’re driving through fog with failing headlights. Threats accelerate, alerts multiply, and SOCs struggle to understand which dangers matter right now for their business. Breaking out of reactive defense is no longer optional. It’s the diff…THEHACKERNEWS.COM
17 DecUS Autoparts Maker LKQ Confirms Oracle EBS Breach - Infosecurity Magazinesubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/lkq-confirms-oracle-ebs-breach/SH.ITJUST.WORKS
17 DecNew ForumTroll Phishing Attacks Target Russian Scholars Using Fake eLibrary EmailsThe threat actor linked to Operation ForumTroll has been attributed to a fresh set of phishing attacks targeting individuals within Russia, according to Kaspersky. The Russian cybersecurity vendor said it detected the new activity in October 2025. The origins of the threat actor …THEHACKERNEWS.COM
17 DecChinese Hackers Turn Compromised Servers Into ShadowPad NodesA sophisticated Chinese threat actor tracked as Ink Dragon has been weaponizing a custom ShadowPad IIS Listener module to convert compromised servers into distributed relay nodes, according to research by Check Point Research. The tactic represents a significant escalation in the…GBHACKERS.COM
17 DecSingularity Linux Kernel Rootkit with klogctl Detection EvasionSingularity, a stealth-focused Linux Kernel Module (LKM) rootkit targeting modern 6.x kernels, has added a powerful log‐evasion capability that prevents its detection through traditional kernel logging interfaces such as klogctl. Designed as a “final boss” rootkit for defenders, …GBHACKERS.COM
17 DecAmazon: Ongoing cryptomining campaign uses hacked AWS accountsAmazon's AWS GuardDuty security team is warning of an ongoing crypto-mining campaign that targets its Elastic Compute Cloud (EC2) and Elastic Container Service (ECS) using compromised credentials for Identity and Access Management (IAM). [...]BLEEPINGCOMPUTER.COM
17 DecWeb Hosting Talk - 515,149 breached accountsIn July 2016, the Web Hosting Talk forum suffered a data breach that was subsequently listed for sale . The breach of the vBulletin based forum exposed 515k user records including usernames, email addresses, IP addresses and salted MD5 password hashes.HAVEIBEENPWNED.COM
17 DecThe $0 Transaction That Signaled a Nation-State CyberattackA $0 card test signaled a Chinese state-linked cyberattack on Anthropic’s AI platform. Learn how card-testing fraud intelligence spots nation-state ops early.RECORDEDFUTURE.COM
17 DecRisky Business #819 -- Venezuela (credibly?!) blames USA for wiper attackIn the final show of 2025, Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: React2Shell attacks continue, surprising no one The unholy combination of OAuth consent phishing, social engineering and Azure CLI Venezuela’s state oil firm gets ransomware…RISKY.BIZ
🕵️ THREAT INTELLIGENCE 33[−]
17 DecISC Stormcast For Wednesday, December 17th, 2025 https://isc.sans.edu/podcastdetail/9742, (Wed, Dec 17th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
17 DecParked Domains Emerge as a Primary Channel for Malware and PhishingThe landscape of domain parking has transformed dramatically over the past decade, shifting from a relatively benign monetization strategy to a sophisticated vector for cybercrime. New research into the modern parking ecosystem reveals a startling reality: over 90% of visitors to…GBHACKERS.COM
17 DecCellik Android Malware Uses One-Click APK Builder to Hide in Play Store AppsA newly discovered Android Remote Access Trojan (RAT) called Cellik is democratizing sophisticated mobile surveillance attacks by bundling advanced spyware capabilities with an automated tool that allows attackers to inject malicious code into legitimate Google Play Store applica…GBHACKERS.COM
17 DecTelekom startet System gegen BetrugsanrufeDer Call Check der Deutschen Telekom soll Smartphone-Kunden künftig vor betrügerischen Anrufen schützen. Sandwish Studio – shutterstock.com Jemand ruft an, die Nummer ist im eigenen Adressbuch nicht eingespeichert. Egal, man geht mal dran – und lässt sich von einem Unbekannten in…CSOONLINE.COM
17 DecGhostPoster Firefox Extensions Hide Malware in IconsThe malware hijacks purchase commissions, tracks users, removes security headers, injects hidden iframes, and bypasses CAPTCHA. The post GhostPoster Firefox Extensions Hide Malware in Icons appeared first on SecurityWeek .SECURITYWEEK.COM
17 DecForumTroll targets political scientists | Kaspersky official blogThe ForumTroll APT group is sending malicious emails to political scientists, imitating reports of plagiarism.KASPERSKY.COM
17 DecAmazon Threat Intelligence identifies Russian cyber threat group targeting Western critical infrastructure | Amazon Web Servicessubmitted by kid to cybersecurity 1 points | 0 comments https://aws.amazon.com/pt/blogs/security/amazon-threat-intelligence-identifies-russian-cyber-threat-group-targeting-western-critical-infrastructure/SH.ITJUST.WORKS
17 DecAdaptive Security Raises $81 Million in Series B FundingLed by Bain Capital Ventures, the investment round brings the total raised by the company to $146.5 million. The post Adaptive Security Raises $81 Million in Series B Funding appeared first on SecurityWeek .SECURITYWEEK.COM
17 DecDoes anyone think that a bunch of Computer Science/Software Engineering graduates unable to find jobs could result in increased cybercrime?submitted by Flax_vert to cybersecurity 3 points | 1 comments I’m just thinking of cases where a country takes over and exiles the old army, and it’s seen the rise of various terrorist groups as you’ve essentially left a bunch of military trained, often zealouse, young men withou…SH.ITJUST.WORKS
17 DecFive Cybersecurity Predictions for 2026: Identity, AI, and the Collapse of Perimeter ThinkingCybersecurity has always evolved in response to attacker innovation, but the pace of change over the last few years has been unprecedented—particularly with the emergence of weaponized AI to scale phishing, deepfakes, and voice cloning. As we head toward 2026, several structural …SECURITYWEEK.COM
17 DecChina-Linked Ink Dragon Hacks Governments Using ShadowPad and FINALDRAFT MalwareThe threat actor known as Jewelbug has been increasingly focusing on government targets in Europe since July 2025, even as it continues to attack entities located in Southeast Asia and South America. Check Point Research is tracking the cluster under the name Ink Dragon. It's als…THEHACKERNEWS.COM
17 Dec‘Featured’ Urban VPN caught stealing private AI chats | CSO Onlinesubmitted by kid to cybersecurity 1 points | 0 comments https://www.csoonline.com/article/4106949/featured-urban-vpn-caught-stealing-private-ai-chats.htmlSH.ITJUST.WORKS
17 DecPhishing Messages and Social Ads Flood Users Ahead of Christmas - Infosecurity Magazinesubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/phishing-messages-social-scams/SH.ITJUST.WORKS
17 DecNew $150 Cellik RAT Grants Android Control, Trojanizes Google Play AppsThe malware provides full device control and real-time surveillance capabilities like those of advanced spyware. The post New $150 Cellik RAT Grants Android Control, Trojanizes Google Play Apps appeared first on SecurityWeek .SECURITYWEEK.COM
17 DecRogue NuGet Package Poses as Tracer.Fody, Steals Cryptocurrency Wallet Datasubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/12/rogue-nuget-package-poses-as-tracerfody.htmlSH.ITJUST.WORKS
17 DecGhostPoster attacks hide malicious JavaScript in Firefox addon logossubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/ghostposter-attacks-hide-malicious-javascript-in-firefox-addon-logos/SH.ITJUST.WORKS
17 DecHacker Conversations: Alex Hall, One-time FraudsterA first-person journey from undetected fraud to defending trust—how life events, neurodiversity, and hard-won insight shaped a former fraudster into a fraud fighter. The post Hacker Conversations: Alex Hall, One-time Fraudster appeared first on SecurityWeek .SECURITYWEEK.COM
17 DecPartnering with Precision in 2026Partnering with precision, Palo Alto Networks focuses on deeper integration, built-in AI and a growth-focused ecosystem to secure the future. The post Partnering with Precision in 2026 appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
17 DecNMFTA Warns of Surge and Sophistication of Cyber-Enabled Cargo TheftThe trucking industry group has released its 2026 Transportation Industry Cybersecurity Trends Report. The post NMFTA Warns of Surge and Sophistication of Cyber-Enabled Cargo Theft appeared first on SecurityWeek .SECURITYWEEK.COM
17 DecChina's Ink Dragon hides out in European government networkssubmitted by kid to cybersecurity 1 points | 0 comments https://www.theregister.com/2025/12/16/chinas_ink_dragon_hides_out/SH.ITJUST.WORKS
17 DecMexico Unveils Its First National Cybersecurity Plan: A New Era of Digital ResilienceMexico has taken a major step toward strengthening its digital defenses with the official unveiling of its first National Cybersecurity Plan, a landmark initiative that establishes the country’s first specialized policy framework for cybersecurity.KNOWBE4.COM
17 DecRussian APT actor phishes the Baltics and the Balkanssubmitted by kid to cybersecurity 3 points | 0 comments https://strikeready.com/blog/russian-apt-actor-phishes-the-baltics-and-the-balkans/SH.ITJUST.WORKS
17 DecGhostPairing Attacks: from phone number to full access in WhatsAppsubmitted by kid to cybersecurity 1 points | 0 comments https://www.gendigital.com/blog/insights/research/ghostpairing-whatsapp-attackSH.ITJUST.WORKS
17 DecCellik Android malware builds malicious versions from Google Play appssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/cellik-android-malware-builds-malicious-versions-from-google-play-apps/SH.ITJUST.WORKS
17 DecAPT28 Targets Ukrainian UKR-net Users in Long-Running Credential Phishing CampaignThe Russian state-sponsored threat actor known as APT28 has been attributed to what has been described as a "sustained" credential-harvesting campaign targeting users of UKR[.]net, a webmail and news service popular in Ukraine. The activity, observed by Recorded Future's Insikt G…THEHACKERNEWS.COM
17 DecGuardDuty Extended Threat Detection uncovers cryptomining campaign on Amazon EC2 and Amazon ECSsubmitted by kid to cybersecurity 2 points | 0 comments https://aws.amazon.com/pt/blogs/security/cryptomining-campaign-targeting-amazon-ec2-and-amazon-ecs/SH.ITJUST.WORKS
17 DecInk Dragon's Relay Network and Stealthy Offensive Operationsubmitted by kid to cybersecurity 2 points | 0 comments https://research.checkpoint.com/2025/ink-dragons-relay-network-and-offensive-operation/SH.ITJUST.WORKS
17 DecAccess Fabric: A modern approach to identity and network accessAn Access Fabric is a unified access security solution that continuously decides who can access what, from where, and under what conditions—in real time. The post Access Fabric: A modern approach to identity and network access appeared first on Microsoft Security Blog .MICROSOFT.COM
17 DecWhatsApp device linking abused in account hijacking attacksThreat actors are abusing the legitimate device-linking feature to hijack WhatsApp accounts via pairing codes in a campaign dubbed GhostPairing. [...]BLEEPINGCOMPUTER.COM
17 DecKimsuky Hackers Use Weaponized QR Codes to Distribute Malicious Mobile AppsThreat researchers have uncovered a sophisticated mobile malware campaign attributed to North Korea-linked threat actor Kimsuky, leveraging weaponized QR codes and fraudulent delivery service impersonations to trick users into installing remote access trojans on their smartphones…GBHACKERS.COM
17 DecMicrosoft to Block Exchange Online Access from Outdated DevicesMicrosoft has announced a significant update to its device connectivity policies for Exchange Online, aimed at enhancing security and ensuring users are on modern protocols. Starting March 1, 2026, mobile devices running Exchange ActiveSync (EAS) versions older than 16.1 will no …GBHACKERS.COM
17 DecCybersecurity's Talent Crisis: Two Jobs for Every Expert!The cybersecurity sector is booming, with two job openings for every expert! Discover the challenges and opportunities in this talent-driven market. Subscribe to our podcasts: https://securityweekly.com/subscribe #TalentShortage #CISO #TechJobs #DigitalDefense #SecurityWeekly #Cy…YOUTUBE.COM
17 DecSHARED INTEL Q&A: This is how ‘edge AI’ is forcing a rethink of trust, security and resilienceA seismic shift in digital systems is underway — and most people are missing it. Related: Edge AI at the chip layer While generative AI demos and LLM hype steal the spotlight, enterprise infrastructure is being quietly re-architected, not from … (more…) The post SHARED INTE…LASTWATCHDOG.COM
🌐 CYBER THREAT LANDSCAPE 3[−]
17 DecGhostPoster Malware Found in 17 Firefox Add-ons with 50,000+ DownloadsA new campaign named GhostPoster has leveraged logo files associated with 17 Mozilla Firefox browser add-ons to embed malicious JavaScript code designed to hijack affiliate links, inject tracking code, and commit click and ad fraud. The extensions have been collectively downloade…THEHACKERNEWS.COM
17 DecKimwolf Botnet Hijacks 1.8 Million Android TVs, Launches Large-Scale DDoS AttacksA new distributed denial-of-service (DDoS) botnet known as Kimwolf has enlisted a massive army of no less than 1.8 million infected devices comprising Android-based TVs, set-top boxes, and tablets, and may be associated with another botnet known as AISURU, according to findings f…THEHACKERNEWS.COM
17 DecCyber on the Geopolitical, Battlefield: Beyond the, “Big FourˮOffensive cyber operations are spreading beyond the Big Four. Discover how regional conflicts are driving new state-linked cyber threats.RECORDEDFUTURE.COM
📡 INFOSEC NEWS 4[−]
17 DecSurveillance at sea: Cruise firm bans smart glasses to curb covert recordingIf you're planning a cruise for your holidays, and cannot bear the idea of being parted from your Ray-Ban Meta smart glasses, you may want to avoid sailing with MSC Cruises. The cruise line has updated its list of prohibited items, specifically banning smart glasses and similar w…BITDEFENDER.COM
17 DecMicrosoft asks IT admins to reach out for Windows IIS failures fixMicrosoft has asked businesses to reach out for advice on how to temporarily mitigate a Message Queuing (MSMQ) issue causing enterprise apps and Internet Information Services (IIS) sites to fail. [...]BLEEPINGCOMPUTER.COM
17 DecYour MFA Is Costing You Millions. It Doesn't Have To.Passwords and app-based MFA add hidden costs through lost productivity, frequent resets, and risk of phishing and social engineering attacks. Token explains how wireless biometric, passwordless authentication eliminates credential-based attacks and delivers measurable financial r…BLEEPINGCOMPUTER.COM
17 DecBlueDelta’s Persistent Campaign Against UKR.NETDiscover how Russia’s BlueDelta targets UKR.NET users with advanced credential-harvesting campaigns, evolving tradecraft, and multi-stage phishing techniques.RECORDEDFUTURE.COM