MATLOCK.CA
97Articles
8Categories
2025-12-19Date
🚨
CISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-14733 WatchGuard Firebox Out-of-Bounds Write Vulnerability  This type of vulnerability is a frequent attack vector for malicious cyb…
KEVCISA.GOV — Fri, 19 Dec 25 1
🐛
HPE OneView vulnerable to remote code execution attack
CSOONLINE.COM — 19 Dec 2025
🐛
React2Shell is the Log4j moment for front end development
CSOONLINE.COM — 19 Dec 2025
🐛
CVE-2025-37951 drm/v3d: Add job to pending list if the reset was skipped
MSRC.MICROSOFT.COM — 19 Dec 2025
🐛
CVE-2025-38063 dm: fix unconditional IO throttle caused by REQ_PREFLUSH
MSRC.MICROSOFT.COM — 19 Dec 2025
🐛
CVE-2025-38071 x86/mm: Check return value from memblock_phys_alloc_range()
MSRC.MICROSOFT.COM — 19 Dec 2025
🐛
CVE-2025-38074 vhost-scsi: protect vq->log_used with vq->mutex
MSRC.MICROSOFT.COM — 19 Dec 2025
🐛
CVE-2025-38067 rseq: Fix segfault on registration when rseq_cs is non-zero
MSRC.MICROSOFT.COM — 19 Dec 2025
🐛
CVE-2025-38118 Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete
MSRC.MICROSOFT.COM — 19 Dec 2025
🐛
CVE-2025-38126 net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping
MSRC.MICROSOFT.COM — 19 Dec 2025
🐛
CVE-2025-38131 coresight: prevent deactivate active config while enabling the config
MSRC.MICROSOFT.COM — 19 Dec 2025
🐛
New Linux Kernel Rust Vulnerability Triggers System Crashes
GBHACKERS.COM — 19 Dec 2025
🐛
WatchGuard Zero-Day Actively Exploited to Seize Control of Firewalls
KEVGBHACKERS.COM — 19 Dec 2025
🐛
WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability
THEHACKERNEWS.COM — 19 Dec 2025
🐛
WatchGuard fixes ‘critical’ zero-day allowing firewall takeover
KEVCSOONLINE.COM — 19 Dec 2025
🐛
Hackers Leverage Gladinet Triofox 0-Day Vulnerability to Run Malicious Code
GBHACKERS.COM — 19 Dec 2025
🐛
Apache Log4j Flaw Enables Interception of Sensitive Logging Data
GBHACKERS.COM — 19 Dec 2025
🐛
New Kibana Vulnerabilities Allow Attackers to Embed Malicious Scripts
GBHACKERS.COM — 19 Dec 2025
🐛
Vulnerability-Lookup 2.20.0
INFOSEC.PUB — 19 Dec 2025
⚠️
How we pwned X (Twitter), Vercel, Cursor, Discord, and hundreds of companies through a supply-chain attack
SH.ITJUST.WORKS — 19 Dec 2025
⚠️
On the Zero Day of Christmas - Cisco Devices Under Attack
CYBERSECURITYTODAY.LIBSYN.COM — 19 Dec 2025
⚠️
Managing agentic AI risk: Lessons from the OWASP Top 10
CSOONLINE.COM — 19 Dec 2025
⚠️
News alert: INE expands partnerships to scale hands-on cyber training across Middle East, Asia
LASTWATCHDOG.COM — 19 Dec 2025
⚠️
New UEFI Flaw Enables Early-Boot DMA Attacks on ASRock, ASUS, GIGABYTE, MSI Motherboards
THEHACKERNEWS.COM — 19 Dec 2025
⚠️
Microsoft Patches MSMQ Flaw That Affects IIS Web Servers
GBHACKERS.COM — 19 Dec 2025
⚠️
Roundcube Flaws Let Attackers Execute Malicious Scripts
GBHACKERS.COM — 19 Dec 2025
⚠️
Clop Ransomware Group Targets Gladinet CentreStack Servers to Exfiltrate Data
GBHACKERS.COM — 19 Dec 2025
⚠️
OpenAI’s GPT-5.2 Codex Boosts Agentic Coding and Cyber Vulnerability Detection
GBHACKERS.COM — 19 Dec 2025
⚠️
New critical WatchGuard Firebox firewall flaw exploited in attacks
KEVBLEEPINGCOMPUTER.COM — 19 Dec 2025
⚠️
Cisco bestätigt Zero-Day-Exploit für Secure Email
CSOONLINE.COM — 19 Dec 2025
⚠️
Nigeria Arrests RaccoonO365 Phishing Developer Linked to Microsoft 365 Attacks
THEHACKERNEWS.COM — 19 Dec 2025
⚠️
Attackers bring their own passwords to Cisco and Palo Alto VPNs
CSOONLINE.COM — 19 Dec 2025
⚠️
AI Advertising Company Hacked
SCHNEIER.COM — 2025-12-19
⚠️
CISA Warns of Exploited Flaw in Asus Update Tool - SecurityWeek
SH.ITJUST.WORKS — 19 Dec 2025
⚠️
HPE warns of maximum severity RCE flaw in OneView software
SH.ITJUST.WORKS — 19 Dec 2025
⚠️
Docker Makes 1,000 Hardened Images Free and Open Source
SECURITYWEEK.COM — 19 Dec 2025
⚠️
Be Careful of That Warrant for Your Arrest
KNOWBE4.COM — 19 Dec 2025
⚠️
Over 25,000 FortiCloud SSO devices exposed to remote attacks
BLEEPINGCOMPUTER.COM — 19 Dec 2025
⚠️
Cracked Software and YouTube Videos Spread CountLoader and GachiLoader Malware
THEHACKERNEWS.COM — 19 Dec 2025
⚠️
81% of Small Businesses Sustained a Cyber Incident Over the Past Year
KNOWBE4.COM — 19 Dec 2025
⚠️
CISO's Top Priority: Mandatory Cybersecurity Policy
YOUTUBE.COM — 2025-12-19
⚠️
Hundreds of Cisco customers are vulnerable to new Chinese hacking campaign, researchers say
TECHCRUNCH.COM — 19 Dec 2025
⚠️
Mapping the Emerging Alliance Between Qilin, DragonForce, and LockBit
GBHACKERS.COM — 19 Dec 2025
⚠️
Cloud Atlas Exploits Office Vulnerabilities to Execute Malicious Code
GBHACKERS.COM — 19 Dec 2025
⚠️
Iranian APT Prince of Persia returns with new malware and C2 infrastructure
CSOONLINE.COM — 19 Dec 2025
⚠️
Can chatbots craft correct code?
TRAILOFBITS.COM — 19 Dec 2025
📢
Amazon Identified North Korean IT Worker by Tracking Keystroke Activity
GBHACKERS.COM — 19 Dec 2025
📢
US Shuts Down Crypto Exchange E-Note, Charges Russian Administrator
SECURITYWEEK.COM — 19 Dec 2025
📢
France confirms Interior Ministry cyberattack as hackers claim 16M people exposed​ | Cybernews
SH.ITJUST.WORKS — 19 Dec 2025
📢
Dismantling Defenses: Trump 2.0 Cyber Year in Review
KREBSONSECURITY.COM — 19 Dec 2025
📢
WatchGuard security advisory (AV25-850)
CYBER.GC.CA — 2025-12-19
📢
Google Chrome security advisory (AV25-851)
CYBER.GC.CA — 2025-12-19
📢
Microsoft Edge security advisory (AV25-852)
CYBER.GC.CA — 2025-12-19
📢
HPE security advisory (AV25-853)
CYBER.GC.CA — 2025-12-19
📢
CISA and Partners Release Update to Malware Analysis Report BRICKSTORM Backdoor
CISA.GOV — Fri, 19 Dec 25 1
🔥
University of Sydney Suffers Cyberattack, Student and Staff Data Exposed
GBHACKERS.COM — 19 Dec 2025
🔥
Clop ransomware targets Gladinet CentreStack in data theft attacks
SH.ITJUST.WORKS — 19 Dec 2025
🔥
US seizes E-Note crypto exchange for laundering ransomware payments
SH.ITJUST.WORKS — 19 Dec 2025
🔥
University of Sydney Data Breach Affects 27,000 Individuals
SECURITYWEEK.COM — 19 Dec 2025
🔥
University of Sydney suffers data breach exposing student and staff info
SH.ITJUST.WORKS — 19 Dec 2025
🔥
Denmark blames Russia for destructive cyberattack on water utility
BLEEPINGCOMPUTER.COM — 19 Dec 2025
🔥
Hackers breach internal servers of tech provider for Britain’s health service | The Record from Recorded Future News
SH.ITJUST.WORKS — 19 Dec 2025
🔥
113,000 Impacted by Data Breach at Virginia Mental Health Authority - SecurityWeek
SH.ITJUST.WORKS — 19 Dec 2025
🔥
Hacks, thefts and disruption: The worst data breaches of 2025
TECHCRUNCH.COM — 19 Dec 2025
🔥
Criminal IP and Palo Alto Networks Cortex XSOAR integrate to bring AI-driven exposure intelligence to automated incident response
BLEEPINGCOMPUTER.COM — 19 Dec 2025
🔥
Denmark Blames Russia for Cyberattacks Ahead of Elections and on Water Utility
SECURITYWEEK.COM — 19 Dec 2025
🔥
In Other News: Docker AI Attack, Google Sues Chinese Cybercriminals, Coupang Hacked by Employee
SECURITYWEEK.COM — 19 Dec 2025
🔥
Nigeria arrests dev of Microsoft 365 'Raccoon0365' phishing platform
BLEEPINGCOMPUTER.COM — 19 Dec 2025
🔥
Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers
THEHACKERNEWS.COM — 19 Dec 2025
🔥
Iranian APT Targeting Networks and Critical Infrastructure Organizations
GBHACKERS.COM — 19 Dec 2025
🔥
Criminal IP and Palo Alto Networks Cortex XSOAR integrate to bring AI-driven exposure intelligence to automated incident response
GBHACKERS.COM — 19 Dec 2025
🕵️
ISC Stormcast For Friday, December 19th, 2025 https://isc.sans.edu/podcastdetail/9746, (Fri, Dec 19th)
ISC.SANS.EDU — 19 Dec 2025
🕵️
WhatsApp, Signal, untraceable security risk
SH.ITJUST.WORKS — 19 Dec 2025
🕵️
Targeted Phishing Attack Strikes HubSpot Users
GBHACKERS.COM — 19 Dec 2025
🕵️
North Korean Hackers Set Record with $2 Billion Crypto Heist in 2025
GBHACKERS.COM — 19 Dec 2025
🕵️
North Korea’s Digital Surge: $2B Stolen in Crypto as Amazon Blocks 1,800 Fake IT Workers
SECURITYWEEK.COM — 19 Dec 2025
🕵️
DLLs & TLS Callbacks, (Fri, Dec 19th)
ISC.SANS.EDU — 19 Dec 2025
🕵️
New BeaverTail Malware Variant Linked to Lazarus Group - Infosecurity Magazine
SH.ITJUST.WORKS — 19 Dec 2025
🕵️
‘Kimwolf’ Android Botnet Ensnares 1.8 Million Devices
SECURITYWEEK.COM — 19 Dec 2025
🕵️
Dormant Iran APT is Still Alive, Spying on Dissidents
SH.ITJUST.WORKS — 19 Dec 2025
🕵️
New password spraying attacks target Cisco, PAN VPN gateways
SH.ITJUST.WORKS — 19 Dec 2025
🕵️
OAuth Device Code Phishing Campaigns Surge Targets Microsoft 365 - Infosecurity Magazine
SH.ITJUST.WORKS — 19 Dec 2025
🕵️
Chinese APT ‘LongNosedGoblin’ Targeting Asian Governments
SECURITYWEEK.COM — 19 Dec 2025
🕵️
Handheld Linux Hacking Device
YOUTUBE.COM — 2025-12-19
🕵️
AI Security Firm Ciphero Emerges From Stealth With $2.5 Million in Funding
SECURITYWEEK.COM — 19 Dec 2025
🕵️
Palo Alto Networks, Google Cloud Strike Multibillion-Dollar AI and Cloud Security Deal
SECURITYWEEK.COM — 19 Dec 2025
🕵️
Microsoft 365 accounts targeted in wave of OAuth phishing attacks
BLEEPINGCOMPUTER.COM — 19 Dec 2025
🕵️
Thailand Conference Launches International Initiative to Fight Online Scams
SECURITYWEEK.COM — 19 Dec 2025
🕵️
BlueDelta Hackers Target Users of Popular Ukrainian Webmail and News Service
GBHACKERS.COM — 19 Dec 2025
🕵️
Scripted Sparrow Utilizes Automation to Generate and Dispatch Attack Messages
GBHACKERS.COM — 19 Dec 2025
🕵️
Auld Lang Syne, Ghostpairing, Centerstack, WAFS, React2Shell, Crypto, Josh Marpet - SWN #539
YOUTUBE.COM — 2025-12-19
🕵️
Friday Squid Blogging: Petting a Squid
SCHNEIER.COM — 2025-12-19
🕵️
AI Risks: OWASP's Top 10
YOUTUBE.COM — 2025-12-19
🌐
FTC: Instacart to refund $60M over deceptive subscription tactics
BLEEPINGCOMPUTER.COM — 19 Dec 2025
🌐
New cybersecurity laws and trends in 2026 | Kaspersky official blog
KASPERSKY.COM — 19 Dec 2025
📡
New UEFI flaw enables pre-boot attacks on motherboards from Gigabyte, MSI, ASUS, ASRock
BLEEPINGCOMPUTER.COM — 19 Dec 2025
📡
Microsoft confirms Teams is down and messages are delayed
BLEEPINGCOMPUTER.COM — 19 Dec 2025