65Articles
8Categories
2025-12-22Date
🚨 CISA KEV 1[−]
22 Dec KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2023-52163 Digiever DS-2105 Pro Missing Authorization Vulnerability  This type of vulnerability is a frequent attack vector for malicious…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 7[−]
22 DecNot all CISA-linked alerts are urgent: ASUS Live Update CVE-2025-59374An ASUS Live Update vulnerability tracked as CVE-2025-59374 has been making the rounds in infosec feeds, with some headlines implying recent or ongoing exploitation. A closer look, however, shows the CVE documents a historic supply-chain attack in an End-of-Life (EoL) software pr…BLEEPINGCOMPUTER.COM
22 DecMicrosoft Brokering File System Vulnerability Enables Local Privilege EscalationMicrosoft has addressed a critical use-after-free vulnerability in its Brokering File System (BFS) driver that could allow attackers to escalate privileges on Windows systems. Tracked as CVE-2025-29970, the security flaw affects the bfs.sys component and was discovered by securit…GBHACKERS.COM
22 DecPoC Exploit Released for Use-After-Free Vulnerability in Linux Kernel POSIX CPU TimersA critical race condition vulnerability in the Linux kernel’s POSIX CPU timers has been exposed through a detailed proof-of-concept, one of the most sophisticated kernel exploits targeting Android devices. CVE-2025-38352 represents a use-after-free (UAF) vulnerability in th…GBHACKERS.COM
22 DecCISA flags ASUS Live Update CVE, but the attack is years oldAn ASUS Live Update vulnerability tracked as CVE-2025-59374 has been making the rounds in infosec feeds, with some headlines implying recent or ongoing exploitation. A closer look, however, shows the CVE documents a historic supply-chain attack in an End-of-Life (EoL) software pr…BLEEPINGCOMPUTER.COM
22 DecRevisiting CVE-2025-50165: A critical flaw in Windows Imaging ComponentA comprehensive analysis and assessment of a critical severity vulnerability with low likelihood of mass exploitationWELIVESECURITY.COM
⚠️ VULNERABILITY DISCLOSURE 17[−]
22 DecPodcast: Die IT-Tops und -Flops 2025Die Redaktion von Computerwoche, CIO und CSO sieht das IT-Jahr 2025 mit gemischten Gefühlen zu Ende gehen. abdullah Ghashqeen – Shutterstock Ein turbulentes Jahr 2025 neigt sich dem Ende zu. Es war geprägt von wirtschaftlicher Unsicherheit, geopolitischen Spannungen und dem ungeb…CSOONLINE.COM
22 DecWhat CISOs should know about the SolarWinds lawsuit dismissalThe US Securities and Exchange Commission’s Nov. 30 decision to dismiss its lawsuit against SolarWinds and its CISO, Tim Brown, was met with immediate and widespread joy across the cybersecurity leadership community. For many CISOs, the dismissal landed not as an abstract legal d…CSOONLINE.COM
22 Dec KEVCritical RCE flaw impacts over 115,000 WatchGuard firewallsOver 115,000 WatchGuard Firebox devices exposed online remain unpatched against a critical remote code execution (RCE) vulnerability actively exploited in attacks. [...]BLEEPINGCOMPUTER.COM
22 Dec KEVWatchGuard Patches Firebox Zero-Day Exploited in the WildThe critical-severity bug in the Fireware OS’s iked process leads to unauthenticated remote code execution. The post WatchGuard Patches Firebox Zero-Day Exploited in the Wild appeared first on SecurityWeek .SECURITYWEEK.COM
22 DecHackers exploit Microsoft OAuth device codes to hijack enterprise accountsCybercriminals and state-sponsored hackers are increasingly exploiting Microsoft’s legitimate OAuth 2.0 device authorization process to hijack enterprise accounts, bypassing multifactor authentication protections and gaining persistent access to sensitive organizational data, a r…CSOONLINE.COM
22 Dec⚡ Weekly Recap: Firewall Exploits, AI Data Theft, Android Hacks, APT Attacks, Insider Leaks & MoreCyber threats last week showed how attackers no longer need big hacks to cause big damage. They’re going after the everyday tools we trust most — firewalls, browser add-ons, and even smart TVs — turning small cracks into serious breaches. The real danger now isn’t just one major …THEHACKERNEWS.COM
22 DecHow to Browse the Web More Sustainably With a Green BrowserAs the internet becomes an essential part of daily life, its environmental footprint continues to grow.  Data centers, constant connectivity, and resource-heavy browsing habits all contribute to energy consumption and digital waste. While individual users may not see this im…THEHACKERNEWS.COM
22 DecNissan Discloses Data Breach Linked to Compromised Red Hat InfrastructureNissan Motor Co., Ltd. has disclosed a significant data breach affecting approximately 21,000 customers of Nissan Fukuoka Sales Co., Ltd. following unauthorized access to a Red Hat-managed server used for developing the company’s dealership customer management system. Red H…GBHACKERS.COM
22 DecSleeping Bouncer Vulnerability Impacts Gigabyte, MSI, ASRock, and ASUS MotherboardsA critical firmware vulnerability affecting motherboards from major manufacturers including Gigabyte, MSI, ASRock, and ASUS has been discovered by Riot Games’ Vanguard anti-cheat team. The vulnerability, dubbed “Sleeping Bouncer,” allows sophisticated hardware-b…GBHACKERS.COM
22 DecDocker Releases Free, Production-Grade Hardened Container ImagesDocker has released its production-grade hardened container images as a free, open-source offering, marking a significant shift in software supply chain security accessibility. The Docker Hardened Images (DHI), previously a commercial product, are now available under an Apache 2.…GBHACKERS.COM
22 DecNew BlackForce Phishing Kit Bypasses Multifactor AuthenticationZscaler has published a report on a new phishing kit dubbed “BlackForce” that uses Man-in-the-Browser (MitB) attacks to steal credentials and bypass multi-factor authentication . Notably, the kit “features a vetting system to qualify targets, after which a live operator takes ove…KNOWBE4.COM
22 DecCoupang breach affecting 33.7 million users raises data protection questionsCoupang disclosed a data breach affecting 33.7 million customers after unauthorized access to personal data went undetected for nearly five months. Penta Security explains how the incident highlights insider credential abuse risks and why encrypting customer data beyond legal req…BLEEPINGCOMPUTER.COM
22 Dec KEV2025 Year in Review at Cloud Security Podcast by Google(written jointly with Tim Peacock ) Five years. It’s enough time to fully launch a cloud migration, deploy a new SIEM, or — if you’re a very large enterprise — just start thinking about doing the first two. It’s also how long Tim and I have been subjecting the world to our though…MEDIUM.COM
22 DecScammers use AI to make fake art seem realFraudsters have started using AI to create fake documents claiming that artworks are genuine or legally owned, the Financial Times reports. According to art insurance brokers at Marsh, chatbots and big language models are being used to forge invoices, appraisal certificates and c…CSOONLINE.COM
22 DecMicrosoft Is Finally Killing RC4After twenty-six years, Microsoft is finally upgrading the last remaining instance of the encryption algorithm RC4 in Windows. of the most visible holdouts in supporting RC4 has been Microsoft. Eventually, Microsoft upgraded Active Directory to support the much more secure AES en…SCHNEIER.COM
22 DecFake WhatsApp API Package on npm Steals Messages, Contacts, and Login TokensCybersecurity researchers have disclosed details of a new malicious package on the npm repository that works as a fully functional WhatsApp API, but also contains the ability to intercept every message and link the attacker's device to a victim's WhatsApp account. The package, na…THEHACKERNEWS.COM
22 DecNIST and CISA Release Draft Interagency Report on Protecting Tokens and Assertions from Tampering Theft and Misuse for Public CommentThe Cybersecurity and Infrastructure Security Agency (CISA) and National Institute of Standards and Technology (NIST) have released an initial draft of Interagency Report (IR) 8597 Protecting Tokens and Assertions from Forgery, Theft, and Misuse for public comment through January…CISA.GOV
📢 SECURITY ADVISORIES 8[−]
22 DecLeading Global Research and Advisory Firm Recommends Against Using AI Browserssubmitted by codeinabox to security 1 points | 0 comments https://blog.jim-nielsen.com/2025/dont-use-ai-browsers-they-say/PROGRAMMING.DEV
22 DecUK government was hacked in October, minister confirms - iTnewssubmitted by kid to cybersecurity 3 points | 0 comments https://www.itnews.com.au/news/uk-government-was-hacked-in-october-minister-confirms-622681SH.ITJUST.WORKS
22 DecRomanian water authority hit by ransomware attack over weekendRomanian Waters (Administrația Națională Apele Române), the country's water management authority, was hit by a ransomware attack over the weekend. [...]BLEEPINGCOMPUTER.COM
22 DecCloud Security: False Sense of SecurityMany businesses are lulled into a false sense of security, believing that giants like Microsoft, Google, and Amazon have it all covered. But the shared responsibility model tells a different story. Are you aware of your SOC 1 and SOC 2 obligations? Subscribe to our podcasts: http…YOUTUBE.COM
🔥 INCIDENT REPORTING 14[−]
22 DecArrests In 0365 Scheme: Cybersecurity Today With David ShipleyGlobal Cybercrime Crackdowns and Rising Threats This episode of 'Cybersecurity Today' hosted by David Shipley covers significant cybersecurity news. Nigerian police arrested three suspects linked to a Microsoft 365 phishing platform known as Raccoon O365. U.S. prosecutors charged…CYBERSECURITYTODAY.LIBSYN.COM
22 DecUK Government Acknowledges It Is Investigating Cyber Incident After Media ReportsThe British government is investigating a “cyber incident” following news reports that hackers linked to China have gained access to thousands of confidential documents. The post UK Government Acknowledges It Is Investigating Cyber Incident After Media Reports appeared first on S…SECURITYWEEK.COM
22 DecUkrainian hacker admits affiliate role in Nefilim ransomware gangA Ukrainian national pleaded guilty on Friday to conducting Nefilim ransomware attacks that targeted high-revenue businesses across the United States and other countries. [...]BLEEPINGCOMPUTER.COM
22 DecInternal threats are the hole in Cybersecurity’s donut - Frank Vukovits - ESW #438Interview with Frank Vukovits: Focusing inward: there lie threats also External threats get discussed more than internal threats. There’s a bit of a streetlight effect here: external threats are more visible, easier to track, and sharing external threat intelligence doesn’t infri…YOUTUBE.COM
22 DecUkrainian Nefilim Ransomware Affiliate Pleads Guilty in USArtem Stryzhak pleaded guilty to conspiracy to commit computer fraud after he was extradited earlier this year. The post Ukrainian Nefilim Ransomware Affiliate Pleads Guilty in US appeared first on SecurityWeek .SECURITYWEEK.COM
22 DecThink you can beat ransomware? RansomHouse just made it a lot harderA recent upgrade to the RansomHouse ransomware operation has added new concerns for enterprise defenders, introducing a multi-layered encryption update to the group’s double-extortion RaaS model. Also tracked under the cluster Jolly Scorpius, the ransomware gang has transitioned …CSOONLINE.COM
22 DecAuto Credit Check Company Breach Affects 5.6 Million | Robinson+Cole Data Privacy + Security Insider - JDSuprasubmitted by kid to cybersecurity 1 points | 0 comments https://www.jdsupra.com/legalnews/auto-credit-check-company-breach-9173079/SH.ITJUST.WORKS
22 DecBlind Eagle Hackers Target Government Agencies Using PowerShell ScriptsColombian government institutions are facing a sophisticated multi-stage cyberattack campaign orchestrated by the BlindEagle threat group, which leveraged compromised internal email accounts, PowerShell scripts, and steganography to deploy remote access trojans on target systems,…GBHACKERS.COM
22 DecSideWinder APT Launches Cyberattacks on Indian Entities Posing as the Income Tax DepartmentZscaler Threat Hunting has identified a sophisticated espionage campaign targeting Indian entities through fraudulent “Income Tax Department” portals, representing a significant evolution in the SideWinder APT’s operational tradecraft. The threat actor, also kno…GBHACKERS.COM
22 DecWonderland Android Malware Targets OTPs Through Two-Way SMS HijackingGroup-IB security researchers have uncovered a sophisticated new Android malware family dubbed “Wonderland” that represents a significant evolution in SMS-stealing threats targeting users across Uzbekistan. Unlike previous regional malware that relied on straightforwa…GBHACKERS.COM
22 DecUniversity of Phoenix data breach impacts nearly 3.5 million individualsThe Clop ransomware gang has stolen the data of nearly 3.5 million University of Phoenix (UoPX) students, staff, and suppliers after breaching the university's network in August. [...]BLEEPINGCOMPUTER.COM
22 DecPirate activists have copied Spotify’s entire music libraryA collective of pirate activists say they gained access to 256 million rows of metadata and 86 million audio files, equivalent to around 300 terabytes of data, from Spotify, Billboard reports. The metadata, but no audio files, has been made publicly available through the open sea…CSOONLINE.COM
22 DecInterpol-led action decrypts 6 ransomware strains, arrests hundredsAn Interpol-coordinated initiative called Operation Sentinel led to the arrest of 574 individuals and the recovery of $3 million linked to business email compromise, extortion, and ransomware incidents. [...]BLEEPINGCOMPUTER.COM
22 DecNissan says thousands of customers exposed in Red Hat breachNissan Motor Co. Ltd. (Nissan) has confirmed that information of thousands of its customers has been compromised after the data breach at Red Hat in September. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 13[−]
22 DecISC Stormcast For Monday, December 22nd, 2025 https://isc.sans.edu/podcastdetail/9748, (Mon, Dec 22nd)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
22 DecAndroid Malware Operations Merge Droppers, SMS Theft, and RAT Capabilities at ScaleThreat actors have been observed leveraging malicious dropper apps masquerading as legitimate applications to deliver an Android SMS stealer dubbed Wonderland in mobile attacks targeting users in Uzbekistan. "Previously, users received 'pure' Trojan APKs that acted as malware imm…THEHACKERNEWS.COM
22 DecGambit Cyber Raises $3.4 Million in Seed FundingThe cybersecurity startup will use the funds to accelerate platform improvements, global expansion, and partnerships. The post Gambit Cyber Raises $3.4 Million in Seed Funding appeared first on SecurityWeek .SECURITYWEEK.COM
22 DecMacSync macOS Malware Distributed via Signed Swift ApplicationA recent MacSync Stealer version no longer requires users to directly interact with the terminal for execution. The post MacSync macOS Malware Distributed via Signed Swift Application appeared first on SecurityWeek .SECURITYWEEK.COM
22 DecCriminals impersonate senior US officials in messaging scams | Cybernewssubmitted by kid to cybersecurity 1 points | 0 comments https://cybernews.com/news/criminals-impersonate-senior-us-officials-in-messaging-scams/SH.ITJUST.WORKS
22 DecArcane Werewolf Hacker Group Expands Arsenal with Loki 2.1 Malware ToolkitThe cyber espionage group known as Arcane Werewolf (also tracked as Mythic Likho) has significantly upgraded its offensive capabilities, targeting Russian manufacturing enterprises with a new iteration of its custom malware. According to a report by BI.ZONE Threat Intelligence: c…GBHACKERS.COM
22 DecDIG AI: New Darknet AI Platform Enhancing Capabilities of CybercriminalsResecurity has identified a dangerous new development in the underground cybercrime market, the rise of DIG AI. This uncensored artificial intelligence platform is rapidly gaining traction among threat actors, enabling them to automate malicious campaigns and bypass standard digi…GBHACKERS.COM
22 DecEuropol: brace for robot-enabled crime surge by 2035 | Cybernewssubmitted by kid to cybersecurity 2 points | 0 comments https://cybernews.com/cybercrime/europol-brace-for-robot-enabled-crime-surge-by-2035/SH.ITJUST.WORKS
22 DecNorth Korea “industrializes” crypto thefts as losses hit billions | Cybernewssubmitted by kid to cybersecurity 2 points | 0 comments https://cybernews.com/crypto/north-korea-industrializes-crypto-thefts/SH.ITJUST.WORKS
22 Dec54 Charged in US Over ATM Attacks Involving ‘Ploutus’ MalwareThe suspects are leaders and members of the Venezuelan crime syndicate Tren de Aragua. The post 54 Charged in US Over ATM Attacks Involving ‘Ploutus’ Malware appeared first on SecurityWeek .SECURITYWEEK.COM
22 DecItalian Ferry Malware Attack Sparks International Probesubmitted by kid to cybersecurity 2 points | 0 comments https://www.techrepublic.com/article/news-italian-ferry-malware-attack/SH.ITJUST.WORKS
22 DecRising Tides: When Cybersecurity Becomes Personal – Inside the Work of an OSINT InvestigatorShannon Miller shares her approach to creating domestic safety and a call to the cyber community to help reduce harm. The post Rising Tides: When Cybersecurity Becomes Personal – Inside the Work of an OSINT Investigator appeared first on SecurityWeek .SECURITYWEEK.COM
22 DecThe Security Donut: Filling the HoleDiscover the 'Security Donut' concept! 🍩 While external threats are kept at bay with top-notch tools, the real challenge lies in securing the core business applications. Are your internal systems leaving a gap in your cybersecurity strategy? Subscribe to our podcasts: https://sec…YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
22 DecNew MacSync malware dropper evades macOS Gatekeeper checksThe latest variant of the MacSync information stealer targeting macOS systems is delivered through a digitally signed, notarized Swift application. [...]BLEEPINGCOMPUTER.COM
22 DecWhat Does it Take to Manage Cloud Risk?Learn why hybrid and multi-cloud environments are vital for IT and business success from our 2025 Trend Micro Defenders Survey.TRENDMICRO.COM
📡 INFOSEC NEWS 3[−]
22 DecMalicious npm package steals WhatsApp accounts and messagesA malicious package in the Node Package Manager (NPM) registry poses as a legitimate WhatsApp Web API library to steal WhatsApp messages, collect contacts, and gain access to the account. [...]BLEEPINGCOMPUTER.COM
22 DecOpenAI says AI browsers may always be vulnerable to prompt injection attacksOpenAI says prompt injections will always be a risk for AI browsers with agentic capabilities, like Atlas. But the firm is beefing up its cybersecurity with an 'LLM-based automated attacker.'TECHCRUNCH.COM
22 DecDigital Threat Detection Tools & Best PracticesExplore digital threat detection tools and learn best practices to identify, analyze, and neutralize digital threats before they impact your business.RECORDEDFUTURE.COM