ICYMI: 2025-12-16
Latest Headlines
Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign
Rogue NuGet Package Poses as Tracer.Fody, Steals Cryptocurrency Wallet Data
Amazon Exposes Years-Long GRU Cyber Campaign Targeting Energy and Cloud Infrastructure
Fortinet FortiGate Under Active Attack Through SAML SSO Authentication Bypass
React2Shell Vulnerability Actively Exploited to Deploy Linux Backdoors
Google to Shut Down Dark Web Monitoring Tool in February 2026
From Open Source to OpenAI: The Evolution of Third-Party Risk
Amazon: Russian Hackers Now Favor Misconfigurations in Critical Infrastructure Attacks
JumpCloud Remote Assist Vulnerability Can Expose Systems to Takeover
APT-C-35 Infrastructure Activity Leveraged Using Apache HTTP Response Indicators
Russian Hackers Attacking Network Edge Devices in Western Critical Infrastructure
LLMs are Accelerating the Ransomware Operations with Functional Tools and RaaS
Hackers Can Manipulate Internet-Based Solar Panel Systems to Execute Attacks in Minutes
Microsoft Details Mitigations Against React2Shell RCE Vulnerability in React Server Components
Link11 Identifies Five Cybersecurity Trends Set to Shape European Defense Strategies in 2026
CISA Warns of Apple WebKit Vulnerability 0-Day Vulnerability Exploited in Attacks
Fortinet FortiWeb Vulnerability (CVE-2025-64446) Exploited in the Wild for Full Admin Takeover
Windows Admin Center Vulnerability (CVE-2025-64669) Let Attackers Escalate Privileges
Cellik Android malware builds malicious versions from Google Play apps
GhostPoster attacks hide malicious JavaScript in Firefox addon logos
Amazon disrupts Russian GRU hackers attacking edge network devices
Texas sues TV makers for taking screenshots of what people watch
Cyberattack disrupts Venezuelan oil giant PDVSA’s operations
The Hidden Risk in Virtualization: Why Hypervisors are a Ransomware Magnet
Microsoft to block Exchange Online access for outdated mobile devices
European authorities dismantle call center fraud ring in Ukraine
SoundCloud confirms breach after member data stolen, VPN access disrupted
– MTZ