Breaking News – Cyber Threats (last 6h)
Generated: 2025-12-17 16:00 PST
- Zeroday Cloud hacking event awards $320,0000 for 11 zero days
BleepingComputer • 2025-12-17 15:09 • www.bleepingcomputer.com
The Zeroday Cloud hacking competition in London has awarded researchers $320,000 for demonstrating critical remote code execution vulnerabilities in components used in cloud infrastructure. […]
https://www.bleepingcomputer.com/news/security/zeroday-cloud-hacking-event-awards-320-0000-for-11-zero-days/ - France arrests suspect tied to cyberattack on Interior Ministry
BleepingComputer • 2025-12-17 14:20 • www.bleepingcomputer.com
French authorities arrested a 22-year-old suspect on Tuesday for a cyberattack that targeted France’s Ministry of the Interior earlier this month. […]
https://www.bleepingcomputer.com/news/security/france-arrests-suspect-tied-to-cyberattack-on-interior-ministry/ - Amazon: Ongoing cryptomining campaign uses hacked AWS accounts
BleepingComputer • 2025-12-17 13:48 • www.bleepingcomputer.com
Amazon’s AWS GuardDuty security team is warning of an ongoing crypto-mining campaign that targets its Elastic Compute Cloud (EC2) and Elastic Container Service (ECS) using compromised credentials for Identity and Access Management (IAM). […]
https://www.bleepingcomputer.com/news/security/amazon-ongoing-cryptomining-campaign-uses-hacked-aws-accounts/ - WhatsApp device linking abused in account hijacking attacks
BleepingComputer • 2025-12-17 11:14 • www.bleepingcomputer.com
Threat actors are abusing the legitimate device-linking feature to hijack WhatsApp accounts via pairing codes in a campaign dubbed GhostPairing. […]
https://www.bleepingcomputer.com/news/security/whatsapp-device-linking-abused-in-account-hijacking-attacks/ - Cisco warns of unpatched AsyncOS zero-day exploited in attacks
BleepingComputer • 2025-12-17 10:45 • www.bleepingcomputer.com
Cisco warned customers today of an unpatched, maximum-severity Cisco AsyncOS zero-day actively exploited in attacks targeting Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) appliances. […]
https://www.bleepingcomputer.com/news/security/cisco-warns-of-unpatched-asyncos-zero-day-exploited-in-attacks/ - SonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 Appliances
The Hacker News • 2025-12-17 10:17 • thehackernews.com
SonicWall has rolled out fixes to address a security flaw in Secure Mobile Access (SMA) 100 series appliances that it said has been actively exploited in the wild.
The vulnerability, tracked as CVE-2025-40602 (CVSS score: 6.6), concerns a case of local privilege escalation that arises as a result of insufficient authorization in the appliance management console (AMC).
It affects the following
https://thehackernews.com/2025/12/sonicwall-fixes-actively-exploited-cve.html - Kimwolf Botnet Hijacks 1.8 Million Android TVs, Launches Large-Scale DDoS Attacks
The Hacker News • 2025-12-17 10:09 • thehackernews.com
A new distributed denial-of-service (DDoS) botnet known as Kimwolf has enlisted a massive army of no less than 1.8 million infected devices comprising Android-based TVs, set-top boxes, and tablets, and may be associated with another botnet known as AISURU, according to findings from QiAnXin XLab.
“Kimwolf is a botnet compiled using the NDK [Native Development Kit],” the company said in a report
https://thehackernews.com/2025/12/kimwolf-botnet-hijacks-18-million.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
