Breaking News – Cyber Threats (last 6h)
Generated: 2025-12-04 21:00 PST
- Hackers are exploiting ArrayOS AG VPN flaw to plant webshells
BleepingComputer • 2025-12-04 15:05 • www.bleepingcomputer.com
Threat actors have been exploiting a command injection vulnerability in Array AG Series VPN devices to plant webshells and create rogue users. […]
https://www.bleepingcomputer.com/news/security/hackers-are-exploiting-arrayos-ag-vpn-flaw-to-plant-webshells/ - SMS Phishers Pivot to Points, Taxes, Fake Retailers
KrebsOnSecurity • 2025-12-04 15:02 • krebsonsecurity.com
China-based phishing groups blamed for non-stop scam SMS messages about a supposed wayward package or unpaid toll fee are promoting a new offering, just in time for the holiday shopping season: Phishing kits for mass-creating fake but convincing e-commerce websites that convert customer payment card data into mobile wallets from Apple and Google. Experts say these same phishing groups also are now using SMS lures that promise unclaimed tax refunds and mobile rewards points.
https://krebsonsecurity.com/2025/12/sms-phishers-pivot-to-points-taxes-fake-retailers/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
