ICYMI: 2025-12-10
Latest Headlines
React2Shell Exploitation Delivers Crypto Miners and New Malware Across Multiple Sectors
.NET SOAPwn Flaw Opens Door for File Writes and Remote Code Execution via Rogue WSDL
Three PCIe Encryption Weaknesses Expose PCIe 5.0+ Systems to Faulty Data Handling
Webinar: How Attackers Exploit Cloud Misconfigurations Across AWS, AI Models, and Kubernetes
Warning: WinRAR Vulnerability CVE-2025-6218 Under Active Attack by Multiple Threat Groups
Microsoft Issues Security Fixes for 56 Flaws, Including Active Exploit and Two Zero-Days
Fortinet, Ivanti, and SAP Issue Urgent Patches for Authentication and Code Execution Flaws
2 Men Linked to China’s Salt Typhoon Hacker Group Likely Trained in a Cisco ‘Academy’
US Indicts Extradited Ukrainian on Charges of Aiding Russian Hacking Groups
Google Patches Gemini Enterprise Vulnerability Exposing Corporate Data
Fortinet Patches Critical Authentication Bypass Vulnerabilities
Ivanti EPM Update Patches Critical Remote Code Execution Flaw
SAP Patches Critical Vulnerabilities With December 2025 Security Updates
ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Rockwell, Schneider
UK Sanctions Russian and Chinese Firms Suspected of Being ‘Malign Actors’ in Information Warfare
Critical Ivanti EPM Vulnerability Allows Admin Session Hijacking via Stored XSS
Over 644,000 Domains Exposed to Critical React Server Components Vulnerability
New Spiderman Phishing Kit Lets Attackers Create Malicious Bank Login Pages in Few Clicks
What’s Next for SOC in 2026: Get the Early-Adopter Advantage
Threat Actors Weaponize ChatGPT and Grok Conversations to Deploy AMOS Stealer
Microsoft Outlook Vulnerability Let Attackers Execute Malicious Code Remotely
North Korean Hackers Exploit React2Shell Vulnerability in the Wild to Deploy EtherRAT
FortiSandbox OS command injection Vulnerability Let Attackers execute Malicious code
Windows PowerShell 0-Day Vulnerability Let Attackers Execute Malicious Code
CISA Warns of WinRAR 0-Day RCE Vulnerability Exploited in Attacks
Google ads for shared ChatGPT, Grok guides push macOS infostealer malware
New DroidLock malware locks Android devices and demands a ransom
Microsoft Teams to warn of suspicious traffic with external domains
Over 10,000 Docker Hub images found leaking credentials, auth keys
Why a secure software development life cycle is critical for manufacturers
New Spiderman phishing service targets dozens of European banks
Ukrainian hacker charged with helping Russian hacktivist groups
– MTZ