Breaking News – Cyber Threats (last 6h)
Generated: 2025-12-11 16:00 PST
- Brave browser starts testing agentic AI mode for automated tasks
BleepingComputer • 2025-12-11 15:03 • www.bleepingcomputer.com
Brave has introduced a new AI browsing feature that leverages Leo, its privacy-respecting AI assistant, to perform automated tasks for the user. […]
https://www.bleepingcomputer.com/news/artificial-intelligence/brave-browser-starts-testing-agentic-ai-mode-for-automated-tasks/ - A big finish to 2025 in December’s Patch Tuesday
Sophos Threat Research • 2025-12-11 14:02 • news.sophos.com
A month with no Critical-severity Windows bugs is overshadowed by a mass of Mariner mop-up
https://news.sophos.com/en-us/2025/12/11/a-big-finish-to-2025-in-decembers-patch-tuesday/ - Hackers exploit Gladinet CentreStack cryptographic flaw in RCE attacks
BleepingComputer • 2025-12-11 13:49 • www.bleepingcomputer.com
Hackers are exploiting a new, undocumented vulnerability in the implementation of the cryptographic algorithm present in Gladinet’s CentreStack and Triofox products for secure remote file access and sharing. […]
https://www.bleepingcomputer.com/news/security/hackers-exploit-gladinet-centrestack-cryptographic-flaw-in-rce-attacks/ - Notepad++ fixes flaw that let attackers push malicious update files
BleepingComputer • 2025-12-11 13:04 • www.bleepingcomputer.com
Notepad++ version 8.8.9 was released to fix a security weakness in its WinGUp update tool after researchers and users reported incidents in which the updater retrieved malicious executables instead of legitimate update packages. […]
https://www.bleepingcomputer.com/news/security/notepad-plus-plus-fixes-flaw-that-let-attackers-push-malicious-update-files/ - Malicious VSCode Marketplace extensions hid trojan in fake PNG file
BleepingComputer • 2025-12-11 12:54 • www.bleepingcomputer.com
A stealthy campaign with 19 extensions on the VSCode Marketplace has been active since February, targeting developers with malware hidden inside dependency folders. […]
https://www.bleepingcomputer.com/news/security/malicious-vscode-marketplace-extensions-hid-trojan-in-fake-png-file/ - React2Shell flaw (CVE-2025-55182) exploited for remote code execution
Sophos Threat Research • 2025-12-11 10:07 • news.sophos.com
The availability of exploit code will likely lead to more widespread opportunistic attacks
https://news.sophos.com/en-us/2025/12/11/react2shell-flaw-cve-2025-55182-exploited-for-remote-code-execution/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
