matlock.ca // THREAT INTELLIGENCE — 2025-12-22

65Articles

8Categories

2025-12-22Date

🚨

CISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2023-52163 Digiever DS-2105 Pro Missing Authorization Vulnerability This type of vulnerability is a frequent attack vector for malicious…

KEVCISA.GOV — Mon, 22 Dec 25 1

🐛

Not all CISA-linked alerts are urgent: ASUS Live Update CVE-2025-59374

BLEEPINGCOMPUTER.COM — 22 Dec 2025

🐛

Microsoft Brokering File System Vulnerability Enables Local Privilege Escalation

GBHACKERS.COM — 22 Dec 2025

🐛

PoC Exploit Released for Use-After-Free Vulnerability in Linux Kernel POSIX CPU Timers

GBHACKERS.COM — 22 Dec 2025

🐛

CISA flags ASUS Live Update CVE, but the attack is years old

BLEEPINGCOMPUTER.COM — 22 Dec 2025

🐛

AL25-020 – Vulnerability Impacting WatchGuard Fireware OS - CVE-2025-14733

CYBER.GC.CA — 2025-12-22

🐛

CVE-2025-12105 Libsoup: heap use-after-free in libsoup message queue handling during http/2 read completion

MSRC.MICROSOFT.COM — 22 Dec 2025

🐛

Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component

WELIVESECURITY.COM — 22 Dec 2025

⚠️

Podcast: Die IT-Tops und -Flops 2025

CSOONLINE.COM — 22 Dec 2025

⚠️

What CISOs should know about the SolarWinds lawsuit dismissal

CSOONLINE.COM — 22 Dec 2025

⚠️

Critical RCE flaw impacts over 115,000 WatchGuard firewalls

KEVBLEEPINGCOMPUTER.COM — 22 Dec 2025

⚠️

WatchGuard Patches Firebox Zero-Day Exploited in the Wild

KEVSECURITYWEEK.COM — 22 Dec 2025

⚠️

Hackers exploit Microsoft OAuth device codes to hijack enterprise accounts

CSOONLINE.COM — 22 Dec 2025

⚠️

⚡ Weekly Recap: Firewall Exploits, AI Data Theft, Android Hacks, APT Attacks, Insider Leaks & More

THEHACKERNEWS.COM — 22 Dec 2025

⚠️

How to Browse the Web More Sustainably With a Green Browser

THEHACKERNEWS.COM — 22 Dec 2025

⚠️

Nissan Discloses Data Breach Linked to Compromised Red Hat Infrastructure

GBHACKERS.COM — 22 Dec 2025

⚠️

Sleeping Bouncer Vulnerability Impacts Gigabyte, MSI, ASRock, and ASUS Motherboards

GBHACKERS.COM — 22 Dec 2025

⚠️

Docker Releases Free, Production-Grade Hardened Container Images

GBHACKERS.COM — 22 Dec 2025

⚠️

New BlackForce Phishing Kit Bypasses Multifactor Authentication

KNOWBE4.COM — 22 Dec 2025

⚠️

Coupang breach affecting 33.7 million users raises data protection questions

BLEEPINGCOMPUTER.COM — 22 Dec 2025

⚠️

2025 Year in Review at Cloud Security Podcast by Google

KEVMEDIUM.COM — 22 Dec 2025

⚠️

Scammers use AI to make fake art seem real

CSOONLINE.COM — 22 Dec 2025

⚠️

Microsoft Is Finally Killing RC4

SCHNEIER.COM — 2025-12-22

⚠️

Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens

THEHACKERNEWS.COM — 22 Dec 2025

⚠️

NIST and CISA Release Draft Interagency Report on Protecting Tokens and Assertions from Tampering Theft and Misuse for Public Comment

CISA.GOV — Mon, 22 Dec 25 1

📢

Leading Global Research and Advisory Firm Recommends Against Using AI Browsers

PROGRAMMING.DEV — 22 Dec 2025

📢

UK government was hacked in October, minister confirms - iTnews

SH.ITJUST.WORKS — 22 Dec 2025

📢

Romanian water authority hit by ransomware attack over weekend

BLEEPINGCOMPUTER.COM — 22 Dec 2025

📢

Cloud Security: False Sense of Security

YOUTUBE.COM — 2025-12-22

📢

[Control systems] CISA ICS security advisories (AV25–854)

CYBER.GC.CA — 2025-12-22

📢

IBM security advisory (AV25-855)

CYBER.GC.CA — 2025-12-22

📢

Dell security advisory (AV25-856)

CYBER.GC.CA — 2025-12-22

📢

n8n security advisory (AV25-857)

CYBER.GC.CA — 2025-12-22

🔥

Arrests In 0365 Scheme: Cybersecurity Today With David Shipley

CYBERSECURITYTODAY.LIBSYN.COM — 22 Dec 2025

🔥

UK Government Acknowledges It Is Investigating Cyber Incident After Media Reports

SECURITYWEEK.COM — 22 Dec 2025

🔥

Ukrainian hacker admits affiliate role in Nefilim ransomware gang

BLEEPINGCOMPUTER.COM — 22 Dec 2025

🔥

Internal threats are the hole in Cybersecurity’s donut - Frank Vukovits - ESW #438

YOUTUBE.COM — 2025-12-22

🔥

Ukrainian Nefilim Ransomware Affiliate Pleads Guilty in US

SECURITYWEEK.COM — 22 Dec 2025

🔥

Think you can beat ransomware? RansomHouse just made it a lot harder

CSOONLINE.COM — 22 Dec 2025

🔥

Auto Credit Check Company Breach Affects 5.6 Million | Robinson+Cole Data Privacy + Security Insider - JDSupra

SH.ITJUST.WORKS — 22 Dec 2025

🔥

Blind Eagle Hackers Target Government Agencies Using PowerShell Scripts

GBHACKERS.COM — 22 Dec 2025

🔥

SideWinder APT Launches Cyberattacks on Indian Entities Posing as the Income Tax Department

GBHACKERS.COM — 22 Dec 2025

🔥

Wonderland Android Malware Targets OTPs Through Two-Way SMS Hijacking

GBHACKERS.COM — 22 Dec 2025

🔥

University of Phoenix data breach impacts nearly 3.5 million individuals

BLEEPINGCOMPUTER.COM — 22 Dec 2025

🔥

Pirate activists have copied Spotify’s entire music library

CSOONLINE.COM — 22 Dec 2025

🔥

Interpol-led action decrypts 6 ransomware strains, arrests hundreds

BLEEPINGCOMPUTER.COM — 22 Dec 2025

🔥

Nissan says thousands of customers exposed in Red Hat breach

BLEEPINGCOMPUTER.COM — 22 Dec 2025

🕵️

ISC Stormcast For Monday, December 22nd, 2025 https://isc.sans.edu/podcastdetail/9748, (Mon, Dec 22nd)

ISC.SANS.EDU — 22 Dec 2025

🕵️

Android Malware Operations Merge Droppers, SMS Theft, and RAT Capabilities at Scale

THEHACKERNEWS.COM — 22 Dec 2025

🕵️

Gambit Cyber Raises $3.4 Million in Seed Funding

SECURITYWEEK.COM — 22 Dec 2025

🕵️

MacSync macOS Malware Distributed via Signed Swift Application

SECURITYWEEK.COM — 22 Dec 2025

🕵️

Criminals impersonate senior US officials in messaging scams | Cybernews

SH.ITJUST.WORKS — 22 Dec 2025

🕵️

Arcane Werewolf Hacker Group Expands Arsenal with Loki 2.1 Malware Toolkit

GBHACKERS.COM — 22 Dec 2025

🕵️

DIG AI: New Darknet AI Platform Enhancing Capabilities of Cybercriminals

GBHACKERS.COM — 22 Dec 2025

🕵️

Europol: brace for robot-enabled crime surge by 2035 | Cybernews

SH.ITJUST.WORKS — 22 Dec 2025

🕵️

North Korea “industrializes” crypto thefts as losses hit billions | Cybernews

SH.ITJUST.WORKS — 22 Dec 2025

🕵️

54 Charged in US Over ATM Attacks Involving ‘Ploutus’ Malware

SECURITYWEEK.COM — 22 Dec 2025

🕵️

Italian Ferry Malware Attack Sparks International Probe

SH.ITJUST.WORKS — 22 Dec 2025

🕵️

Rising Tides: When Cybersecurity Becomes Personal – Inside the Work of an OSINT Investigator

SECURITYWEEK.COM — 22 Dec 2025

🕵️

The Security Donut: Filling the Hole

YOUTUBE.COM — 2025-12-22

🌐

New MacSync malware dropper evades macOS Gatekeeper checks

BLEEPINGCOMPUTER.COM — 22 Dec 2025

🌐

What Does it Take to Manage Cloud Risk?

TRENDMICRO.COM — 22 Dec 2025

📡

Malicious npm package steals WhatsApp accounts and messages

BLEEPINGCOMPUTER.COM — 22 Dec 2025

📡

OpenAI says AI browsers may always be vulnerable to prompt injection attacks

TECHCRUNCH.COM — 22 Dec 2025

📡

Digital Threat Detection Tools & Best Practices

RECORDEDFUTURE.COM — 22 Dec 2025