Weekly Threat Intelligence Summary

Top 10 General Cyber Threats

Generated 2025-12-29T05:00:04.844274+00:00

1. GrayBravo’s CastleLoader Activity Clusters Target Multiple Industries (www.recordedfuture.com, 2025-12-09T00:00:00)
   Score: 12.632
   Note: The analysis cut-off date for this report was November 10, 2025 Executive Summary Insikt Group continues to monitor GrayBravo (formerly tracked as TAG-150), a technically sophisticated and rapidly evolving threat actor first identified in September 2025. GrayBravo demonstrates strong adaptability, responsiveness to public exposure, and operates a large-scale, multi-layered infrastructure. Recent analysis of GrayBravo’s ecosystem uncovered four distinct activity clusters leveraging the grou
2. Critical React2Shell Vulnerability Under Active Exploitation by Chinese Threat Actors (www.recordedfuture.com, 2025-12-08T00:00:00)
   Score: 8.165
   A critical vulnerability in React Server Components is allegedly being actively exploited by multiple Chinese threat actors, Recorded Future recommends organizations patch their systems immediately.
3. December 2025 Patch Tuesday: One Critical Zero-Day, Two Publicly Disclosed Vulnerabilities Among 57 CVEs (www.crowdstrike.com, 2025-12-09T06:00:00)
   Score: 7.374
4. CISA warns ASUS Live Update backdoor is still exploitable, seven years on (www.malwarebytes.com, 2025-12-19T13:56:36)
   Score: 6.595
   Seven years after the original attack, CISA has added the ASUS Live Update backdoor to its Known Exploited Vulnerabilities catalog.
5. November 2025 CVE Landscape: 10 Critical Vulnerabilities Show 69% Drop from October (www.recordedfuture.com, 2025-12-09T00:00:00)
   Score: 6.332
   November 2025 CVE landscape: 10 exploited critical vulnerabilities, a 69% drop from October, and why Fortinet and Samsung flaws need urgent patching.
6. Inside a purchase order PDF phishing campaign (www.malwarebytes.com, 2025-12-17T13:38:00)
   Score: 6.26
   A “purchase order” PDF blocked by Malwarebytes led to a credential-harvesting phishing site. So we analyzed the attack and where the data went next.
7. Android mobile adware surges in second half of 2025 (www.malwarebytes.com, 2025-12-16T13:58:42)
   Score: 6.096
   Malwarebytes threat research reveals spike in adware and malicious malware families Triada and MobiDash heading into the holiday season.
8. PayPal closes loophole that let scammers send real emails with fake purchase notices (www.malwarebytes.com, 2025-12-15T13:41:57)
   Score: 5.927
   Scammers exploited a PayPal subscriptions feature to send legitimate emails from service@paypal.com, using fake purchase notifications to push tech support scams.
9. DroidLock malware locks you out of your Android device and demands ransom (www.malwarebytes.com, 2025-12-11T16:57:58)
   Score: 5.283
   Researchers have found Android malware that holds your files and your device hostage until you pay the ransom.
10. Malwarebytes for Mac now has smarter, deeper scans (www.malwarebytes.com, 2025-12-11T13:40:02)
    Score: 5.26
    Say hello to the upgraded Malwarebytes for Mac, with stronger protection and more control.

Top 10 AI / LLM-Related Threats

Generated 2025-12-29T06:00:15.136109+00:00

1. ChatGPT: Excellent Paper! Accept It. Editor: Imposter Found! Review Rejected (arxiv.org, 2025-12-29T05:00:00)
   Score: 27.79
   arXiv:2512.20405v2 Announce Type: replace
   Abstract: Large Language Models (LLMs) like ChatGPT are now widely used in writing and reviewing scientific papers. While this trend accelerates publication growth and reduces human workload, it also introduces serious risks. Papers written or reviewed by LLMs may lack real novelty, contain fabricated or biased results, or mislead downstream research that others depend on. Such issues can damage reputations, waste resources, and even endanger lives when
2. The Imitation Game: Using Large Language Models as Chatbots to Combat Chat-Based Cybercrimes (arxiv.org, 2025-12-29T05:00:00)
   Score: 20.79
   arXiv:2512.21371v1 Announce Type: new
   Abstract: Chat-based cybercrime has emerged as a pervasive threat, with attackers leveraging real-time messaging platforms to conduct scams that rely on trust-building, deception, and psychological manipulation. Traditional defense mechanisms, which operate on static rules or shallow content filters, struggle to identify these conversational threats, especially when attackers use multimedia obfuscation and context-aware dialogue.
   In this work, we ask a pr
3. Evaluating Large Language Models for Line-Level Vulnerability Localization (arxiv.org, 2025-12-29T05:00:00)
   Score: 19.79
   arXiv:2404.00287v2 Announce Type: replace-cross
   Abstract: Recently, Automated Vulnerability Localization (AVL) has attracted growing attention, aiming to facilitate diagnosis by pinpointing the specific lines of code responsible for vulnerabilities. Large Language Models (LLMs) have shown potential in various domains, yet their effectiveness in line-level vulnerability localization remains underexplored.
   In this work, we present the first comprehensive empirical evaluation of LLMs for AVL. Ou
4. LLM-Driven Feature-Level Adversarial Attacks on Android Malware Detectors (arxiv.org, 2025-12-29T05:00:00)
   Score: 17.79
   arXiv:2512.21404v1 Announce Type: new
   Abstract: The rapid growth in both the scale and complexity of Android malware has driven the widespread adoption of machine learning (ML) techniques for scalable and accurate malware detection. Despite their effectiveness, these models remain vulnerable to adversarial attacks that introduce carefully crafted feature-level perturbations to evade detection while preserving malicious functionality. In this paper, we present LAMLAD, a novel adversarial attack
5. GateBreaker: Gate-Guided Attacks on Mixture-of-Expert LLMs (arxiv.org, 2025-12-29T05:00:00)
   Score: 17.79
   arXiv:2512.21008v2 Announce Type: replace
   Abstract: Mixture-of-Experts (MoE) architectures have advanced the scaling of Large Language Models (LLMs) by activating only a sparse subset of parameters per input, enabling state-of-the-art performance with reduced computational cost. As these models are increasingly deployed in critical domains, understanding and strengthening their alignment mechanisms is essential to prevent harmful outputs. However, existing LLM safety research has focused almost
6. Reflection-Driven Control for Trustworthy Code Agents (arxiv.org, 2025-12-29T05:00:00)
   Score: 14.79
   arXiv:2512.21354v1 Announce Type: new
   Abstract: Contemporary large language model (LLM) agents are remarkably capable, but they still lack reliable safety controls and can produce unconstrained, unpredictable, and even actively harmful outputs. To address this, we introduce Reflection-Driven Control, a standardized and pluggable control module that can be seamlessly integrated into general agent architectures. Reflection-Driven Control elevates "self-reflection" from a post hoc patch
7. Optimizing LLM inference on Amazon SageMaker AI with BentoML’s LLM- Optimizer (aws.amazon.com, 2025-12-24T17:17:44)
   Score: 14.622
   In this post, we demonstrate how to optimize large language model (LLM) inference on Amazon SageMaker AI using BentoML's LLM-Optimizer to systematically identify the best serving configurations for your workload.
8. Deploy Mistral AI’s Voxtral on Amazon SageMaker AI (aws.amazon.com, 2025-12-22T18:32:19)
   Score: 14.158
   In this post, we demonstrate hosting Voxtral models on Amazon SageMaker AI endpoints using vLLM and the Bring Your Own Container (BYOC) approach. vLLM is a high-performance library for serving large language models (LLMs) that features paged attention for improved memory management and tensor parallelism for distributing models across multiple GPUs.
9. Securing Cross-Domain Internet of Drones: An RFF-PUF Allied Authenticated Key Exchange Protocol With Over-the-Air Enrollment (arxiv.org, 2025-12-29T05:00:00)
   Score: 12.49
   arXiv:2512.21827v1 Announce Type: new
   Abstract: The Internet of Drones (IoD) is an emerging and crucial paradigm enabling advanced applications that require seamless, secure communication across heterogeneous and untrusted domains. In such environments, access control and the transmission of sensitive data pose significant security challenges for IoD systems, necessitating the design of lightweight mutual authentication and key exchange protocols. Existing solutions are often hampered by high c
10. X-Boundary: Establishing Exact Safety Boundary to Shield LLMs from Multi-Turn Jailbreaks without Compromising Usability (arxiv.org, 2025-12-29T05:00:00)
    Score: 12.49
    arXiv:2502.09990v3 Announce Type: replace
    Abstract: Despite the rapid development of safety alignment techniques for LLMs, defending against multi-turn jailbreaks is still a challenging task. In this paper, we conduct a comprehensive comparison, revealing that some existing defense methods can improve the robustness of LLMs against multi-turn jailbreaks but compromise usability, i.e., reducing general capabilities or causing the over-refusal problem. From the perspective of mechanism interpreta
11. UniMark: Artificial Intelligence Generated Content Identification Toolkit (arxiv.org, 2025-12-29T05:00:00)
    Score: 11.99
    arXiv:2512.12324v2 Announce Type: replace
    Abstract: The rapid proliferation of Artificial Intelligence Generated Content has precipitated a crisis of trust and urgent regulatory demands. However, existing identification tools suffer from fragmentation and a lack of support for visible compliance marking. To address these gaps, we introduce the \textbf{UniMark}, an open-source, unified framework for multimodal content governance. Our system features a modular unified engine that abstracts comple
12. Exploring the Security Threats of Retriever Backdoors in Retrieval-Augmented Code Generation (arxiv.org, 2025-12-29T05:00:00)
    Score: 11.79
    arXiv:2512.21681v1 Announce Type: new
    Abstract: Retrieval-Augmented Code Generation (RACG) is increasingly adopted to enhance Large Language Models for software development, yet its security implications remain dangerously underexplored. This paper conducts the first systematic exploration of a critical and stealthy threat: backdoor attacks targeting the retriever component, which represents a significant supply-chain vulnerability. It is infeasible to assess this threat realistically, as exist
13. Leveraging ASIC AI Chips for Homomorphic Encryption (arxiv.org, 2025-12-29T05:00:00)
    Score: 11.49
    arXiv:2501.07047v3 Announce Type: replace
    Abstract: Homomorphic Encryption (HE) provides strong data privacy for cloud services but at the cost of prohibitive computational overhead. While GPUs have emerged as a practical platform for accelerating HE, there remains an order-of-magnitude energy-efficiency gap compared to specialized (but expensive) HE ASICs. This paper explores an alternate direction: leveraging existing AI accelerators, like Google's TPUs with coarse-grained compute and me
14. Patch Tuesday – December 2025 (www.rapid7.com, 2025-12-10T07:50:42)
    Score: 11.394
    Microsoft is publishing a relatively light 54 new vulnerabilities this December 2025 Patch Tuesday , which is significantly lower than we have come to expect over the past couple of years. Today’s list includes two publicly disclosed remote code vulnerabilities, and a single exploited-in-the-wild vulnerability. Three critical remote code execution (RCE) vulnerabilities are also patched today; Microsoft currently assesses those as less likely or even unlikely to see exploitation. During December,
15. The December 2025 Security Update Review (www.thezdi.com, 2025-12-09T18:29:16)
    Score: 11.262
    It’s the final patch Tuesday of 2025, but that doesn’t make it any less exciting. Put aside your holiday planning for just a moment as we review the latest security offering from Adobe and Microsoft. If you’d rather watch the full video recap covering the entire release, you can check it out here: Adobe Patches for December 2025 For December, Adobe released five bulletins addressing 139 unique CVEs in Adobe Reader, ColdFusion, Experience Manager, Creative Cloud Desktop, and the Adobe DNG Softwar
16. Introducing Visa Intelligent Commerce on AWS: Enabling agentic commerce with Amazon Bedrock AgentCore (aws.amazon.com, 2025-12-23T16:45:47)
    Score: 11.078
    In this post, we explore how AWS and Visa are partnering to enable agentic commerce through Visa Intelligent Commerce using Amazon Bedrock AgentCore. We demonstrate how autonomous AI agents can transform fragmented shopping and travel experiences into seamless, end-to-end workflows—from discovery and comparison to secure payment authorization—all driven by natural language.
17. Build a multimodal generative AI assistant for root cause diagnosis in predictive maintenance using Amazon Bedrock (aws.amazon.com, 2025-12-22T18:21:28)
    Score: 10.856
    In this post, we demonstrate how to implement a predictive maintenance solution using Foundation Models (FMs) on Amazon Bedrock, with a case study of Amazon's manufacturing equipment within their fulfillment centers. The solution is highly adaptable and can be customized for other industries, including oil and gas, logistics, manufacturing, and healthcare.
18. GoldenFuzz: Generative Golden Reference Hardware Fuzzing (arxiv.org, 2025-12-29T05:00:00)
    Score: 9.49
    arXiv:2512.21524v1 Announce Type: new
    Abstract: Modern hardware systems, driven by demands for high performance and application-specific functionality, have grown increasingly complex, introducing large surfaces for bugs and security-critical vulnerabilities. Fuzzing has emerged as a scalable solution for discovering such flaws. Yet, existing hardware fuzzers suffer from limited semantic awareness, inefficient test refinement, and high computational overhead due to reliance on slow device simul
19. Verifiable Passkey: The Decentralized Authentication Standard (arxiv.org, 2025-12-29T05:00:00)
    Score: 9.49
    arXiv:2512.21663v1 Announce Type: new
    Abstract: Passwordless authentication has revolutionized the way we authenticate across various websites and services. FIDO2 Passkeys, is one of the most-widely adopted standards of passwordless authentication that promises phishing-resistance. However, like any other authentication system, passkeys require the user details to be saved on a centralized server, also known as Relying Party (RP) Server. This has led users to create a new passkey for every new
20. Assessing the Effectiveness of Membership Inference on Generative Music (arxiv.org, 2025-12-29T05:00:00)
    Score: 9.49
    arXiv:2512.21762v1 Announce Type: new
    Abstract: Generative AI systems are quickly improving, now able to produce believable output in several modalities including images, text, and audio. However, this fast development has prompted increased scrutiny concerning user privacy and the use of copyrighted works in training. A recent attack on machine-learning models called membership inference lies at the crossroads of these two concerns. The attack is given as input a set of records and a trained m
21. Abstraction of Trusted Execution Environments as the Missing Layer for Broad Confidential Computing Adoption: A Systematization of Knowledge (arxiv.org, 2025-12-29T05:00:00)
    Score: 9.49
    arXiv:2512.22090v1 Announce Type: new
    Abstract: Trusted Execution Environments (TEEs) protect sensitive code and data from the operating system, hypervisor, or other untrusted software. Different solutions exist, each proposing different features. Abstraction layers aim to unify the ecosystem, allowing application developers and system administrators to leverage confidential computing as broadly and efficiently as possible. We start with an overview of representative available TEE technologies.
22. Weighted Fourier Factorizations: Optimal Gaussian Noise for Differentially Private Marginal and Product Queries (arxiv.org, 2025-12-29T05:00:00)
    Score: 9.49
    arXiv:2512.21499v1 Announce Type: cross
    Abstract: We revisit the task of releasing marginal queries under differential privacy with additive (correlated) Gaussian noise. We first give a construction for answering arbitrary workloads of weighted marginal queries, over arbitrary domains. Our technique is based on releasing queries in the Fourier basis with independent noise with carefully calibrated variances, and reconstructing the marginal query answers using the inverse Fourier transform. We s
23. When the Base Station Flies: Rethinking Security for UAV-Based 6G Networks (arxiv.org, 2025-12-29T05:00:00)
    Score: 9.49
    arXiv:2512.21574v1 Announce Type: cross
    Abstract: The integration of non-terrestrial networks (NTNs) into 6G systems is crucial for achieving seamless global coverage, particularly in underserved and disaster-prone regions. Among NTN platforms, unmanned aerial vehicles (UAVs) are especially promising due to their rapid deployability. However, this shift from fixed, wired base stations (BSs) to mobile, wireless, energy-constrained UAV-BSs introduces unique security challenges. Their central role
24. BeDKD: Backdoor Defense based on Dynamic Knowledge Distillation and Directional Mapping Modulator (arxiv.org, 2025-12-29T05:00:00)
    Score: 9.49
    arXiv:2508.01595v2 Announce Type: replace
    Abstract: Although existing backdoor defenses have gained success in mitigating backdoor attacks, they still face substantial challenges. In particular, most of them rely on large amounts of clean data to weaken the backdoor mapping but generally struggle with residual trigger effects, resulting in persistently high attack success rates (ASR). Therefore, in this paper, we propose a novel Backdoor defense method based on Directional mapping module and ad
25. Privacy-Preserving Healthcare Data in IoT: A Synergistic Approach with Deep Learning and Blockchain (arxiv.org, 2025-12-29T05:00:00)
    Score: 9.49
    arXiv:2510.18568v2 Announce Type: replace
    Abstract: The integration of Internet of Things (IoT) devices in healthcare has revolutionized patient care by enabling real-time monitoring, personalized treatments, and efficient data management. However, this technological advancement introduces significant security risks, particularly concerning the confidentiality, integrity, and availability of sensitive medical data. Traditional security measures are often insufficient to address the unique chall

Auto-generated 2025-12-29