Clustered news

---

Cluster

ImmuniWeb enhances AI vulnerability testing and compliance reporting 2025-12-12
React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency Mitigation 2025-12-12
Bugcrowd unveils AI tools to accelerate triage and strengthen preemptive security 2025-12-11
LLM vulnerability patching skills remain limited 2025-12-11
Chrome Targeted by Active In-the-Wild Exploit Tied to Undisclosed High-Severity Flaw 2025-12-11
Active Attacks Exploit Gladinet"s Hard-Coded Keys for Unauthorized Access and Code Execution 2025-12-11
Hackers exploit unpatched Gogs zero-day to breach 700 servers 2025-12-11
Malwarebytes for Mac now has smarter, deeper scans 2025-12-11
Hackers exploit Gladinet CentreStack cryptographic flaw in RCE attacks 2025-12-11
Webinar: How Attackers Exploit Cloud Misconfigurations Across AWS, AI Models, and Kubernetes 2025-12-10
North Korean hackers exploit React2Shell flaw in EtherRAT malware attacks 2025-12-09
North Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT Malware 2025-12-09
Four Threat Clusters Using CastleLoader as GrayBravo Expands Its Malware Service Infrastructure 2025-12-09
⚡ Weekly Recap: USB Malware, React2Shell, WhatsApp Worms, AI IDE Bugs & More 2025-12-08
React2Shell flaw exploited to breach 30 orgs, 77k IP addresses vulnerable 2025-12-06
Chinese Hackers Have Started Exploiting the Newly Disclosed React2Shell Vulnerability 2025-12-05
CISA warns of Chinese "BrickStorm" malware attacks on VMware servers 2025-12-04
Hackers are exploiting ArrayOS AG VPN flaw to plant webshells 2025-12-04
Picklescan Bugs Allow Malicious PyTorch Models to Evade Scans and Execute Code 2025-12-03
Malicious Rust Crate Delivers OS-Specific Malware to Web3 Developer Systems 2025-12-03
Malwarebytes joins Global Anti-Scam Alliance (GASA) as supporting member 2025-12-01
Glassworm malware returns in third wave of malicious VS Code packages 2025-12-01
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 73 2025-11-30

---

Cluster

Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild 2025-12-13
Apple fixes two zero-day flaws exploited in "sophisticated" attacks 2025-12-12
Google fixes eighth Chrome zero-day exploited in attacks in 2025 2025-12-11
Unpatched Gogs Zero-Day Exploited Across 700+ Instances Amid Active Attacks 2025-12-11
Google ads for shared ChatGPT, Grok guides push macOS infostealer malware 2025-12-10
December Patch Tuesday fixes three zero-days, including one that hijacks Windows devices 2025-12-10
Microsoft Issues Security Fixes for 56 Flaws, Including Active Exploit and Two Zero-Days 2025-12-10
Microsoft December 2025 Patch Tuesday fixes 3 zero-days, 57 flaws 2025-12-09
Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading 2025-12-09
STAC6565 Targets Canada in 80% of Attacks as Gold Blade Deploys QWCrypt Ransomware 2025-12-09
Leaks show Intellexa burning zero-days to keep Predator spyware running 2025-12-05
Intellexa Leaks Reveal Zero-Days and Ads-Based Vector for Predator Spyware Delivery 2025-12-05
Google patches 107 Android flaws, including two being actively exploited 2025-12-02
Google fixes two Android zero days exploited in attacks, 107 flaws 2025-12-02
Google Patches 107 Android Flaws, Including Two Framework Bugs Exploited in the Wild 2025-12-02

---

Cluster

CyberVolk’s ransomware debut stumbles on cryptography weakness 2025-12-13
Ransomware keeps widening its reach 2025-12-12
Ransomware may have extorted over $2.1 billion between 2022-2024, but it’s not all bad news, claims FinCEN report 2025-12-10
Four years later, Irish health service offers €750 to victims of ransomware attack 2025-12-10
Ransomware gangs turn to Shanya EXE packer to hide EDR killers 2025-12-09
Ransomware IAB abuses EDR for stealthy malware execution 2025-12-09
FinCEN says ransomware gangs extorted over $2.1B from 2022 to 2024 2025-12-08
Pharma firm Inotiv discloses data breach after ransomware attack 2025-12-05
Barts Health NHS discloses data breach after Oracle zero-day hack 2025-12-05
Deep dive into DragonForce ransomware and its Scattered Spider connection 2025-12-03
Shai-Hulud 2.0 NPM malware attack exposed up to 400,000 dev secrets 2025-12-02
The weekend is prime time for ransomware 2025-12-01

---

Cluster

Fake ‘One Battle After Another’ torrent hides malware in subtitles 2025-12-12
Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads 2025-12-12
Malicious VSCode Marketplace extensions hid trojan in fake PNG file 2025-12-11
NANOREMOTE Malware Uses Google Drive API for Hidden Control on Windows Systems 2025-12-11
Silver Fox Uses Fake Microsoft Teams Installer to Spread ValleyRAT Malware in China 2025-12-04
Brazil Hit by Banking Trojan Spread via WhatsApp Worm and RelayNFC NFC Relay Fraud 2025-12-03
Webinar: The "Agentic" Trojan Horse: Why the New AI Browsers War is a Nightmare for Security Teams 2025-12-01

---

Cluster

DroidLock malware locks you out of your Android device and demands ransom 2025-12-11
New DroidLock malware locks Android devices and demands a ransom 2025-12-10
React2Shell Exploitation Delivers Crypto Miners and New Malware Across Multiple Sectors 2025-12-10
Android Malware FvncBot, SeedSnatcher, and ClayRat Gain Stronger Data Theft Features 2025-12-08
New Android malware lets criminals control your phone and drain your bank account 2025-12-01
Contagious Interview campaign expands with 197 npm Ppackages spreading new OtterCookie malware 2025-11-30

---

Cluster

Sneeit WordPress RCE Exploited in the Wild While ICTBroadcast Bug Fuels Frost Botnet Attacks 2025-12-08
Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation 2025-12-06
React2Shell critical flaw actively exploited in China-linked attacks 2025-12-05
Critical flaw in WordPress add-on for Elementor exploited in attacks 2025-12-03
New Albiriox MaaS Malware Targets 400+ Apps for On-Device Fraud and Screen Control 2025-12-01

---

Cluster

CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks 2025-12-13
CISA orders feds to patch actively exploited Geoserver flaw 2025-12-12
CISA Flags Actively Exploited GeoServer XXE Flaw in Updated KEV Catalog 2025-12-12
CISA Adds Actively Exploited XSS Bug CVE-2021-26829 in OpenPLC ScadaBR to KEV 2025-11-30

---

Cluster

New Windows RasMan zero-day flaw gets free, unofficial patches 2025-12-12
[updated]Another Chrome zero-day under attack: update now 2025-12-11
Microsoft "mitigates" Windows LNK flaw exploited as zero-day 2025-12-03
Microsoft Silently Patches Windows LNK Flaw After Years of Active Exploitation 2025-12-03

---

Cluster

Warning: WinRAR Vulnerability CVE-2025-6218 Under Active Attack by Multiple Threat Groups 2025-12-10
Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch 2025-12-05
Microsoft 365 license check bug blocks desktop app downloads 2025-12-04
Google fixes Android vulnerabilities “under targeted exploitation” (CVE-2025-48633, CVE-2025-48572) 2025-12-02

---

Cluster

Week in review: React, Node.js flaw patched, ransomware intrusion exposes espionage foothold 2025-12-07
Critical RSC Bugs in React and Next.js Allow Unauthenticated Remote Code Execution 2025-12-03
How a noisy ransomware intrusion exposed a long-term espionage foothold 2025-12-02
Week in review: Fake “Windows Update” fuels malware, Salesforce details Gainsight breach 2025-11-30