Breaking News – Cyber Threats (last 6h)
Generated: 2025-12-15 07:00 PST
- Microsoft: Recent Windows updates break VPN access for WSL users
BleepingComputer • 2025-12-15 06:34 • www.bleepingcomputer.com
Microsoft says that recent Windows 11 security updates are causing VPN networking failures for enterprise users running Windows Subsystem for Linux. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-recent-windows-updates-cause-wsl-networking-issues/ - FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE
The Hacker News • 2025-12-15 06:32 • thehackernews.com
Multiple security vulnerabilities have been disclosed in the open-source private branch exchange (PBX) platform FreePBX, including a critical flaw that could result in an authentication bypass under certain configurations.
The shortcomings, discovered by Horizon3.ai and reported to the project maintainers on September 15, 2025, are listed below –CVE-2025-61675 (CVSS score: 8.6) – Numerous
https://thehackernews.com/2025/12/freepbx-authentication-bypass-exposed.html - More React2Shell Exploits CVE-2025-55182, (Mon, Dec 15th)
SANS ISC Diary (full) • 2025-12-15 05:17 • isc.sans.eduExploits for React2Shell (CVE-2025-55182) remain active. However, at this point, I would think that any servers vulnerable to the “plain” exploit attempts have already been exploited several times. Here is today's most popular exploit payload:
- Google links more Chinese hacking groups to React2Shell attacks
BleepingComputer • 2025-12-15 04:46 • www.bleepingcomputer.com
Over the weekend, Google’s threat intelligence team linked five more Chinese hacking groups to attacks exploiting the maximum-severity “React2Shell” remote code execution vulnerability. […]
https://www.bleepingcomputer.com/news/security/google-links-more-chinese-hacking-groups-to-react2shell-attacks/ - ⚡ Weekly Recap: Apple 0-Days, WinRAR Exploit, LastPass Fines, .NET RCE, OAuth Scams & More
The Hacker News • 2025-12-15 04:24 • thehackernews.com
If you use a smartphone, browse the web, or unzip files on your computer, you are in the crosshairs this week. Hackers are currently exploiting critical flaws in the daily software we all rely on—and in some cases, they started attacking before a fix was even ready.
Below, we list the urgent updates you need to install right now to stop these active threats.
⚡ Threat of the Week
Apple and
https://thehackernews.com/2025/12/weekly-recap-apple-0-days-winrar.html - Against the Federal Moratorium on State-Level Regulation of AI
Schneier on Security • 2025-12-15 04:02 • www.schneier.comCast your mind back to May of this year: Congress was in the throes of debate over the massive budget bill. Amidst the many seismic provisions, Senator Ted Cruz dropped a ticking time bomb of tech policy: a ten-year moratorium on the ability of states to regulate artificial intelligence. To many, this was catastrophic. The few massive AI companies seem to be swallowing our economy whole: their energy demands ar…
https://www.schneier.com/blog/archives/2025/12/against-the-federal-moratorium-on-state-level-regulation-of-ai.html - A Browser Extension Risk Guide After the ShadyPanda Campaign
The Hacker News • 2025-12-15 03:55 • thehackernews.com
In early December 2025, security researchers exposed a cybercrime campaign that had quietly hijacked popular Chrome and Edge browser extensions on a massive scale.
A threat group dubbed ShadyPanda spent seven years playing the long game, publishing or acquiring harmless extensions, letting them run clean for years to build trust and gain millions of installs, then suddenly flipping them into
https://thehackernews.com/2025/12/a-browser-extension-risk-guide-after.html - French Interior Ministry confirms cyberattack on email servers
BleepingComputer • 2025-12-15 03:06 • www.bleepingcomputer.com
The French Interior Minister confirmed on Friday that the country’s Ministry of the Interior was breached in a cyberattack that compromised e-mail servers. […]
https://www.bleepingcomputer.com/news/security/france-interior-ministry-confirms-cyberattack-on-email-servers/ - Phantom Stealer Spread by ISO Phishing Emails Hitting Russian Finance Sector
The Hacker News • 2025-12-15 01:24 • thehackernews.com
Cybersecurity researchers have disclosed details of an active phishing campaign that’s targeting a wide range of sectors in Russia with phishing emails that deliver Phantom Stealer via malicious ISO optical disc images.
The activity, codenamed Operation MoneyMount-ISO by Seqrite Labs, has primarily singled out finance and accounting entities, with those in the procurement, legal, payroll
https://thehackernews.com/2025/12/phantom-stealer-spread-by-iso-phishing.html - Game of clones: Sophos and the MITRE ATT&CK Enterprise 2025 Evaluations
Sophos Threat Research • 2025-12-15 01:12 • news.sophos.com
Winter is coming – so it must be time for Sophos X-Ops’ report on this year’s MITRE ATT&CK Enterprise Evaluations
https://news.sophos.com/en-us/2025/12/15/game-of-clones-sophos-and-the-mitre-attck-enterprise-2025-evaluations/ - Microsoft: December security updates cause Message Queuing failures
BleepingComputer • 2025-12-15 01:04 • www.bleepingcomputer.com
Microsoft has confirmed that the December 2025 security updates are breaking Message Queuing (MSMQ) functionality, affecting enterprise applications and Internet Information Services (IIS) websites. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-december-security-updates-cause-message-queuing-failures/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
