Daily CyberSecurity •

GOLD SALEM Abuses Velociraptor DFIR Tool as Ransomware Precursor Following SharePoint ToolShell Exploitation

Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

Cybercriminals

GOLD SALEM Abuses Velociraptor DFIR Tool as Ransomware Precursor Following SharePoint ToolShell Exploitation

December 15, 2025

Storm-0249 Abuses EDR Process via DLL Sideloading to Cloak Ransomware Access

Storm-0249 EDR Abuse, DLL Sideloading

Cybercriminals

Storm-0249 Abuses EDR Process via DLL Sideloading to Cloak Ransomware Access

December 15, 2025

React2Shell: Max-Score RCE (CVSS 10.0) Triggers Widespread Exploitation by Espionage Groups & Miners

React2Shell RCE, Widespread Exploitation

React2Shell: Max-Score RCE (CVSS 10.0) Triggers Widespread Exploitation by Espionage Groups & Miners

December 13, 2025

Sophisticated Okta SSO Phishing Bypasses Defenses to Steal Session Tokens With Salary Review Lures

Pacific Islands Forum Cyberattack

Cybercriminals

Sophisticated Okta SSO Phishing Bypasses Defenses to Steal Session Tokens With Salary Review Lures

December 12, 2025

New NANOREMOTE Backdoor Uses Google Drive API for Covert C2 and Links to FINALDRAFT Espionage Group

NANOREMOTE Google Drive C2, FINALDRAFT Link

Malware

New NANOREMOTE Backdoor Uses Google Drive API for Covert C2 and Links to FINALDRAFT Espionage Group

December 15, 2025

Hamas-Affiliated APT Ashen Lepus Unveils AshTag Malware Suite for Wider Cyber-Espionage

Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

Hamas-Affiliated APT Ashen Lepus Unveils AshTag Malware Suite for Wider Cyber-Espionage

December 15, 2025

VS Code Supply Chain Attack: 19 Extensions Used Typosquatting & Steganography to Deploy Rust Trojan

vs-c

Malware

VS Code Supply Chain Attack: 19 Extensions Used Typosquatting & Steganography to Deploy Rust Trojan

December 15, 2025

New 01flip Ransomware Hits APAC Critical Infra: Cross-Platform Rust Weapon Uses Sliver C2

01flip Rust Ransomware, Cross-Platform APAC

Malware

New 01flip Ransomware Hits APAC Critical Infra: Cross-Platform Rust Weapon Uses Sliver C2

December 12, 2025

Alarm: Coupang Data Breach Exposes 33.7 Million Users—Over Half of South Korea

Coupang 33.7M Breach South Korea Data Leak Red Hat Breach, Customer Data Theft Farmers Insurance, Salesforce ESLint Plugin -Mamont Android banking Trojan

Data Leak

Alarm: Coupang Data Breach Exposes 33.7 Million Users—Over Half of South Korea

December 2, 2025

Privacy Alert: India Mandates Undeletable Sanchar Saathi App on All New Smartphones

Oracle user data Sanchar Saathi Mandatory India Preinstalled App

Data Leak

Privacy Alert: India Mandates Undeletable Sanchar Saathi App on All New Smartphones

December 2, 2025

OpenAI API Users Exposed in Mixpanel Security Breach

OpenAI, Mixpanel Breach ChatGPT Data Preservation, NYT Lawsuit ChatGPT Apps SDK, super app OpenAI Jony Ive, AI Hardware Delay Musk Apple lawsuit, App Store antitrust UK AI Partnership, OpenAI Collaboration Jony Ive OpenAI, DoD Contract OpenAI Lawsuit, ChatGPT Privacy North Korea ChatGPT - GPT-4.5 model OpenAI Models, AI Advancements OpenAI pricing, Flex API

Data Leak

OpenAI API Users Exposed in Mixpanel Security Breach

November 28, 2025

UNMASKED: Massive Leak Exposes Iran’s ‘Department 40’ Cyber-Terror Unit

Department 40, IRGC Cyber Leak

UNMASKED: Massive Leak Exposes Iran’s ‘Department 40’ Cyber-Terror Unit

November 27, 2025

Windows 11 Gaming Guide: Microsoft’s Recommended PC Specs for 1080p to 4K

Windows 11 Gaming PC Specs, NVMe DirectStorage Windows 10 End of Support Windows 11 Slow Adoption Windows 11 Crash Loop KB5062553 Bug Update and Shut Down, KB5067036 Windows authentication, Kerberos bug Windows 11 fix, localhost bug Windows 11 Update Restart, Update and Shut Down Windows SMBv1 Windows 11 Arm, Easy Anti-Cheat Windows 11 error, Pluton Windows 11 24H2, Easy Anti-Cheat Windows Firewall Bug, Microsoft Update Error Windows 11, JScript9Legacy Windows Activation, TSforge Windows 11 Update, Firewall Error Windows 11 25H2, Annual Update Windows Resiliency Initiative, Kernel Security Windows 11 Upgrade, ESU Program Windows 11 Recall, Data Export Windows 11 Easy Anti-Cheat Windows 11 Update, Cumulative Update Windows Update, ACPI.sys Windows Updates, Enterprise Software Windows 11 Start Data Encryption Standard Printing Problems Windows 11 updates Estimated installation time Smart App Control, Windows 11 security

Windows 11 Gaming Guide: Microsoft’s Recommended PC Specs for 1080p to 4K

Ddos December 15, 2025

Catching Apple: Google Overhauls Health Connect to Track Alcohol & Medical Symptoms Google Health Connect Overhaul, Alcohol Symptom Tracking

Google Health Connect Overhaul, Alcohol Symptom Tracking

Catching Apple: Google Overhauls Health Connect to Track Alcohol & Medical Symptoms

Ddos December 15, 2025

Unpatched Windows RasMan Flaw Allows Unprivileged Crash, Enabling Local System Privilege Escalation Exploit RasMan Crash Flaw, 0patch Micropatch ASP.NET Core, HTTP smuggling Windows kernel Rust ActiveX, Microsoft 365

RasMan Crash Flaw, 0patch Micropatch ASP.NET Core, HTTP smuggling Windows kernel Rust ActiveX, Microsoft 365

Unpatched Windows RasMan Flaw Allows Unprivileged Crash, Enabling Local System Privilege Escalation Exploit

Ddos December 15, 2025

Critical pgAdmin RCE (CVE-2025-13780) Flaw Bypasses Fix, Allowing Server Takeover Via Malicious Database Restore pgAdmin RCE, BOM Bypass Flaw

pgAdmin RCE, BOM Bypass Flaw

Critical pgAdmin RCE (CVE-2025-13780) Flaw Bypasses Fix, Allowing Server Takeover Via Malicious Database Restore

Ddos December 15, 2025

SHADOW-VOID-042 Impersonates Trend Micro in Phishing Campaign to Breach Critical Infrastructure Telecom threat, Secret Service cybersecurity news - Cyber Espionage Campaign

Telecom threat, Secret Service cybersecurity news - Cyber Espionage Campaign

SHADOW-VOID-042 Impersonates Trend Micro in Phishing Campaign to Breach Critical Infrastructure

Ddos December 15, 2025

Critical Plesk Flaw (CVE-2025-66430) Risks Full Server Takeover via LPE and Apache Config Injection Plesk LPE, Root Command Execution

Plesk LPE, Root Command Execution

Critical Plesk Flaw (CVE-2025-66430) Risks Full Server Takeover via LPE and Apache Config Injection

Ddos December 15, 2025

Apache StreamPark Flaw Risks Data Decryption & Token Forgery via Hard-Coded Key and AES ECB Mode Apache StreamPark Crypto, Hard-Coded Key Flaw

Apache StreamPark Crypto, Hard-Coded Key Flaw

Apache StreamPark Flaw Risks Data Decryption & Token Forgery via Hard-Coded Key and AES ECB Mode

Ddos December 15, 2025

ImageMagick Flaw Risks Arbitrary Memory Disclosure via PSX TIM File Integer Overflow on 32-bit Systems ImageMagick TIM Overflow, Memory Disclosure Flaw ImageMagick vulnerabilities, memory corruption CVE-2023-34152

ImageMagick TIM Overflow, Memory Disclosure Flaw ImageMagick vulnerabilities, memory corruption CVE-2023-34152

ImageMagick Flaw Risks Arbitrary Memory Disclosure via PSX TIM File Integer Overflow on 32-bit Systems

Ddos December 15, 2025

Apache Airflow Flaws Leak Sensitive Credentials in UI via DAG Tracebacks & Template Rendering Airflow Credential Leak, UI Redaction Failure CVE-2024-39877 & CVE-2024-45784 Airflow Connection Leak, CVE-2025-54831

Airflow Credential Leak, UI Redaction Failure CVE-2024-39877 & CVE-2024-45784 Airflow Connection Leak, CVE-2025-54831

Apache Airflow Flaws Leak Sensitive Credentials in UI via DAG Tracebacks & Template Rendering

Ddos December 13, 2025

Urgent: Apple Patches Two Critical WebKit Zero-Days Under Active Exploitation Against High-Risk Targets WebKit Zero-Day, Targeted iOS Spyware Apple spyware alerts, zero-click attacks Apple, trademark lawsuit CVE-2024-54527 PoC exploit Apple, App Store

WebKit Zero-Day, Targeted iOS Spyware Apple spyware alerts, zero-click attacks Apple, trademark lawsuit CVE-2024-54527 PoC exploit Apple, App Store

Urgent: Apple Patches Two Critical WebKit Zero-Days Under Active Exploitation Against High-Risk Targets

Ddos December 13, 2025

Critical React2Shell Vulnerability (CVE-2025-55182) Analysis: Surge in Attacks Targeting RSC-Enabled Services Worldwide Critical_React2Shell_CVE-2025-55182____RSC______3_1765504077YqYq0hVYdr

Critical_React2Shell_CVE-2025-55182____RSC______3_1765504077YqYq0hVYdr

Critical React2Shell Vulnerability (CVE-2025-55182) Analysis: Surge in Attacks Targeting RSC-Enabled Services Worldwide

cybernewswire December 12, 2025

Torrance, United States / California, 12th December 2025, CyberNewsWire

The IP Wall Falls: Disney Invests $1B in OpenAI to License 200+ Characters for AI Disney OpenAI $1B, AI Character Licensing

Disney OpenAI $1B, AI Character Licensing

The IP Wall Falls: Disney Invests $1B in OpenAI to License 200+ Characters for AI

Ddos December 12, 2025

The AI Super-App Rises: Photoshop & Adobe Express Integrate into ChatGPT OpenAI Adobe Integration, ChatGPT Super-App

OpenAI Adobe Integration, ChatGPT Super-App

The AI Super-App Rises: Photoshop & Adobe Express Integrate into ChatGPT

Ddos December 12, 2025

The “USB-C of AI” is Here: Google Launches Managed Servers for MCP Protocol Google MCP Protocol, Agentic AI Managed Servers Google Cloud Meta Google Cloud UniSuper

Google MCP Protocol, Agentic AI Managed Servers Google Cloud Meta Google Cloud UniSuper

The “USB-C of AI” is Here: Google Launches Managed Servers for MCP Protocol

Ddos December 12, 2025

YouTube TV’s New Subscription Bundles: Is Streaming Becoming Cable All Over Again? YouTube TV Bundles, Streaming Cable Model

YouTube TV Bundles, Streaming Cable Model

YouTube TV’s New Subscription Bundles: Is Streaming Becoming Cable All Over Again?

Ddos December 12, 2025

Farewell, Tabs: Google’s Experimental Disco Browser Generates Web Apps with AI Google Disco Browser, Gemini PWA Generation

Google Disco Browser, Gemini PWA Generation

Farewell, Tabs: Google’s Experimental Disco Browser Generates Web Apps with AI

Ddos December 12, 2025

React Patches Two New Flaws Risking Server-Crashing DoS and Source Code Disclosure React Server Components DoS, Source Code Disclosure React RCE, Server Components Deserialization CVE-2025-55182

React Server Components DoS, Source Code Disclosure React RCE, Server Components Deserialization CVE-2025-55182

React Patches Two New Flaws Risking Server-Crashing DoS and Source Code Disclosure

Ddos December 12, 2025

Core Banking System Flaw: Apache Fineract IDOR Risks Authorization Bypass & Customer Data Access CVE-2024-32838 Apache Fineract IDOR, Core Banking Bypass

CVE-2024-32838 Apache Fineract IDOR, Core Banking Bypass

Core Banking System Flaw: Apache Fineract IDOR Risks Authorization Bypass & Customer Data Access

Ddos December 12, 2025

CISA KEV Alert: GeoServer XXE Flaw Under Active Attack Risks Data Theft & Internal Network Scanning GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

CISA KEV Alert: GeoServer XXE Flaw Under Active Attack Risks Data Theft & Internal Network Scanning

Ddos December 12, 2025

Military-Grade ValleyRAT Goes Rogue: Kernel Rootkit Builder Leak Triggers Massive Global Surge ValleyRAT Builder Leak, Kernel Rootkit Comoditization

ValleyRAT Builder Leak, Kernel Rootkit Comoditization

Military-Grade ValleyRAT Goes Rogue: Kernel Rootkit Builder Leak Triggers Massive Global Surge

Ddos December 12, 2025