Breaking News – Cyber Threats (last 6h)
Generated: 2025-12-12 07:00 PST
- New Advanced Phishing Kits Use AI and MFA Bypass Tactics to Steal Credentials at Scale
The Hacker News • 2025-12-12 06:04 • thehackernews.com
Cybersecurity researchers have documented four new phishing kits named BlackForce, GhostFrame, InboxPrime AI, and Spiderman that are capable of facilitating credential theft at scale.
BlackForce, first detected in August 2025, is designed to steal credentials and perform Man-in-the-Browser (MitB) attacks to capture one-time passwords (OTPs) and bypass multi-factor authentication (MFA). The kit
https://thehackernews.com/2025/12/new-advanced-phishing-kits-use-ai-and.html - Building Trustworthy AI Agents
Schneier on Security • 2025-12-12 04:00 • www.schneier.comThe promise of personal AI assistants rests on a dangerous assumption: that we can trust systems we haven’t made trustworthy. We can’t. And today’s versions are failing us in predictable ways: pushing us to do things against our own best interests, gaslighting us with doubt about things we are or that we know, and being unable to distinguish between who we are and who we have been. They struggle with incomplete, inaccurate, and partial context: with no standard way to move toward accuracy, no mechanism to correct sources of error, and no accountability when wrong information leads to bad…
https://www.schneier.com/blog/archives/2025/12/building-trustworthy-ai-agents.html - New Windows RasMan zero-day flaw gets free, unofficial patches
BleepingComputer • 2025-12-12 03:28 • www.bleepingcomputer.com
Free unofficial patches are available for a new Windows zero-day vulnerability that allows attackers to crash the Remote Access Connection Manager (RasMan) service. […]
https://www.bleepingcomputer.com/news/microsoft/new-windows-rasman-zero-day-flaw-gets-free-unofficial-patches/ - Securing GenAI in the Browser: Policy, Isolation, and Data Controls That Actually Work
The Hacker News • 2025-12-12 02:18 • thehackernews.com
The browser has become the main interface to GenAI for most enterprises: from web-based LLMs and copilots, to GenAI‑powered extensions and agentic browsers like ChatGPT Atlas. Employees are leveraging the power of GenAI to draft emails, summarize documents, work on code, and analyze data, often by copying/pasting sensitive information directly into prompts or uploading files.
Traditional
https://thehackernews.com/2025/12/securing-genai-in-browser-policy.html - Following the digital trail: what happens to data stolen in a phishing attack
Securelist • 2025-12-12 02:00 • securelist.com
Kaspersky experts detail the journey of the victims’ data after a phishing attack. We break down the use of email-based phishing kits, Telegram bots, and customized administration panels.
https://securelist.com/what-happens-to-stolen-data-after-phishing-attacks/118180/ - CISA orders feds to patch actively exploited Geoserver flaw
BleepingComputer • 2025-12-12 01:48 • www.bleepingcomputer.com
CISA has ordered U.S. federal agencies to patch a critical GeoServer vulnerability now actively exploited in XML External Entity (XXE) injection attacks. […]
https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-actively-exploited-geoserver-flaw/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
