46Articles
7Categories
2025-12-30Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 8[−]
30 Dec70,000+ MongoDB Servers Exposed After MongoBleed PoC ReleasedOver 74,000 MongoDB database servers remain vulnerable to a critical security flaw after proof-of-concept exploit code for the MongoBleed vulnerability became publicly available. The Shadowserver Foundation reports that 74,854 exposed MongoDB instances are running unpatched versi…GBHACKERS.COM
30 Dec KEVPatch Tuesday 2025 roundup: The biggest Microsoft vulnerabilities of the yearEvery day has the potential to be a bad day for a CSO. However, the second Tuesday of each month – Patch Tuesday – is almost guaranteed to be one of those days, though with any luck it’s merely troublesome, not catastrophic. In 2025, however, some of them gave CSOs heartburn: Mic…CSOONLINE.COM
30 DecCSA Issues Alert on Critical SmarterMail Bug Allowing Remote Code ExecutionThe Cyber Security Agency of Singapore (CSA) has issued a bulletin warning of a maximum-severity security flaw in SmarterTools SmarterMail email software that could be exploited to achieve remote code execution. The vulnerability, tracked as CVE-2025-52691, carries a CVSS score o…THEHACKERNEWS.COM
30 DecCritical IBM API Connect Flaw Allows Attackers to Bypass AuthenticationIBM has disclosed a critical authentication bypass vulnerability affecting its API Connect platform, assigning it a maximum CVSS severity score of 9.8. The flaw, tracked as CVE-2025-13915, represents a primary authentication weakness (CWE-305) that requires no user interaction or…GBHACKERS.COM
30 DecCritical SmarterMail Flaw Allows Attackers to Execute Remote CodeSmarterTools has issued an urgent security advisory regarding a critical vulnerability in its widely used SmarterMail software. The flaw, which carries the highest possible severity score, could allow unauthenticated attackers to completely take over affected mail servers. The vu…GBHACKERS.COM
30 Dec KEVCISA Alerts on Active Exploitation of MongoDB Vulnerability CVE-2025-14847The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning about the active exploitation of CVE-2025-14847, a severe vulnerability affecting MongoDB and MongoDB Server. The flaw was added to CISA’s Known Exploited Vulnerabilities (KEV) ca…GBHACKERS.COM
⚠️ VULNERABILITY DISCLOSURE 9[−]
30 Dec6 cyber insurance gotchas security leaders must avoidFacing ever-mounting cyberthreats, enterprises are increasingly turning to cyber insurance to address the potentially severe financial damage a successful attack can inflict. Unfortunately, cyber insurance presents its own risks, particularly for cybersecurity leaders who tend to…CSOONLINE.COM
30 DecAI-Era AppSec: Transparency, Trust, and Risk Beyond the Firewall - ASW #363In an era dominated by AI-powered security tools and cloud-native architectures, are traditional Web Application Firewalls still relevant? Join us as we speak with Felipe Zipitria, co-leader of the OWASP Core Rule Set (CRS) project. Felipe has been at the forefront of open-source…YOUTUBE.COM
30 Dec8 Cybersecurity Acquisitions Surpassed $1 Billion Mark in 2025The total disclosed value for all the cybersecurity M&A deals announced in 2025 exceeded $84 billion. The post 8 Cybersecurity Acquisitions Surpassed $1 Billion Mark in 2025 appeared first on SecurityWeek .SECURITYWEEK.COM
30 DecFortinet warns of 5-year-old FortiOS 2FA bypass still exploited in attackssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/fortinet-warns-of-5-year-old-fortios-2fa-bypass-still-exploited-in-attacks/SH.ITJUST.WORKS
30 DecCritical 0day flaw Exposes 70k XSpeeder Devices as Vendor Ignores Alert – Hackread – Cybersecurity News, Data Breaches, AI, and Moresubmitted by kid to cybersecurity 1 points | 0 comments https://hackread.com/xspeeder-0day-flaw-devices-vendor-ignores-alert/SH.ITJUST.WORKS
30 Dec KEVCISA orders feds to patch MongoBleed flaw exploited in attacksCISA ordered U.S. federal agencies to patch an actively exploited MongoDB vulnerability (MongoBleed) that can be exploited to steal credentials, API keys, and other sensitive data. [...]BLEEPINGCOMPUTER.COM
30 DecMagecart Campaign Deploys 50+ Malicious Scripts to Hijack E-Commerce TransactionsA sophisticated and expansive Magecart campaign has been uncovered, marking a dangerous evolution in client-side attacks. Security researchers have identified a global operation utilizing over 50 distinct malicious scripts to hijack checkout and account creation flows across doze…GBHACKERS.COM
30 DecESET Flags Rising Threat of AI-Driven Malware and RansomwareThe cybersecurity landscape entered a critical new era in the second half of 2025 as AI-powered malware transitioned from theoretical threat to tangible reality, while the ransomware-as-a-service economy expanded at an unprecedented pace. According to ESET Research’s latest…GBHACKERS.COM
30 DecCISA Releases Two Industrial Control Systems AdvisoriesCISA released two Industrial Control Systems (ICS) Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.  ICSA-25-364-01: WHILL C2 Wheelchairs ICSA-25-345-03: AzeoTech DAQFactory (Update A)  …CISA.GOV
📢 SECURITY ADVISORIES 4[−]
30 DecSieben Anzeichen dafür, dass Ihr Cybersecurity-Framework überarbeitet werden mussCybersecurity ist kein Nice-to-have, sondern ein Muss. Dennoch vernachlässigen immer noch zu viele Unternehmen seine Pflege. Summit Art Creations – shutterstock.com Cybersicherheits-Frameworks sind die Richtlinien, mit denen sich Unternehmen vor Cyberangriffen schützen. Ein typis…CSOONLINE.COM
30 DecNew Spear-Phishing Attack Targeting Security Individuals in the Israel RegionIsrael’s National Cyber Directorate has issued an urgent alert warning of an active spear-phishing campaign specifically targeting individuals employed in security and defense-related sectors. The operation, linked to infrastructure associated with APT42 (also known as Char…GBHACKERS.COM
30 DecAutomating Vendor Trust IssuesVendor risk management is becoming more automated, but challenges remain. The risk lies in vendors potentially misrepresenting their compliance and security measures. How can security professionals ensure the accuracy of vendor-provided information? Subscribe to our podcasts: htt…YOUTUBE.COM
🔥 INCIDENT REPORTING 11[−]
30 DecEmEditor Website Breach Used to Spread Infostealer MalwareThe popular text editor EmEditor fell victim to a sophisticated supply chain attack between December 19-22, 2025, in which attackers compromised the official website to distribute malware-laced installation packages. Emurasoft, Inc., the software’s developer, confirmed on D…GBHACKERS.COM
30 DecKorean Air Data Compromised in Oracle EBS HackRoughly 30,000 Korean Air employees had their data stolen by hackers in a breach at former subsidiary KC&D. The post Korean Air Data Compromised in Oracle EBS Hack appeared first on SecurityWeek .SECURITYWEEK.COM
30 DecMustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL BackdoorThe Chinese hacking group known as Mustang Panda has leveraged a previously undocumented kernel-mode rootkit driver to deliver a new variant of backdoor dubbed TONESHELL in a cyber attack detected in mid-2025 targeting an unspecified entity in Asia. The findings come from Kaspers…THEHACKERNEWS.COM
30 DecNew Google-Themed Phishing Wave Hits Over 3,000 Global Organisations – Hackread – Cybersecurity News, Data Breaches, AI, and Moresubmitted by kid to cybersecurity 2 points | 0 comments https://hackread.com/google-phishing-3000-global-organisations/SH.ITJUST.WORKS
30 DecRomanian energy provider hit by Gentlemen ransomware attacksubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/romanian-energy-provider-hit-by-gentlemen-ransomware-attack/SH.ITJUST.WORKS
30 DecUS cybersecurity experts plead guilty to BlackCat ransomware attacksTwo former employees of cybersecurity incident response companies Sygnia and DigitalMint have pleaded guilty to targeting U.S. companies in BlackCat (ALPHV) ransomware attacks in 2023. [...]BLEEPINGCOMPUTER.COM
30 DecEuropean Space Agency confirms breach of "external servers"The European Space Agency (ESA) confirmed that attackers recently breached servers outside its corporate network, which contained what it described as "unclassified" information on collaborative engineering activities. [...]BLEEPINGCOMPUTER.COM
30 DecHackers Abuse Copilot Studio’s New Connected Agents Feature to Plant BackdoorsMicrosoft’s latest innovation may have opened the door to sophisticated cyberattacks. At Build 2025, the company introduced “Connected Agents,” a feature in Copilot Studio that allows AI agents to communicate and share functionality across environments. While de…GBHACKERS.COM
30 DecEuropean Space Agency confirms breach of "external servers"submitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/european-space-agency-confirms-breach-of-external-servers/SH.ITJUST.WORKS
30 DecNew ErrTraffic service enables ClickFix attacks via fake browser glitchesA new cybercrime tool called ErrTraffic allows threat actors to automate ClickFix attacks by generating 'fake glitches' on compromised websites to lure users into downloading payloads or following malicious instructions [...]BLEEPINGCOMPUTER.COM
30 DecSentinelOne and AWS Shape the Future of AI Security with Purple AI - SWN #542SentinelOne announced a series of new innovative designations and integrations with Amazon Web Services (AWS), designed to bring the full benefits of AI security to AWS customers today. From securing GenAI usage in the workplace, to protecting AI infrastructure to leveraging agen…YOUTUBE.COM
🕵️ THREAT INTELLIGENCE 12[−]
30 DecChinese APT Mustang Panda Caught Using Kernel-Mode RootkitThe threat actor uses a signed driver file containing two user-mode shellcodes to execute its ToneShell backdoor. The post Chinese APT Mustang Panda Caught Using Kernel-Mode Rootkit appeared first on SecurityWeek .SECURITYWEEK.COM
30 DecSilver Fox Targets Indian Users With Tax-Themed Emails Delivering ValleyRAT MalwareThe threat actor known as Silver Fox has turned its focus to India, using income tax-themed lures in phishing campaigns to distribute a modular remote access trojan called ValleyRAT (aka Winos 4.0). "This sophisticated attack leverages a complex kill chain involving DLL hijacking…THEHACKERNEWS.COM
30 DecUsing AI-Generated Images to Get RefundsScammers are generating images of broken merchandise in order to apply for refunds.SCHNEIER.COM
30 Dec27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentialssubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/12/27-malicious-npm-packages-used-as.htmlSH.ITJUST.WORKS
30 DecResearchers Spot New Shai Hulud Variant - BankInfoSecuritysubmitted by kid to cybersecurity 1 points | 0 comments https://www.bankinfosecurity.in/researchers-spot-new-shai-hulud-variant-a-30409SH.ITJUST.WORKS
30 DecNew ConsentFix Technique Tricks Users Into Handing Over OAuth TokensResearchers at Push Security have observed a new variant of the ClickFix attack that combines “OAuth consent phishing with a ClickFix-style user prompt that leads to account compromise.”KNOWBE4.COM
30 DecCan You Trust Agentic AI?Agentic AI systems require a shift to left thinking and zero trust validation. Without these, the reliability of models and tools is questionable. How can we ensure trust in multi-agent systems? Subscribe to our podcasts: https://securityweekly.com/subscribe #AgenticAI #ZeroTrust…YOUTUBE.COM
30 DecHackers Promote “VOID” AV Killer Claiming Kernel-Level Defense EvasionA threat actor operating under the handle Crypt4You has begun advertising a sophisticated new offensive tool on underground cybercrime forums, marketed as a “kernel-level” security neutralization utility. Dubbed VOID KILLER, the malware is designed explicitly to termi…GBHACKERS.COM
30 DecHackers Impersonated Jackson JSON Library to Infiltrate Maven CentralSecurity researchers have uncovered a sophisticated multi-stage malware campaign targeting Maven Central, the primary repository for Java dependencies. The attack centered on a malicious package impersonating the legitimate Jackson JSON library marking the first significant detec…GBHACKERS.COM
30 DecChinese Hackers Deploy Rootkit to Stealthily Mask ToneShell MalwareA sophisticated cyberespionage campaign leveraging kernel-mode rootkit technology has been discovered targeting government organizations across Southeast and East Asia, with Myanmar and Thailand bearing the brunt of attacks. Security researchers identified a malicious driver deli…GBHACKERS.COM
30 DecAI's New Cyber ThreatsAI-powered threats are evolving rapidly, with new autonomous attack chains. The risk lies in the ability of AI to execute complex attacks independently. How will cybersecurity adapt to these AI-driven challenges? Subscribe to our podcasts: https://securityweekly.com/subscribe #AI…YOUTUBE.COM
30 DecThe Strategic Imperative for OT/IT ConvergenceOT/IT convergence is a strategic imperative, but introduces new cybersecurity risks. Learn why business leaders must secure their merged systems. The post The Strategic Imperative for OT/IT Convergence appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
30 DecZoom Stealer browser extensions harvest corporate meeting intelligenceA newly discovered campaign, which researchers call Zoom Stealer, is affecting 2.2 million Chrome, Firefox, and Microsoft Edge users through 18 extensions that collect online meeting-related data like URLs, IDs, topics, descriptions, and embedded passwords. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 1[−]
30 DecHow to Integrate AI into Modern SOC WorkflowsArtificial intelligence (AI) is making its way into security operations quickly, but many practitioners are still struggling to turn early experimentation into consistent operational value. This is because SOCs are adopting AI without an intentional approach to operational integr…THEHACKERNEWS.COM