ICYMI: 2025-12-15
Latest Headlines
Featured Chrome Browser Extension Caught Intercepting Millions of Users’ AI Chats
FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE
⚡ Weekly Recap: Apple 0-Days, WinRAR Exploit, LastPass Fines, .NET RCE, OAuth Scams & More
A Browser Extension Risk Guide After the ShadyPanda Campaign
Phantom Stealer Spread by ISO Phishing Emails Hitting Russian Finance Sector
VolkLocker Ransomware Exposed by Hard-Coded Master Key Allowing Free Decryption
Militant Groups Are Experimenting With AI, and the Risks Are Expected to Grow
Google Sees 5 Chinese Groups Exploiting React2Shell for Malware Delivery
Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw
ZnDoor Malware Exploiting React2Shell Vulnerability to Compromise Network Devices
New PCPcat Exploiting React2Shell Vulnerability to compromise 59,000+ Servers
xHunt APT Hackers Attacking Microsoft Exchange and IIS Web Servers to Deploy Custom Backdoors
Jaguar Land Rover Confirms Employee Data Stolen in August Cyberattack
JumpCloud Remote Assist for Windows Agent Flaw Let Attackers Escalate Privilege
Threat Actors Advertising ‘MioLab MacOS’ Infostealer on an Underground Forum
NVIDIA Merlin Vulnerabilities Let Attackers Execute Malicious Code and Trigger DoS Condition
Apache StreamPark Vulnerability Let Attackers Access Sensitive Data
Critical pgAdmin Vulnerability Let Attackers Execute Shell Commands on the Host
Google is shutting down its dark web report feature in January
Askul confirms theft of 740k customer records in ransomware attack
New SantaStealer malware steals data from browsers, crypto wallets
PornHub extorted after hackers steal Premium member activity data
Ongoing SoundCloud issue blocks VPN users with 403 server error
700Credit data breach impacts 5.8 million vehicle dealership customers
2025’s Top Phishing Trends and What They Mean for Your Security Strategy
Microsoft: Recent Windows updates break VPN access for WSL users
Google links more Chinese hacking groups to React2Shell attacks
French Interior Ministry confirms cyberattack on email servers
Microsoft: December security updates cause Message Queuing failures
– MTZ