Today's cybersecurity headlines are brought to you by ThreatPerspective
| Follow @EthHackingNews |
| Follow @EthHackingNews |
India has ordered major mobile device manufacturers to pre-install a government-backed cybersecurity app on all new phones within 90 days, in an effort to safeguard citizens from buying non-genuine handsets and tackle telecom fraud. The move comes as India joins the ranks of countries like Russia, which have mandated pre-installation of homegrown security apps to combat similar threats.
Published: Tue Dec 2 00:58:52 2025 by llama3.2 3B Q4_K_M
New Android Security Flaws: Google Patches 107 Vulnerabilities
Google has released a new monthly security update for the Android operating system, which addresses a total of 107 security flaws. The patch includes fixes for two high-severity vulnerabilities that have been exploited in the wild, including CVE-2025-48633 and CVE-2025-48572. Users are recommended to update their devices to the latest patch level as soon as possible.
Published: Tue Dec 2 02:15:19 2025 by llama3.2 3B Q4_K_M
Google's latest Android security update addresses two actively exploited flaws in the Framework component, as well as several critical vulnerabilities in the kernel and closed-source components. This update is a must-have for all Android users to protect their devices from exploitation.
Published: Tue Dec 2 04:48:18 2025 by llama3.2 3B Q4_K_M
SecAlerts revolutionizes vulnerability management by delivering actionable intelligence and risk analytics to security teams worldwide, empowering them to stay ahead of emerging threats and protect their organizations from costly breaches.
Published: Tue Dec 2 06:03:20 2025 by llama3.2 3B Q4_K_M
South Korea’s leading e-commerce platform, Coupang, has disclosed a significant data breach that exposed the personal information of nearly 34 million customers. The incident serves as a stark reminder of the growing cybersecurity threats in South Korea and the need for robust measures to protect sensitive customer data.
Published: Tue Dec 2 06:46:35 2025 by llama3.2 3B Q4_K_M
The University of Pennsylvania has confirmed a new data breach following an attack on its Oracle E-Business Suite servers. The attackers stole documents containing personal information from the platform in August 2025, exploiting a previously unknown zero-day flaw. This incident is part of a larger extortion campaign by Clop's ransomware gang, which has targeted numerous organizations worldwide.
Published: Tue Dec 2 07:11:20 2025 by llama3.2 3B Q4_K_M
A new study reveals that large language models may be vulnerable to "syntax hacking," where they prioritize grammatical patterns over actual meaning. This phenomenon can lead to incorrect responses and security vulnerabilities, highlighting the need for continued research into these powerful AI tools.
Published: Tue Dec 2 08:11:51 2025 by llama3.2 3B Q4_K_M
FTC slaps edtech vendor after breach exposes 10M students, demanding changes but no fines or criminal charges.
Published: Tue Dec 2 08:25:55 2025 by llama3.2 3B Q4_K_M
Iranian nation-state actors have been using a previously undocumented backdoor called MuddyViper to carry out targeted attacks against Israeli entities. The attack sequence begins with phishing emails containing PDF attachments that link to legitimate remote desktop tools, and the backdoor supports 20 commands that facilitate covert access and control of infected systems.
Published: Tue Dec 2 08:54:06 2025 by llama3.2 3B Q4_K_M
Google has released a comprehensive patch for 107 vulnerabilities in its Android operating system, including two high-severity zero-day exploits that have been actively targeted by attackers. The latest security update aims to improve the security of Android devices and protect its users from emerging threats.
Published: Tue Dec 2 09:02:46 2025 by llama3.2 3B Q4_K_M
Kensington and Chelsea Council data breach: A tangled web of shared IT systems and sensitive information
Published: Tue Dec 2 09:28:06 2025 by llama3.2 3B Q4_K_M
Cybercrime's subscription economy has transformed the way attackers rent tools, access, and infrastructure for malicious purposes. With advanced phishing tools, infostealer logs, and access brokers available at affordable prices, defenders are facing a new and significant challenge in staying one step ahead of these cybercriminals.
Published: Tue Dec 2 09:58:07 2025 by llama3.2 3B Q4_K_M
Rogue Cyber Operatives: The Lazarus Group's Remote-Worker Scheme Exposed reveals how North Korean cyber espionage entity Lazarus Group was able to infiltrate Western companies through fake job postings and remote IT workers. Read more about this complex threat operation exposed on camera.
Published: Tue Dec 2 10:14:33 2025 by llama3.2 3B Q4_K_M
GlassWorm, a notorious supply chain campaign known for its malicious activities, has reared its head once again with a devastating wave of 24 extensions impersonating popular developer tools and frameworks. The latest iteration of this campaign saw the attackers infiltrate both Microsoft Visual Studio Marketplace and Open VSX, two prominent platforms used by developers worldwide. To learn more about GlassWorm's destructive supply chain campaign and how it affects developers, read the full article.
Published: Tue Dec 2 10:36:23 2025 by llama3.2 3B Q4_K_M
Malicious npm packages have long been a source of concern for cybersecurity experts, as they can easily be uploaded to popular package repositories and spread like wildfire, bringing harm to unsuspecting users. Recently, a malicious npm package was discovered that attempts to influence artificial intelligence (AI)-driven security scanners, highlighting the ongoing cat-and-mouse game between threat actors and AI security tools. A new malicious package has been found to expose vulnerabilities in AI security tools, emphasizing the need for continued vigilance in the software supply chain.
Published: Tue Dec 2 10:51:12 2025 by llama3.2 3B Q4_K_M
In a recent series of attacks, MuddyWater has demonstrated its capabilities by targeting multiple sectors in Israel and one confirmed target in Egypt. The attackers have used advanced tools, including a custom-made loader called Fooder, to deploy their malware, dubbed MuddyViper. This article provides an in-depth analysis of the latest campaign, exploring the tactics, techniques, and procedures (TTPs) employed by MuddyWater and what they reveal about the group's evolving approach.
Published: Tue Dec 2 11:01:07 2025 by llama3.2 3B Q4_K_M
The takedown of Cryptomixer marks a significant victory in the global fight against cybercrime and cryptocurrency laundering. Europol's Operation Olympia resulted in the seizure of €25 million in Bitcoin and 12 terabytes of data, as well as the shutdown of three Swiss servers and the cryptomixer.io domain. This operation is a major milestone in Europol's efforts to combat cryptocurrency laundering services, highlighting the importance of cooperation between law enforcement agencies worldwide.
Published: Tue Dec 2 11:12:29 2025 by llama3.2 3B Q4_K_M
Clop's brazen approach to breaching Oracle's E-Business Suite has left many organizations scrambling to patch their systems and protect sensitive data. As more high-profile breaches emerge, it is becoming clear that these exploits are not isolated incidents, but rather part of a larger pattern of coordinated cyber attacks. Learn more about the growing concerns of cybersecurity breaches in this exclusive report.
Published: Tue Dec 2 12:01:48 2025 by llama3.2 3B Q4_K_M
India has taken a tough stance against messaging app fraud by requiring all communication service providers to link users' mobile numbers with their SIM cards. This move is aimed at combating phishing, scams, and cyber fraud, which have become increasingly prevalent in India.
Published: Tue Dec 2 12:59:24 2025 by llama3.2 3B Q4_K_M
Google has released its December Android security bulletin, highlighting several high-severity vulnerabilities that have been patched. The release serves as a reminder of the importance of keeping software up-to-date and taking steps to protect against known vulnerabilities.
Published: Tue Dec 2 13:15:45 2025 by llama3.2 3B Q4_K_M
The Shai-Hulud 2.0 NPM malware attack has exposed over 400,000 sensitive secrets belonging to developers worldwide, highlighting the growing threat of supply chain attacks in the software development industry. As experts warn, this type of attack could have been prevented if infected packages had been identified and neutralized earlier on.
Published: Tue Dec 2 13:34:38 2025 by llama3.2 3B Q4_K_M
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added Android Framework flaws to its Known Exploited Vulnerabilities catalog, highlighting the growing concern over the security of Android devices. Two high-severity vulnerabilities have been identified, which were found in the Android Framework and are currently under limited, targeted exploitation.
Published: Tue Dec 2 15:43:35 2025 by llama3.2 3B Q4_K_M
In a significant move, Korea's National Police have arrested four individuals suspected of hacking over 120,000 IP cameras across the country and selling stolen footage to a foreign adult site. The operation highlights the growing problem of hacked IP cameras and the need for individuals to take proactive steps to safeguard themselves against cyber threats.
Published: Tue Dec 2 15:55:25 2025 by llama3.2 3B Q4_K_M
A recent test launch of Russia's RS-28 Sarmat missile has failed, raising concerns about the stability and reliability of Moscow's nuclear deterrence capabilities. The incident highlights the need for greater transparency and accountability within Russia's military-industrial complex and underscores the imperative to address technical issues that threaten the country's ability to project power.
Published: Tue Dec 2 18:11:04 2025 by llama3.2 3B Q4_K_M
Iranian nation-state hackers have employed the MuddyViper backdoor in targeted attacks against Israeli entities across various sectors, as part of a broader campaign by Iranian group known as MuddyWater (aka Mango Sandstorm or TA450). This latest development highlights the sophistication and adaptability of Iranian APT groups, emphasizing the importance of robust cybersecurity measures to prevent such breaches.
Published: Tue Dec 2 20:42:01 2025 by llama3.2 3B Q4_K_M
The Indian government has confirmed that eight major airports in the country have been subjected to GPS spoofing and jamming incidents since 2023. This revelation highlights the importance of securing critical infrastructure such as airports and underscores the need for vigilance and proactive measures to prevent such incidents from occurring in the future.
Published: Tue Dec 2 21:07:42 2025 by llama3.2 3B Q4_K_M
A Japanese e-tailer has been hit by a ransomware attack, leaving its online sales crippled for nearly five weeks. The company's Warehouse Management System was compromised, forcing it to suspend logistics services and shut down its website. Askul's experience highlights the importance of robust cybersecurity measures in e-commerce businesses.
Published: Wed Dec 3 00:56:06 2025 by llama3.2 3B Q4_K_M
A Japanese e-commerce company has resumed partial sales on its platform 45 days after a devastating ransomware attack, highlighting the complex challenges faced by organizations in their post-attack recoveries. This incident underscores the importance of robust disaster recovery systems and the need for companies to continually test these measures.
Published: Wed Dec 3 01:10:05 2025 by llama3.2 3B Q4_K_M
Picklescan, a widely used tool for detecting suspicious imports or function calls in Python pickle files, has been found to be vulnerable to critical security flaws. The three identified vulnerabilities could potentially allow malicious actors to execute arbitrary code by loading untrusted PyTorch models, effectively bypassing the tool's protections.
Published: Wed Dec 3 03:49:50 2025 by llama3.2 3B Q4_K_M
Malicious Rust crates have targeted Windows, macOS, and Linux systems, delivering OS-specific malware via vulnerabilities in the Ethereum ecosystem. The packages were downloaded thousands of times before being removed from a repository due to their malicious nature. Learn more about this emerging threat vector and how developers can protect themselves.
Published: Wed Dec 3 04:06:03 2025 by llama3.2 3B Q4_K_M
India has mandated that all providers of messaging apps work only with active SIM cards linked to users' phone numbers to curb phishing, scams, and cyber-fraud. The new rule comes as part of the Department of Telecommunications (DoT) efforts to combat rising fraud scams on messaging platforms. By implementing this measure, India aims to provide greater protection for its citizens against SIM-based phishing and other types of cyber-fraud.
Published: Wed Dec 3 04:12:57 2025 by llama3.2 3B Q4_K_M
Windows 11 adoption has been slower than expected, particularly among enterprises, due to the challenges of transitioning from older versions of Windows 10. With the end-of-support push for many versions of Windows 10 looming, it remains to be seen how Microsoft's latest operating system will gain traction in the market.
Published: Wed Dec 3 06:57:23 2025 by llama3.2 3B Q4_K_M
Artificial intelligence-powered phishing tools are redefining the threat landscape of cybercrime, making it increasingly challenging for organizations to detect and respond to attacks. A recent webinar exposed the latest AI-powered phishing tools and highlighted the need for a proactive approach to identity protection and defense strategy shifts.
Published: Wed Dec 3 07:04:41 2025 by llama3.2 3B Q4_K_M
AI is transforming the way security professionals work, but it's not a replacement for human judgment and creativity. Instead, it's a tool that needs to be understood and harnessed to achieve better outcomes. By building or tuning their own AI-assisted workflows, security professionals can regain influence over the logic shaping their environment and make more informed decisions.
Published: Wed Dec 3 07:12:51 2025 by llama3.2 3B Q4_K_M
The University of Phoenix has joined a growing list of U.S. universities breached in a Clop data theft campaign targeting vulnerable Oracle E-Business Suite instances in August 2025, exposing sensitive personal and financial information belonging to students, staff, and suppliers.
Published: Wed Dec 3 07:50:33 2025 by llama3.2 3B Q4_K_M
A critical flaw in React and Next.js libraries has led to widespread exploitation by China-linked threat actors, highlighting the need for organizations to address this issue promptly. The React2Shell vulnerability allows remote code execution without authentication or authorization, posing a significant threat to businesses worldwide.
Published: Fri Dec 5 08:32:40 2025 by llama3.2 3B Q4_K_M
Asus supplier hit by ransomware attack as Everest gang claims 1 TB haul. A recent incident involving the company's supplier has highlighted the risks faced by tech companies, emphasizing the need for robust cybersecurity measures and greater transparency and accountability when dealing with supply chain security issues.
Published: Fri Dec 5 09:07:40 2025 by llama3.2 3B Q4_K_M
A newly disclosed React2Shell vulnerability has been exploited globally by Chinese hackers. The critical flaw allows unauthenticated remote code execution, posing significant risks to global cyber security. Organizations with systems affected by this vulnerability are urged to take immediate action to patch and secure their environments.
Published: Fri Dec 5 09:26:49 2025 by llama3.2 3B Q4_K_M
Apache Tika vulnerability has been disclosed and patched, but other recent updates are also available for different software applications and tools that may be affected by similar vulnerabilities.
Published: Fri Dec 5 11:11:54 2025 by llama3.2 3B Q4_K_M
A new attack technique has been discovered that exploits vulnerabilities inherent to agentic browser agents and large language model (LLM) assistants to wreak havoc on user data. Dubbed "Zero-Click Agentic Browser Attack," this technique uses sequencing, tone, and LLM-powered assistants to automate routine tasks without explicit human input or consent. With its lack of reliance on traditional attack techniques, this attack presents a significant threat to users who rely on these technologies in their daily lives.
Published: Fri Dec 5 12:27:55 2025 by llama3.2 3B Q4_K_M
A major UK healthcare provider has disclosed a massive data breach after being hacked by Clop ransomware actors. The breach exposed sensitive patient information and highlights the importance of robust cybersecurity measures in protecting against zero-day exploits.
Published: Fri Dec 5 13:04:30 2025 by llama3.2 3B Q4_K_M
Cloudflare's recent network failure was caused by changes to its React2Shell fix, which triggered a global outage. The vulnerability allows remote attackers to execute malicious code on vulnerable instances without requiring authentication.
Published: Fri Dec 5 15:58:30 2025 by llama3.2 3B Q4_K_M
Criminals are using fake images and videos to scam people, including posting real missing person info online, and exploiting weaknesses in remote worker scams, according to a recent FBI alert.
Published: Fri Dec 5 17:31:42 2025 by llama3.2 3B Q4_K_M
A maximum-severity XXE vulnerability has been discovered in Apache Tika, exposing sensitive internal resources. This critical exploit allows attackers to inject malicious code into the toolkit, compromising its security. Users who rely on Apache Tika are advised to install updates immediately to prevent potential breaches.
Published: Fri Dec 5 18:48:50 2025 by llama3.2 3B Q4_K_M
A new cyber threat has been identified as posing a significant risk to public sector and IT infrastructure. Brickstorm malware, attributed to state-sponsored actors, has already shown its capabilities in evading detection by traditional security systems, highlighting the need for immediate action to mitigate its impact.
Published: Sat Dec 6 05:17:03 2025 by llama3.2 3B Q4_K_M
A growing concern for national security has come to light in recent revelations, exposing a complex web of intrigue that threatens to undermine democracy. From state-sponsored hacking campaigns to the increasing reliance on AI, the implications are far-reaching and profound.
Published: Sat Dec 6 05:47:08 2025 by llama3.2 3B Q4_K_M
A critical security flaw has been discovered in the React Server Components (RSC), which has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency (CISA). This vulnerability, tracked as CVE-2025-55182, is a remote code execution vulnerability that can be triggered by an unauthenticated attacker without requiring any special setup. To address this vulnerability, it is imperative to update software to the latest version and implement robust security measures to prevent exploitation.
Published: Sat Dec 6 05:57:35 2025 by llama3.2 3B Q4_K_M
New Flaws Discovered in AI Coding Tools: A Threat to Data Security and Remote Code Execution
Researchers have uncovered over 30 security vulnerabilities in various AI-powered Integrated Development Environments (IDEs), which can be exploited to enable data theft and remote code execution attacks. The discovery highlights the importance of "Secure for AI," a new paradigm that emphasizes securing AI features from the ground up.
Published: Sat Dec 6 10:32:31 2025 by llama3.2 3B Q4_K_M
Attackers have launched a coordinated campaign targeting Palo Alto Networks' GlobalProtect portals and SonicWall APIs, using identical fingerprints across seemingly separate events. This attack highlights the importance of monitoring authentication surfaces and applying dynamic blocking measures to prevent unauthorized access. With its sophisticated tooling and cross-infrastructure relationships, this attack poses a significant threat to the security of critical systems. Stay vigilant and take proactive measures to protect against such attacks.
Published: Sat Dec 6 10:46:09 2025 by llama3.2 3B Q4_K_M
A new wave of VPN login attempts has been observed targeting Palo Alto GlobalProtect portals, with attacks originating from over 7,000 IP addresses operated by a German IT company. The attackers employed bruteforce login attempts and scanning activity against SonicWall SonicOS API endpoints, suggesting a coordinated effort to compromise the security of affected organizations.
Published: Sat Dec 6 12:41:42 2025 by llama3.2 3B Q4_K_M
A critical React2Shell remote code execution flaw (CVE-2025-55182) has exposed over 77k IP addresses to potential breaches across multiple sectors, with attackers already compromising more than 30 organizations worldwide. To mitigate the damage, developers must update React immediately and rebuild their applications.
Published: Sat Dec 6 13:19:13 2025 by llama3.2 3B Q4_K_M
The recent Porsche outage in Russia highlights the vulnerabilities present in connected vehicle security systems. The incident, which has left hundreds of cars undrivable, underscores the importance of robust security measures and incident response in addressing such risks. This article provides a detailed analysis of the incident and its implications for the automotive industry.
Published: Sun Dec 7 08:47:36 2025 by llama3.2 3B Q4_K_M
Recent vulnerabilities, breaches, and exploits highlight the ongoing surge in cyber threats, emphasizing the need for swift patching, robust security measures, and heightened awareness to mitigate these risks.
Published: Sun Dec 7 12:50:19 2025 by llama3.2 3B Q4_K_M
The threat landscape is becoming increasingly complex, with high-profile breaches and malware variants emerging regularly. Recent updates from various sources reveal a plethora of malicious activities, from targeted spear-phishing campaigns to attacks on critical infrastructure. This article provides an overview of the latest developments in cybersecurity and highlights the need for organizations and individuals to prioritize security measures.
Published: Sun Dec 7 13:46:27 2025 by llama3.2 3B Q4_K_M
Portugal has updated its cybercrime law to provide a legal safe haven for good-faith security researchers. The new provision sets out specific conditions that must be met to avoid prosecution, including that researchers aim solely at identifying vulnerabilities not created by them and report the vulnerability to the system owner and relevant data controller.
Published: Sun Dec 7 14:04:35 2025 by llama3.2 3B Q4_K_M
China's recent explosion of its reusable rocket may have seemed like a minor setback in the world of space exploration, but it highlights the pressing issue of cybersecurity that affects us all.
Published: Sun Dec 7 20:09:46 2025 by llama3.2 3B Q4_K_M
Gartner warns that using AI browsers poses significant security risks due to potential data exposure unless proper measures are taken to secure them. The analyst firm advises blocking AI browsers until these risks can be mitigated.
Published: Sun Dec 7 23:04:13 2025 by llama3.2 3B Q4_K_M
MuddyWater, a notorious Iranian hacking group, has recently deployed a new backdoor dubbed UDPGangster as part of its targeted campaign against users in Turkey, Israel, and Azerbaijan. The UDPGangster backdoor uses macro-based droppers for initial access and incorporates extensive anti-analysis routines to evade detection. Users and organizations should remain cautious of unsolicited documents, particularly those requesting macro activation.
Published: Mon Dec 8 01:26:19 2025 by llama3.2 3B Q4_K_M
U.S. CISA Adds React Server Components Flaw to Known Exploited Vulnerabilities Catalog: A Cautionary Tale of Software Security
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a Meta React Server Components flaw, tracked as CVE-2025-55182 (CVSS Score of 10.0), to its Known Exploited Vulnerabilities catalog. This addition serves as a stark reminder of the importance of regularly updating software and being vigilant about security vulnerabilities in widely used technologies.
Published: Mon Dec 8 03:47:47 2025 by llama3.2 3B Q4_K_M
A critical Sneeit WordPress RCE vulnerability has been actively exploited in the wild, while a critical ICTBroadcast bug has fueled Frost Botnet attacks. The exploitation of these vulnerabilities underscores the importance of vigilance and proactive measures in maintaining cybersecurity.
Published: Mon Dec 8 04:02:47 2025 by llama3.2 3B Q4_K_M
Android banking malware has long been a thorn in the side of mobile device users, but recent developments have brought to light three new threats that are capable of stealing sensitive data with unprecedented ease. Read on to learn more about FvncBot, SeedSnatcher, and ClayRat, the latest Android malware families threatening data theft.
Published: Mon Dec 8 05:18:36 2025 by llama3.2 3B Q4_K_M
Barts Health NHS Trust has confirmed that patient and staff data was stolen by the Russia-linked extortion crew Clop after exploiting a vulnerability in Oracle EBS. The trust is now taking legal action to prevent the publication of the stolen files, but it faces an uphill battle against a determined ransomware gang.
Published: Mon Dec 8 05:31:06 2025 by llama3.2 3B Q4_K_M
The UK government's failure to disclose significant biases in police facial recognition technology has sparked outrage among civil liberties groups and data protection advocates. The controversy raises questions about transparency and accountability in the use of biometric technologies and highlights the need for greater oversight and regulation.
Published: Mon Dec 8 06:27:19 2025 by llama3.2 3B Q4_K_M
As the holiday season approaches, retailers are bracing themselves for a surge in sales and customer traffic. However, this time of year also brings with it a unique set of cybersecurity threats that can compromise even the most robust defenses. In recent weeks, several high-profile incidents have highlighted the importance of being prepared for these types of attacks. Learn more about how to avoid the retail apocalypse and stay ahead of the latest cybersecurity threats.
Published: Mon Dec 8 07:18:06 2025 by llama3.2 3B Q4_K_M
A recent vulnerability known as CVE-2025-55182, also referred to as the React2Shell flaw, has been exploited by multiple China-linked threat actors within hours of its disclosure. The pre-authentication remote code execution vulnerability exists in various versions of React Server Components, which have been addressed through subsequent updates. Organizations running React or Next.js applications must take immediate action and update their software to minimize the risk of exploitation.
Published: Mon Dec 8 07:50:51 2025 by llama3.2 3B Q4_K_M
The UK has unveiled a comprehensive program to secure its undersea cables, incorporating autonomous vessels, crewed warships, and aircraft in an effort to counter escalating Russian surveillance activities. This initiative aims to create a revolutionary underwater network and is seen as a vital component of the country's national security strategy.
Published: Mon Dec 8 08:08:23 2025 by llama3.2 3B Q4_K_M
A growing concern over end-to-end encryption and cybersecurity has sparked questions about national security and trust in technology. From smart devices to cloud storage, our reliance on technology has grown exponentially, but so have concerns regarding data protection and cybersecurity.
Published: Mon Dec 8 08:37:02 2025 by llama3.2 3B Q4_K_M
The recent Barts Health NHS breach, which was carried out using a zero-day exploit in Oracle E-Business Suite (EBS), highlights the importance of robust cybersecurity measures and awareness. The breach, attributed to the Clop ransomware group, saw the theft of sensitive data including patient information, employee data, and supplier information. To prevent similar breaches, it is essential for healthcare organizations to implement and maintain up-to-date cybersecurity defenses and educate IT professionals on zero-day exploits.
Published: Mon Dec 8 09:49:01 2025 by llama3.2 3B Q4_K_M
Google Chrome Unveils New Security Layer for Agentic AI Browsing: A Comprehensive Defense Against Indirect Prompt Injection. In response to emerging threats in agentic AI browsing, Google has introduced a new defense layer designed to protect its upcoming Gemini-powered features from indirect prompt injection attacks.
Published: Mon Dec 8 12:14:02 2025 by llama3.2 3B Q4_K_M
The FBI has issued a public service announcement (PSA) warning about virtual kidnapping scams that use altered online photos to pose as kidnappers and demand ransom payments. These scammers target individuals and families, often threatening violence if their demands are not met. By being aware of the red flags and taking steps to protect themselves, individuals can reduce their risk of falling victim to these scams and help keep communities safe from cybercrime.
Published: Mon Dec 8 12:46:50 2025 by llama3.2 3B Q4_K_M
Violence-as-a-Service: The Rise of Cybercrime-Infused Terrorism in Europe - A growing threat to public safety, with law enforcement agencies across Europe working tirelessly to dismantle networks and bring perpetrators to justice.
Published: Mon Dec 8 13:00:36 2025 by llama3.2 3B Q4_K_M
A new malware campaign has been uncovered that uses compromised websites to deploy a remote access trojan (RAT) named NetSupport RAT. The attack chain involves an obfuscated JavaScript loader, an HTML Application (HTA) that runs encrypted PowerShell stagers using "mshta.exe," and a PowerShell payload designed to download and execute the main malware. Experts warn of the importance of deploying strong defenses against such attacks.
Published: Mon Dec 8 13:09:09 2025 by llama3.2 3B Q4_K_M
Poland has arrested three Ukrainian nationals who were allegedly attempting to damage its IT systems using advanced hacking equipment. The suspects claimed to be IT specialists, but were found carrying devices that could be used to interfere with Poland's strategic IT systems. Follow this story for more updates as the investigation unfolds.
Published: Mon Dec 8 13:19:06 2025 by llama3.2 3B Q4_K_M
Simu Liu's brain has been hacked in the new sci-fi spy show "The Copenhagen Test," which premieres December 27th on Peacock. Ahead of his next appearance in "Avengers: Doomsday," Liu must navigate a complex web of espionage and counter-espionage as he tries to uncover the truth behind his character's brain hacking.
Published: Mon Dec 8 14:29:23 2025 by llama3.2 3B Q4_K_M
A new report by the Financial Crimes Enforcement Network reveals that ransomware gangs earned over $2.1 billion from January 2022 to December 2024, but law enforcement operations have led to a significant decrease in attacks and earnings.
Published: Mon Dec 8 15:16:42 2025 by llama3.2 3B Q4_K_M
Malicious VSCode extensions have been discovered that can infect machines with information-stealing malware, compromising sensitive data such as screenshots, credentials, cryptocurrency wallets, and hijacked browser sessions. These extensions masquerade as legitimate themes and AI assistants and were published under the developer name 'BigBlack.' Developers must remain vigilant when installing new extensions and take steps to protect themselves against these types of threats.
Published: Mon Dec 8 16:35:08 2025 by llama3.2 3B Q4_K_M
Ransomware gangs have turned to a packer-as-a-service platform named Shanya to evade detection, using it to deploy payloads that disable endpoint detection and response solutions on victim systems. This development has significant implications for cybersecurity, as it allows these malicious actors to carry out their nefarious activities with relative impunity.
Published: Mon Dec 8 18:07:43 2025 by llama3.2 3B Q4_K_M
Ransomware has reached unprecedented levels, with $4.5 billion in payments reported by FinCEN in 2023 alone. The rise of this threat highlights the need for proactive cybersecurity measures to protect organizations worldwide from devastating financial losses.
Published: Mon Dec 8 18:47:25 2025 by llama3.2 3B Q4_K_M
The United Kingdom government has rejected the estimated cost of its digital identity scheme, citing a delay in consultation on the project's scope and implementation timeline. The decision raises concerns about the feasibility and potential impact on citizens' privacy and data security.
Published: Tue Dec 9 03:54:06 2025 by llama3.2 3B Q4_K_M
STAC6565: The Canada-Targeted Ransomware Campaign Blurring the Lines Between Cyber Espionage and Ransomware. In recent months, a sophisticated threat actor known as STAC6565 has been actively targeting Canadian organizations with a campaign of high-profile ransomware attacks.
Published: Tue Dec 9 04:04:04 2025 by llama3.2 3B Q4_K_M
A Troubling Convergence: State Tax Cuts and the Devastating Consequences for SNAP and Medicaid
Published: Tue Dec 9 04:31:01 2025 by llama3.2 3B Q4_K_M
The United Kingdom has taken a significant step towards revisiting its 35-year-old Computer Misuse Act, which has been criticized for leaving cybersecurity researchers vulnerable to prosecution. The proposed changes aim to safeguard researchers while still prohibiting harmful activities and ensuring that research is conducted in good faith. With Portugal's amendment serving as a model, the UK government is expected to update its legislation to support its national effort to harden cybersecurity.
Published: Tue Dec 9 04:39:03 2025 by llama3.2 3B Q4_K_M
Polish Police arrest 3 Ukrainians for possessing advanced hacking tools in a daring operation that left cybersecurity experts stunned. The trio was found carrying high-tech equipment, including Flipper Zero, a portable multi-tool for pentesters and geeks. They face serious charges, including fraud and computer fraud, and will remain in detention while the investigation continues.
Published: Tue Dec 9 04:49:05 2025 by llama3.2 3B Q4_K_M
In an effort to bolster security and reduce the attack surface, organizations have been adopting Zero Trust architectures. However, one of the major challenges that companies face in implementing Zero Trust is the lack of interoperability between various security tools. The Shared Signals Framework (SSF) aims to address this challenge by providing a standardized way for security events to be exchanged. By utilizing Tines' workflow orchestration and AI platform, teams can create a more reliable and efficient Zero Trust architecture that delivers real-time device-compliance updates and access decisions in response to emerging threats.
Published: Tue Dec 9 07:49:32 2025 by llama3.2 3B Q4_K_M
Google has taken significant strides in bolstering the security of its Chrome browser with a new set of features designed to combat indirect prompt injection threats. The company's latest developments focus on the implementation of layered defenses, including the User Alignment Critic, which ensures that agents remain aligned with user goals and prevent rogue actions. With these enhancements, Google aims to provide users with an even safer web browsing experience as it continues to innovate in the realm of browser security.
Published: Tue Dec 9 07:57:21 2025 by llama3.2 3B Q4_K_M
The United Kingdom has issued a strong warning about the growing threat of information warfare in Europe, urging European nations to work together to counter this menace. The UK believes that Russia is behind some of the most robust online misinformation networks currently operating, and that it is essential for European nations to come together to address this issue.
Published: Tue Dec 9 08:06:38 2025 by llama3.2 3B Q4_K_M
A new threat actor known as Storm-0249 has escalated its ransomware attacks by adopting more advanced tactics, including ClickFix social engineering and DLL sideloading. By leveraging the trust associated with signed processes, the threat actor is able to execute malicious commands and establish persistent access to networks, making it essential for cybersecurity teams to stay vigilant and implement effective measures to prevent these attacks.
Published: Tue Dec 9 08:43:27 2025 by llama3.2 3B Q4_K_M
As humanoid robots become increasingly sophisticated and widespread, experts warn of a looming security threat that could disrupt society. With 3 billion units expected to be in use by 2060, the need for secure protocols and measures is urgent.
Published: Tue Dec 9 09:09:45 2025 by llama3.2 3B Q4_K_M
Ransomware gangs have been exploiting endpoint detection and response (EDR) solutions to launch stealthy malware attacks. A recent case, attributed to Storm-0249, demonstrates how attackers are leveraging trusted EDR components to evade security tools and establish persistence on compromised systems. As a result, system administrators must prioritize behavior-based detection and implement stricter controls for suspicious activities to prevent future attacks.
Published: Tue Dec 9 09:27:57 2025 by llama3.2 3B Q4_K_M
The Broadside botnet has emerged as a new threat actor targeting the maritime logistics sector, using a command injection vulnerability (CVE-2024-3721) in TBK Vision digital video recorders to compromise devices on vessels. The malware poses significant risks to shipping firms and could have far-reaching consequences for global supply chains and shipping operations.
Published: Tue Dec 9 09:51:41 2025 by llama3.2 3B Q4_K_M
North Korean hackers have recently exploited a critical vulnerability in the React Server Components (RSC) "Flight" protocol, known as React2Shell, to launch a sophisticated campaign of malware attacks. The attackers used a new malware implant called EtherRAT, which leverages Ethereum smart contracts for communication with the attacker and has extremely aggressive persistence on Linux systems. At least 30 organizations across multiple sectors have been breached, including those in the US, China, and Europe. In light of this recent campaign, system administrators are advised to upgrade to a safe React/Next.js version as soon as possible to protect against potential attacks.
Published: Tue Dec 9 10:03:36 2025 by llama3.2 3B Q4_K_M
A new threat actor, GrayBravo, has emerged as a significant player in the cybercrime landscape, leveraging a malware loader known as CastleLoader to expand its operations and distribute various malicious payloads. According to Recorded Future's Insikt Group, GrayBravo has been identified as a sophisticated threat actor that utilizes rapid development cycles, technical sophistication, responsiveness to public reporting, and an expansive infrastructure to operate.
Published: Tue Dec 9 10:51:10 2025 by llama3.2 3B Q4_K_M
Porsche owners in Russia were left stranded when hundreds of high-end vehicles were rendered immobile due to a mysterious failure of their satellite-based tracking systems. But was it a cyberattack or simply a technical glitch? Porsche has denied any involvement in the incident, citing the importance of cybersecurity for their vehicles. Explore the details behind this bizarre incident and what it reveals about the security of connected cars.
Published: Tue Dec 9 11:33:32 2025 by llama3.2 3B Q4_K_M
Top tech companies release critical security updates to address growing threat landscape, as hackers continually seek new ways to exploit vulnerabilities in software applications.
Published: Tue Dec 9 12:42:45 2025 by llama3.2 3B Q4_K_M
Fortinet has warned of two critical vulnerabilities in its products that could allow attackers to bypass FortiCloud SSO authentication. These flaws highlight the need for organizations to prioritize their cybersecurity efforts and take proactive steps to address potential weaknesses.
Published: Tue Dec 9 12:55:07 2025 by llama3.2 3B Q4_K_M
North Korea-linked actors have successfully exploited a recently disclosed critical security vulnerability in React Server Components (RSC) known as React2Shell, to deploy a new remote access trojan dubbed EtherRAT. The attackers are believed to be using the newly discovered flaw to gain unauthorized access to systems and maintain persistent access for long-term operations.
Published: Tue Dec 9 13:18:11 2025 by llama3.2 3B Q4_K_M
Microsoft has released the KB5071546 extended security update for Windows 10, addressing 57 security vulnerabilities, including three zero-day flaws. This mandatory update provides a significant boost to the security posture of Windows 10 users.
Published: Tue Dec 9 14:00:26 2025 by llama3.2 3B Q4_K_M
The rise of AI agents has highlighted pressing concerns regarding their impact on identity access management. As organizations seek to navigate these complexities, key players like Okta and Forrester are emerging as leaders in establishing secure architectures for managing these autonomous digital entities.
Published: Tue Dec 9 15:57:03 2025 by llama3.2 3B Q4_K_M
SAP has released its December 2025 security updates, addressing 14 vulnerabilities across various products, including three critical-severity flaws. These patches are aimed at mitigating potential attacks on SAP solutions that are deeply embedded in enterprise environments and manage sensitive, high-value workloads.
Published: Tue Dec 9 16:52:05 2025 by llama3.2 3B Q4_K_M
Ivanti has warned its customers about a newly disclosed vulnerability in its Endpoint Manager (EPM) solution, which allows an unauthenticated attacker to execute arbitrary JavaScript code remotely. This vulnerability poses a significant threat to the security of Ivanti EPM users and highlights the importance of staying up-to-date with the latest security patches and vulnerability disclosures.
Published: Tue Dec 9 17:07:52 2025 by llama3.2 3B Q4_K_M
Microsoft has released its latest Patch Tuesday update, fixing over 56 vulnerabilities in its Windows operating systems and supported software, including one zero-day bug that is already being exploited by threat actors. The patch batch includes fixes for critical bugs in Microsoft Office and Outlook as well as non-critical privilege escalation bugs. Cybersecurity experts urge users to apply the patches as soon as possible to prevent potential security breaches.
Published: Tue Dec 9 17:30:30 2025 by llama3.2 3B Q4_K_M
Fortinet, Ivanti, and SAP have issued urgent patches to address critical security flaws in their products that, if successfully exploited, could result in an authentication bypass and code execution. These patches are essential for protecting systems from potential threats.
Published: Tue Dec 9 22:59:12 2025 by llama3.2 3B Q4_K_M
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog, highlighting the ongoing risk posed by unpatched software vulnerabilities. Experts urge organizations to review the catalog and address identified vulnerabilities as soon as possible.
Published: Wed Dec 10 03:48:04 2025 by llama3.2 3B Q4_K_M
The latest Patch Tuesday update has highlighted a growing number of critical vulnerabilities that have emerged recently. In this article, we will delve into the details of these vulnerabilities and their implications for cybersecurity. We will explore the command injection vulnerability in Windows PowerShell (CVE-2025-54100) as well as the similar vulnerability in GitHub Copilot for JetBrains (CVE-2025-64671). Furthermore, we will examine the impact of IDEsaster, a set of security vulnerabilities collectively named by security researcher Ari Marzouk. The article will conclude with an overview of the comprehensive patch released by Microsoft for 56 security flaws in various Windows products and its implications for cybersecurity.
Published: Wed Dec 10 04:04:32 2025 by llama3.2 3B Q4_K_M
The world of cloud security is complex and rapidly evolving, with a plethora of vulnerabilities and threats emerging on a daily basis. Stay informed about the latest developments and take a proactive approach to securing your systems to reduce your risk of falling victim to emerging threats.
Published: Wed Dec 10 06:07:55 2025 by llama3.2 3B Q4_K_M
A critical vulnerability in WinRAR has been added to the Known Exploited Vulnerabilities (KEV) catalog by CISA, citing evidence of active exploitation. Despite being patched, the vulnerability remains a concern due to its potential impact on organizations. Organizations are required to apply the necessary fixes by December 30, 2025, to secure their networks and prevent potential exploitation.
Published: Wed Dec 10 06:23:57 2025 by llama3.2 3B Q4_K_M
A 33-year-old Ukrainian national has been charged with helping Russian hacktivist groups carry out cyberattacks on critical infrastructure worldwide. The indictment marks a significant escalation in the global fight against these groups.
Published: Wed Dec 10 06:41:20 2025 by llama3.2 3B Q4_K_M
NATO's Cyber Coalition Exercise: A Test of International Cooperation in the Face of Modern Cyber Threats
Published: Wed Dec 10 06:53:00 2025 by llama3.2 3B Q4_K_M
PCI 5.0+ systems are vulnerable to serious risks due to newly discovered weaknesses in the integrity and data encryption protocol. A recent advisory has highlighted three security vulnerabilities that could lead to information disclosure, escalation of privilege, or denial of service, especially if an attacker gains physical access to the targeted computer's PCIe interface.
Published: Wed Dec 10 08:58:46 2025 by llama3.2 3B Q4_K_M
A new phishing kit, dubbed "Spiderman," has been discovered by researchers at Varonis that is targeting customers of numerous European banks and cryptocurrency services. The platform allows cybercriminals to launch phishing campaigns that can capture login credentials, two-factor authentication (2FA) codes, and credit card data.
Published: Wed Dec 10 09:06:43 2025 by llama3.2 3B Q4_K_M
A complex web of deceit has been revealed in recent months, with high-profile cyber breaches and espionage incidents highlighting the ongoing battle against online threats. This article delves into some of these incidents, shedding light on the methods employed by malicious actors and the measures being taken to counter them.
Published: Wed Dec 10 09:36:37 2025 by llama3.2 3B Q4_K_M
The recent release of over 20,000 documents related to Jeffrey Epstein has sparked widespread debate and controversy, highlighting the need for greater transparency and accountability in government. As lawmakers continue to release these documents, they must prioritize transparency and accountability to ensure that those in power are held accountable for their actions.
Published: Wed Dec 10 09:45:01 2025 by llama3.2 3B Q4_K_M
A new backdoor code-named EtherRAT has been linked to North Korea and is believed to have been deployed via a vulnerability in React2Shell. This sophisticated RAT combines techniques from multiple past campaigns and uses Ethereum smart contracts for command and control, making it a significant threat to global cybersecurity.
Published: Wed Dec 10 09:53:53 2025 by llama3.2 3B Q4_K_M
The Role of Risk Operations Centers in Protecting Value at Risk: A Comprehensive Approach to Cybersecurity
As organizations face new threats and challenges, they are turning to Risk Operations Centers as a critical component of their cybersecurity strategy. By prioritizing value at risk and taking a proactive approach to managing potential threats, organizations can build a more robust and resilient cybersecurity posture that protects their most valuable assets.
Published: Wed Dec 10 10:09:26 2025 by llama3.2 3B Q4_K_M
In a shocking discovery, two individuals linked to China's Salt Typhoon hacker group have been found to have received training from the Cisco Networking Academy. This revelation raises questions about the role of technology companies in the world of cybersecurity and highlights the challenges of detecting and preventing cyber threats in a globalized market. As we move forward, it is essential that we continue to explore ways to improve our defenses against cyber threats and promote greater cooperation between governments, technology companies, and cybersecurity experts.
Published: Wed Dec 10 11:13:33 2025 by llama3.2 3B Q4_K_M
A .NET security flaw has left many enterprise-grade applications vulnerable to remote code execution attacks, despite Microsoft's refusal to fix the bug. This raises questions about user responsibility in handling untrusted inputs and Microsoft's approach to vulnerability reporting.
Published: Wed Dec 10 11:43:02 2025 by llama3.2 3B Q4_K_M
A Ukrainian woman has been extradited to the US and will stand trial in early 2026 for her role in hacking into US public drinking water systems and a meat processing facility on behalf of Kremlin-backed cyber groups. The charges bring Dubranova, 33, face up to 27 years in prison if convicted of the charges brought against her.
Published: Wed Dec 10 12:12:34 2025 by llama3.2 3B Q4_K_M
React2Shell Exploitation Delivers Cryptocurrency Miners and New Malware Across Multiple Sectors: A Comprehensive Analysis
A critical vulnerability discovered in React Server Components (RSC) has been exploited by threat actors to deliver cryptocurrency miners and an array of previously undocumented malware families across multiple sectors. This development marks a significant concern for organizations relying on react-server-dom-webpack, react-server-dom-parcel, or react-server-dom-turbopack, as they are advised to update immediately due to the "potential ease of exploitation and the severity of the vulnerability." The threat actors have leveraged automated exploitation tooling to deploy Linux-specific payloads on Windows endpoints, indicating a lack of differentiation between target operating systems. PeerBlight, CowTunnel, and ZinFoq are some of the malware families that have been identified in these attacks. Organizations are advised to take immediate action to patch their systems and protect themselves against this new threat.
Published: Wed Dec 10 14:39:25 2025 by llama3.2 3B Q4_K_M
| Follow @EthHackingNews |