111Articles
8Categories
2025-12-18Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 37[−]
18 DecMicrosoft warns MSMQ may fail after update, breaking appsA warning from Microsoft that a Windows patch issued last week may cause the Message Queuing (MSMQ) function in the operating system to malfunction could be behind multiple reports of internet of things (IoT) applications failing. David Shipley , head of Canadian security awarene…CSOONLINE.COM
18 Dec KEVCISA Flags Critical ASUS Live Update Flaw After Evidence of Active ExploitationThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting ASUS Live Update to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2025-59374 (CVSS score: 9…THEHACKERNEWS.COM
18 DecChina-Linked Hackers Exploiting Zero-Day in Cisco Security GearThe critical zero-day is tracked as CVE-2025-20393 and it impacts Secure Email Gateway and Secure Email and Web Manager appliances. The post China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear appeared first on SecurityWeek .SECURITYWEEK.COM
18 DecCritical Node.js Library Flaw Lets Hackers Execute Remote Commands on WindowsA severe command injection vulnerability has been discovered in systeminformation, a widely-used Node.js library for retrieving system information. The flaw, tracked as CVE-2025-68154, allows attackers to execute arbitrary commands on Windows systems when applications pass user i…GBHACKERS.COM
18 DecCVE-2025-37961 ipvs: fix uninit-value for saddr in do_output_route4Information published.MSRC.MICROSOFT.COM
18 DecCVE-2025-37959 bpf: Scrub packet on bpf_redirect_peerInformation published.MSRC.MICROSOFT.COM
18 DecCVE-2025-38334 x86/sgx: Prevent attempts to reclaim poisoned pagesInformation published.MSRC.MICROSOFT.COM
18 DecCVE-2025-38363 drm/tegra: Fix a possible null pointer dereferenceInformation published.MSRC.MICROSOFT.COM
18 DecCVE-2025-38371 drm/v3d: Disable interrupts before resetting the GPUInformation published.MSRC.MICROSOFT.COM
18 DecNew Reports Reveal WAFs Are Ineffective Against Latest React2Shell ExploitTEL AVIV, Israel, Dec. 17, 2025 Miggo Security has released a comprehensive benchmark study revealing critical gaps in Web Application Firewall (WAF) protection, with the discovery of React2Shell (CVE-2025-55182) serving as a stark real-world validation of these vulnerabilities. …GBHACKERS.COM
18 DecHackers Actively Exploit SonicWall SMA1000 Zero-Day to Escalate PrivilegesSonicWall has issued an urgent security advisory warning of active exploitation of a local privilege escalation vulnerability affecting its SMA1000 appliances. The flaw, tracked as CVE-2025-40602, enables attackers with management console access to gain elevated privileges and po…GBHACKERS.COM
18 DecCritical Apache Commons Text Flaw Lets Hackers Execute Remote CodeA critical remote code execution vulnerability has been discovered in Apache Commons Text, affecting all versions prior to 1.10.0. The flaw, tracked as CVE-2025-46295, poses a significant security risk to organizations relying on the widely-used Java library for text manipulation…GBHACKERS.COM
18 DecCISA Warns of Exploited Flaw in Asus Update ToolTracked as CVE-2025-59374, the issue is a software backdoor implanted in Asus Live Update in a supply chain attack. The post CISA Warns of Exploited Flaw in Asus Update Tool appeared first on SecurityWeek .SECURITYWEEK.COM
18 DecHPE Patches Critical Flaw in IT Infrastructure Management SoftwareTracked as CVE-2025-37164, the critical flaw could allow unauthenticated, remote attackers to execute arbitrary code. The post HPE Patches Critical Flaw in IT Infrastructure Management Software appeared first on SecurityWeek .SECURITYWEEK.COM
18 DecHPE OneView Flaw Rated CVSS 10.0 Allows Unauthenticated Remote Code ExecutionHewlett Packard Enterprise (HPE) has resolved a maximum-severity security flaw in OneView Software that, if successfully exploited, could result in remote code execution. The critical vulnerability, assigned the CVE identifier CVE-2025-37164, carries a CVSS score of 10.0. HPE One…THEHACKERNEWS.COM
18 DecHPE OneView Vulnerability Allows Remote Code Execution AttacksA severe security vulnerability has been discovered in Hewlett Packard Enterprise OneView software, threatening enterprise infrastructure across data centers and hybrid cloud environments. The flaw, tracked as CVE-2025-37164, carries a maximum CVSS 3.1 severity score of 10.0, ind…GBHACKERS.COM
18 Dec KEVActively Exploited ASUS Vulnerability Added to CISA’s KEV ListThe Cybersecurity and Infrastructure Security Agency (CISA) has added a critical ASUS vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, signaling active exploitation in the wild. CVE-2025-59374 affects ASUS Live Update software and stems from a sophisticated sup…GBHACKERS.COM
18 DecCVE-2025-65046 Microsoft Edge (Chromium-based) Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
18 DecChromium: CVE-2025-14766 Use after free in WebGPUThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
18 DecChromium: CVE-2025-14765 Out of bounds read and write in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
18 DecCVE-2025-65041 Microsoft Partner Center Elevation of Privilege VulnerabilityImproper authorization in Microsoft Partner Center allows an unauthorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
18 DecCVE-2025-65037 Azure Container Apps Remote Code Execution VulnerabilityImproper control of generation of code ('code injection') in Azure Container Apps allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
18 DecCVE-2025-64676 Microsoft Purview eDiscovery Remote Code Execution Vulnerability'.../...//' in Microsoft Purview allows an authorized attacker to execute code over a network.MSRC.MICROSOFT.COM
18 DecCVE-2025-64675 Azure Cosmos DB Spoofing VulnerabilityImproper neutralization of input during web page generation ('cross-site scripting') in Azure Cosmos DB allows an unauthorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
18 DecCVE-2025-64677 Office Out-of-Box Experience Spoofing VulnerabilityImproper neutralization of input during web page generation ('cross-site scripting') in Office Out-of-Box Experience allows an unauthorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 25[−]
18 Dec‘Ink Dragon’ threat group targets IIS servers to build stealthy global networkA Chinese-linked threat group identified as “Ink Dragon” is targeting common weaknesses in Internet Information Services (IIS) servers to build a global espionage network that is difficult to track or disrupt, security vendor Check Point has reported. Also nicknamed “Earth Alux,”…CSOONLINE.COM
18 DecSmashing Security podcast #448: The Kindle that got pwnedThink your Kindle is harmless? Think again! In this episode, we unpack a Black Hat Europe talk revealing how a boobytrapped audiobook could exploit the Amazon eBook reader - potentially letting an attacker break into your account and seize control of your credit card. Plus a blas…GRAHAMCLULEY.COM
18 Dec KEVCisco Warns of Active Attacks Exploiting Unpatched 0-Day in AsyncOS Email Security AppliancesCisco has alerted users of a maximum-severity zero-day flaw in Cisco AsyncOS software that has been actively exploited by a China-nexus advanced persistent threat (APT) actor codenamed UAT-9686 in attacks targeting Cisco Secure Email Gateway and Cisco Secure Email and Web Manager…THEHACKERNEWS.COM
18 DecHackers Actively Target Cisco and Palo Alto VPN Gateways to Steal Login CredentialsCybersecurity researchers at GreyNoise have identified a large-scale, coordinated campaign targeting enterprise VPN authentication systems. The attackers are systematically attempting to breach Cisco SSL VPN and Palo Alto Networks GlobalProtect services through credential-based a…GBHACKERS.COM
18 DecCybercriminals Registering Fake Shopping Domains to Target Users This Holiday SeasonAs the global holiday shopping season reaches its peak, cybersecurity researchers have uncovered a massive, industrialized operation designed to defraud consumers through a sophisticated network of counterfeit e-commerce sites. In a report released in November 2025, PreCrime™ Lab…GBHACKERS.COM
18 DecCisco AsyncOS 0-Day Allows Remote Execution of System CommandsCisco Talos has uncovered an active campaign exploiting a zero-day vulnerability in Cisco AsyncOS Software, affecting Cisco Secure Email Gateway and Cisco Secure Email and Web Manager. The security flaw enables attackers to execute system-level commands remotely and deploy sophis…GBHACKERS.COM
18 DecD&O liability protection rising for security leaders — unless you’re a midtier CISOSmaller firms are far less likely than multinationals to protect their CISOs from personal liability for security breaches, according to a study by RSAC. Experts quizzed by CSO said the finding was concerning because without protection CISOs face legal and financial risk tied to …CSOONLINE.COM
18 DecSonicWall Patches Exploited SMA 1000 Zero-DayThe medium-severity flaw has been exploited in combination with a critical bug for remote code execution. The post SonicWall Patches Exploited SMA 1000 Zero-Day appeared first on SecurityWeek .SECURITYWEEK.COM
18 DecCisco confirms zero-day exploitation of Secure Email productsCisco has warned that a China-linked hacking group is actively exploiting a previously unknown vulnerability in its Secure Email appliances to gain persistent access, forcing affected organizations to consider disruptive rebuilds of critical security infrastructure while patches …CSOONLINE.COM
18 DecHPE warns of maximum severity RCE flaw in OneView softwareHewlett Packard Enterprise (HPE) has patched a maximum-severity vulnerability in its HPE OneView software that enables attackers to execute arbitrary code remotely. [...]BLEEPINGCOMPUTER.COM
18 DecHuman-in-the-loop isn’t enough: New attack turns AI safeguards into exploitsHuman-in-the-loop (HITL) safeguards that AI agents rely on can be subverted, allowing attackers to weaponize them to run malicious code, new research from CheckMarx shows. HITL dialogs are a safety backstop (a final “are you sure?”) that the agents run before executing sensitive …CSOONLINE.COM
18 DecThe Case for Dynamic AI-SaaS Security as Copilots ScaleWithin the past year, artificial intelligence copilots and agents have quietly permeated the SaaS applications businesses use every day. Tools like Zoom, Slack, Microsoft 365, Salesforce, and ServiceNow now come with built-in AI assistants or agent-like features. Virtually every …THEHACKERNEWS.COM
18 DecMotors WordPress Vulnerability Exposes Sites to Takeover - Infosecurity Magazinesubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/motors-wordpress-flaw-takeover/SH.ITJUST.WORKS
18 DecZeroday Cloud hacking event awards $320,0000 for 11 zero dayssubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/zeroday-cloud-hacking-event-awards-320-0000-for-11-zero-days/SH.ITJUST.WORKS
18 DecThreatsDay Bulletin: WhatsApp Hijacks, MCP Leaks, AI Recon, React2Shell Exploit and 15 More StoriesThis week’s ThreatsDay Bulletin tracks how attackers keep reshaping old tools and finding new angles in familiar systems. Small changes in tactics are stacking up fast, and each one hints at where the next big breach could come from. From shifting infrastructures to clever social…THEHACKERNEWS.COM
18 DecCisco warns of unpatched AsyncOS zero-day exploited in attackssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/cisco-warns-of-unpatched-asyncos-zero-day-exploited-in-attacks/SH.ITJUST.WORKS
18 DecUEFI Vulnerability in Major Motherboards Enables Early-Boot AttacksASRock, Asus, Gigabyte, and MSI motherboards are vulnerable to early-boot DMA attacks. The post UEFI Vulnerability in Major Motherboards Enables Early-Boot Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
18 DecUS seizes E-Note crypto exchange for laundering ransomware paymentsLaw enforcement has seized the servers and domains of the E-Note cryptocurrency exchange, allegedly used by cybercriminal groups to launder more than $70 million. [...]BLEEPINGCOMPUTER.COM
18 DecSomeone Boarded a Plane at Heathrow Without a Ticket or PassportI’m sure there’s a story here : Sources say the man had tailgated his way through to security screening and passed security, meaning he was not detected carrying any banned items. The man deceived the BA check-in agent by posing as a family member who had their passpo…SCHNEIER.COM
18 DecWhatsApp accounts targeted in ‘GhostPairing’ attackA warning for WhatsApp users: cybercriminals have discovered an alarmingly simple way to access a user’s conversations in real time by manipulating the app’s device pairing or linking routine. Termed ‘ GhostPairing ’ by researchers at security company Gen Digital (owner of Norton…CSOONLINE.COM
18 DecA Vulnerability in Cisco AsyncOS Could Allow for Remote Code ExecutionA vulnerability has been discovered in Cisco AsyncOS, which could allow for remote code execution. AsyncOS is the operating system used by Cisco Secure Email Gateway and Cisco Secure Email and Web Manager. Successful exploitation of this vulnerability could allow an attacker to e…CISECURITY.ORG
18 DecFBI Shuts Down Crypto Exchange Linked to Criminal Money Laundering OperationsThe United States Attorney’s Office for the Eastern District of Michigan announced a coordinated international enforcement action targeting E-Note, a cryptocurrency exchange allegedly used by transnational cybercriminals to launder money stolen from U.S. healthcare provider…GBHACKERS.COM
18 DecThe innovative CISO’s bucket list: Human-led transformation at the coreAsk any chief information security officer (CISO) what keeps them up at night and you’ll likely get a familiar list of persistent threats: ransomware, AI-enabled nation-state actors and in-the-wild exploitation of vulnerabilities hiding in an ever-expanding digital footprint. For…CSOONLINE.COM
18 DecWith AI Nothing Is Safe - PSW #905This week in the security news: - Linux process injection - Threat actors need training too - A Linux device "capable of practically anything" - The Internet of webcams - Hacking cheap devices - Automating exploitation with local AI models - Lame C2 - Smallest SSH backdoor - Your…YOUTUBE.COM
18 DecCISA Releases Nine Industrial Control Systems AdvisoriesCISA released nine Industrial Control Systems (ICS) Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.  ICSA-25-352-01 Inductive Automation Ignition ICSA-25-352-02 Schneider Electric EcoStruxu…CISA.GOV
📋 SECURITY BULLETINS 1[−]
18 DecWindows 10 OOB update released to fix Message Queuing (MSMQ) issuesThis month's extended security update for Windows 11 broke Message Queuing (MSMQ), which is typically used by enterprises to manage background tasks. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 5[−]
18 DecThe Raspberry Pi wakeup call: Why enterprises must rethink physical securityA recent attack on a French ferry, in which an attacker reportedly plugged a tiny computer called a Raspberry Pi into the network in an attempt to break into the vessel’s operations, offers an important lesson for enterprise CISOs: one analyst estimated that half of all enterpris…CSOONLINE.COM
18 DecRusslands Einfluss – Kritik an Lücken bei Cybersicherheitsrcset="https://b2b-contenthub.com/wp-content/uploads/2025/12/shutterstock_2144734163.jpg?quality=50&strip=all 8786w, https://b2b-contenthub.com/wp-content/uploads/2025/12/shutterstock_2144734163.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.c…CSOONLINE.COM
18 DecNIS2 compliance: How to get passwords and MFA rightNIS2 puts identity and access controls under the spotlight, with weak passwords and poor authentication now a compliance risk. Specops Software explains how to align password policies and MFA with NIS2 requirements. [...]BLEEPINGCOMPUTER.COM
18 DecDer Raspberry-Pi-Weckruf für CISOsKleines Device, große Wirkung. Kiklas | shutterstock.com Mitte Dezember wurde eine Fähre in Besitz der Mediterranean Shipping Company über Stunden in einem französischen Hafen festgesetzt, wie Bloomberg berichtete . Der Grund: Es bestand der Verdacht, dass russische Cyberkriminel…CSOONLINE.COM
🔥 INCIDENT REPORTING 17[−]
18 DecThe Botting Network - 96,320 breached accountsIn August 2012, the forum for making money with botting "The Botting Network" suffered a data breach that exposed 96k user records . The now defunct vBulletin forum leaked 96k email addresses, usernames, dates of birth and salted MD5 password hashes.HAVEIBEENPWNED.COM
18 DecMicrosoft 365 Outage Disrupts Teams, Outlook, and Copilot in Japan and ChinaThousands of users across Japan and China experienced significant disruptions to Microsoft 365 services on Thursday morning due to a critical routing issue affecting the company’s infrastructure. The outage affected essential workplace tools, including Teams, Outlook, OneDr…GBHACKERS.COM
18 DecKimwolf Android Botnet Compromises 1.8 Million Devices WorldwideA newly discovered Android botnet dubbed “Kimwolf” has silently compromised over 1.8 million devices globally, primarily targeting Android TV boxes in residential networks. The massive operation, which at one point saw its command-and-control (C2) domain surpass Googl…GBHACKERS.COM
18 DecAUTOSUR - 487,226 breached accountsIn March 2025, the French vehicle inspection company AUTOSUR suffered a data breach exposing over 10M customer records, though only 487k unique email addresses were present. The compromised data included names, phone numbers, physical addresses, and vehicle details such as make a…HAVEIBEENPWNED.COM
18 DecChinese Ink Dragon Breaches European Government Networks, Affecting Asia and South AmericaInk Dragon, a Chinese espionage group, has significantly expanded its operational reach from Southeast Asia and South America into European government networks, according to ongoing research by Check Point Research. The threat actor employs a methodical approach that combines str…GBHACKERS.COM
18 DecPhantom Stealer Targeting Users to Steal Sensitive DataSophisticated malware employs a multi-stage infection chain and advanced evasion techniques to exfiltrate sensitive information. Phantom, a sophisticated stealer malware variant, is conducting targeted attacks to harvest sensitive data from infected systems, including passwords, …GBHACKERS.COM
18 DecFrance Probes ‘Foreign Interference’ After Remote Control Malware Found on Passenger FerryFrance’s counterespionage agency is investigating a suspected cyberattack plot targeting an international passenger ferry The post France Probes ‘Foreign Interference’ After Remote Control Malware Found on Passenger Ferry appeared first on SecurityWeek .SECURITYWEEK.COM
18 Dec113,000 Impacted by Data Breach at Virginia Mental Health AuthorityThreat actors stole names, Social Security numbers, and financial and health information, and deployed ransomware on RBHA’s systems. The post 113,000 Impacted by Data Breach at Virginia Mental Health Authority appeared first on SecurityWeek .SECURITYWEEK.COM
18 DecAuto Parts Giant LKQ Confirms Oracle EBS Breachsubmitted by kid to cybersecurity 1 points | 0 comments https://www.securityweek.com/auto-parts-giant-lkq-confirms-oracle-ebs-breach/SH.ITJUST.WORKS
18 DecTech provider for NHS England confirms data breachU.K.-based healthcare tech provider DXS International said it discovered and contained a data breach on Sunday. A ransomware gang took credit for the breach.TECHCRUNCH.COM
18 DecChina-Aligned Threat Group Uses Windows Group Policy to Deploy Espionage MalwareA previously undocumented China-aligned threat cluster dubbed LongNosedGoblin has been attributed to a series of cyber attacks targeting governmental entities in Southeast Asia and Japan. The end goal of these attacks is cyber espionage, Slovak cybersecurity company ESET said in …THEHACKERNEWS.COM
18 DecI am not a robot: ClickFix used to deploy StealC and QilinThe fake human verification process led to infostealer and ransomware infectionsSOPHOS.COM
18 DecUniversity of Sydney suffers data breach exposing student and staff infoHackers gained access to an online coding repository belonging to the University of Sydney and stole files with personal information of staff and students. [...]BLEEPINGCOMPUTER.COM
18 DecClop ransomware targets Gladinet CentreStack in data theft attacksThe Clop ransomware gang is targeting Internet-exposed Gladinet CentreStack file servers in a new data theft extortion campaign. [...]BLEEPINGCOMPUTER.COM
18 DecRansomHouse RaaS Enhances Double Extortion with Data Theft and EncryptionRansomHouse, a ransomware-as-a-service (RaaS) operation managed by the threat group Jolly Scorpius, has significantly enhanced its encryption capabilities, marking a critical escalation in the threat landscape. Recent analysis of RansomHouse binaries reveals a sophisticated upgra…GBHACKERS.COM
18 DecNuGet Malware Mimic: .NET Integration Library Steals Crypto Wallets and OAuth TokensReversingLabs (RL) researchers have uncovered a sophisticated malware campaign targeting the .NET developer ecosystem via the NuGet package manager. The campaign, which began in July 2025, involves 14 malicious packages designed to mimic legitimate cryptocurrency libraries. These…GBHACKERS.COM
18 DecBest Security Awareness Training Platforms For 2026Security awareness training platforms empower organizations to combat rising cyber threats by educating employees on phishing, ransomware, and social engineering in 2026. These top 10 solutions deliver simulated attacks, personalized learning, and measurable risk reduction for bu…GBHACKERS.COM
🕵️ THREAT INTELLIGENCE 20[−]
18 DecISC Stormcast For Thursday, December 18th, 2025 https://isc.sans.edu/podcastdetail/9744, (Thu, Dec 18th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
18 DecKimsuky Spreads DocSwap Android Malware via QR Phishing Posing as Delivery AppThe North Korean threat actor known as Kimsuky has been linked to a new campaign that distributes a new variant of Android malware called DocSwap via QR codes hosted on phishing sites mimicking Seoul-based logistics firm CJ Logistics (formerly CJ Korea Express). "The threat actor…THEHACKERNEWS.COM
18 DecIoT Security Firm Exein Raises €100 MillionThe Italian company has raised nearly $200 million in 2025 for its widely used embedded cybersecurity platform. The post IoT Security Firm Exein Raises €100 Million appeared first on SecurityWeek .SECURITYWEEK.COM
18 DecNorth Korea-Linked Hackers Steal $2.02 Billion in 2025, Leading Global Crypto TheftThreat actors with ties to the Democratic People's Republic of Korea (DPRK or North Korea) have been instrumental in driving a surge in global cryptocurrency theft in 2025, accounting for at least $2.02 billion out of more than $3.4 billion stolen from January through early Decem…THEHACKERNEWS.COM
18 DecNew “Lies-in-the-Loop” Attack Undermines AI Safety Dialogs - Infosecurity Magazinesubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/lies-loop-attack-ai-safety-dialogs/SH.ITJUST.WORKS
18 DecBlueDelta’s Persistent Campaign Against UKR.NETsubmitted by kid to cybersecurity 1 points | 0 comments https://www.recordedfuture.com/research/bluedeltas-persistent-campaign-against-ukrnetSH.ITJUST.WORKS
18 DecWeChat Phishing Attacks a Growing Threat Outside ChinaLead analysts: Cameron Sweeney, Lucy Gee, Louis Tiley, James Dyer “Super-app” WeChat offers a wealth of functionality —f rom instant messaging, text and voice messaging, and video calls to mobile payments, ride booking, ordering food deliveries, paying bills and even accessing go…KNOWBE4.COM
18 DecShadyPanda: The Silent Browser Takeover Threat and How Qualys TruRisk Eliminate Helps You Stop It | Qualyssubmitted by kid to cybersecurity 0 points | 0 comments https://blog.qualys.com/product-tech/patch-management/2025/12/17/shadypanda-malicious-browser-extensions-preventionSH.ITJUST.WORKS
18 DecDatenbank mit 4,3 Milliarden Datensätzen offen im Netzsrcset="https://b2b-contenthub.com/wp-content/uploads/2025/12/shutterstock_2504511609.jpg?quality=50&strip=all 13019w, https://b2b-contenthub.com/wp-content/uploads/2025/12/shutterstock_2504511609.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.…CSOONLINE.COM
18 DecFrom the Hill: The AI-Cybersecurity Imperative in Financial ServicesFinancial institutions face a dual mandate: embrace AI for cyber defense and secure AI with Secure AI by Design. Discover the path forward. The post From the Hill: The AI-Cybersecurity Imperative in Financial Services appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
18 DecAgent Mistakes: A Logistical ChallengeAI agents are revolutionizing decision-making, but their potential for errors poses significant challenges. Balancing AI autonomy with human oversight is crucial to prevent logistical nightmares. How are you managing AI risks? Subscribe to our podcasts: https://securityweekly.com…YOUTUBE.COM
18 DecNew Microsoft e-book: 3 reasons point solutions are holding you backExplore the new Microsoft e-book on how a unified, AI-ready platform delivers speed, resilience, and measurable security gains. The post New Microsoft e-book: 3 reasons point solutions are holding you back appeared first on Microsoft Security Blog .MICROSOFT.COM
18 DecUnmasking the Deepfake Threat: A Game-Changer for Reducing Human RiskToday, anyone can find a picture of absolutely anybody and it is also not difficult to find a sample of their voice. By combining these it is shockingly easy to create a realistic AI deepfake video of that person. The video may not be perfect, and an experienced AI deepfake enthu…KNOWBE4.COM
18 DecNew Lazarus and Kimsuky Infrastructure Discovered with Active Tools and Tunneling NodesSecurity researchers from Hunt.io and Acronis Threat Research Unit have uncovered a sophisticated network of operational infrastructure controlled by North Korean state-sponsored threat actors Lazarus and Kimsuky. The collaborative investigation revealed previously undocumented c…GBHACKERS.COM
18 DecBeware of Malicious Scripts in Weaponized PDF Purchase OrdersA sophisticated phishing campaign utilizing a weaponized PDF document named “NEW Purchase Order # 52177236.pdf” has been identified, employing legitimate cloud infrastructure and encrypted messaging apps to steal corporate credentials. The attack vector was brought to light after…GBHACKERS.COM
18 DecAPT35 Leak Reveals Spreadsheets Containing Domains, Payments, and Server InformationIranian cyber unit Charming Kitten, officially designated APT35, has long been dismissed as a noisy but relatively unsophisticated threat actor a politically motivated collective known for recycled phishing templates and credential-harvesting pages. Episode 4, the latest intellig…GBHACKERS.COM
18 DecGachiLoader Deploys Payloads Using Obfuscated Node.js MalwareCheck Point Research has uncovered a sophisticated malware distribution campaign leveraging the YouTube Ghost Network to deploy GachiLoader, a novel, heavily obfuscated Node.js-based loader designed to deliver the Rhadamanthys infostealer to unsuspecting victims. The campaign, wh…GBHACKERS.COM
18 DecNewer RISC-V CPUs Vulnerable To Spectre V1 - Linux Mitigation Patches Postedsubmitted by cm0002 to cybersecurity 1 points | 0 comments https://www.phoronix.com/news/Spectre-V1-RISC-V-Patches Spectre V1 mitigations in the Linux kernel are coming for RISC-V with newer RISC-V core designs being vulnerable to Spectre Variant One style attacks. Spectre V1 as …INFOSEC.PUB
18 DecFirmware's Expanding Attack SurfaceIn today's digital landscape, firmware is evolving rapidly, integrating languages like Python, Node, and React, which significantly expand the attack surface. Discover how this trend impacts cybersecurity and the supply chain, and why it's crucial to stay ahead. Subscribe to our …YOUTUBE.COM
18 DecLongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and JapanESET researchers discovered a China-aligned APT group, LongNosedGoblin, which uses Group Policy to deploy cyberespionage tools across networks of governmental institutionsWELIVESECURITY.COM
🌐 CYBER THREAT LANDSCAPE 3[−]
18 DecThe Stealka stealer hijacks accounts and steals crypto while masquerading as pirated software | Kaspersky official blogCybercriminals are spreading the Stealka infostealer disguised as game cheats, mods, and pirated software. It targets sensitive information, cryptocurrency, and account credentialsKASPERSKY.COM
18 DecFrance arrests Latvian for installing malware on Italian ferryFrench authorities arrested two crew members of an Italian passenger ferry suspected of infecting the ship with malware that could have enabled them to remotely control the vessel. [...]BLEEPINGCOMPUTER.COM
18 DecWhat Cyber Defenders Really Think About AI RiskLearn how Trend Micro's 2025 Trend Micro Defenders Survey Report highlights current AI-related cybersecurity priorities and where security professionals use AI to their advantage.TRENDMICRO.COM
📡 INFOSEC NEWS 3[−]
18 DecPositive trends related to public IP ranges from the year 2025, (Thu, Dec 18th)Since the end of the year is quickly approaching, it is undoubtedly a good time to look back at what the past twelve months have brought to us… And given that the entire cyber security profession is about protecting various systems from “bad…ISC.SANS.EDU
18 DecMicrosoft: Recent Windows updates break RemoteApp connectionsMicrosoft has confirmed that recent Windows updates trigger RemoteApp connection failures on Windows 11 24H2/25H2 and Windows Server 2025 devices in Azure Virtual Desktop environments. [...]BLEEPINGCOMPUTER.COM
18 DecNew password spraying attacks target Cisco, PAN VPN gatewaysAn automated campaign is targeting multiple VPN platforms, with credential-based attacks being observed on Palo Alto Networks GlobalProtect and Cisco SSL VPN. [...]BLEEPINGCOMPUTER.COM