Breaking News – Cyber Threats (last 6h)
Generated: 2025-12-16 12:00 PST
- Texas sues TV makers for taking screenshots of what people watch
BleepingComputer • 2025-12-16 09:29 • www.bleepingcomputer.com
The Texas Attorney General sued five major television manufacturers, accusing them of illegally collecting their users’ data by secretly recording what they watch using Automated Content Recognition (ACR) technology. […]
https://www.bleepingcomputer.com/news/security/texas-sues-tv-makers-for-spying-on-users-selling-data-without-consent/ - Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign
The Hacker News • 2025-12-16 08:35 • thehackernews.com
An ongoing campaign has been observed targeting Amazon Web Services (AWS) customers using compromised Identity and Access Management (IAM) credentials to enable cryptocurrency mining.
The activity, first detected by Amazon’s GuardDuty managed threat detection service and its automated security monitoring systems on November 2, 2025, employs never-before-seen persistence techniques to hamper
https://thehackernews.com/2025/12/compromised-iam-credentials-power-large.html - Hackers exploit newly patched Fortinet auth bypass flaws
BleepingComputer • 2025-12-16 07:57 • www.bleepingcomputer.com
Hackers are exploiting critical-severity vulnerabilities affecting multiple Fortinet products to get unauthorized access to admin accounts and steal system configuration files. […]
https://www.bleepingcomputer.com/news/security/hackers-exploit-newly-patched-fortinet-auth-bypass-flaws/ - Rogue NuGet Package Poses as Tracer.Fody, Steals Cryptocurrency Wallet Data
The Hacker News • 2025-12-16 07:39 • thehackernews.com
Cybersecurity researchers have discovered a new malicious NuGet package that typosquats and impersonates the popular .NET tracing library and its author to sneak in a cryptocurrency wallet stealer.
The malicious package, named “Tracer.Fody.NLog,” remained on the repository for nearly six years. It was published by a user named “csnemess” on February 26, 2020. It masquerades as “Tracer.Fody,”
https://thehackernews.com/2025/12/rogue-nuget-package-poses-as-tracerfody.html - The AI Fix #81: ChatGPT is the last AI you’ll understand, and your teacher is a deepfake
Graham Cluley • 2025-12-16 07:30 • grahamcluley.com
In episode 81 of The AI Fix, Graham discovers that deepfakes are already marking your kids’ homework, while Mark glimpses the future when he discovers AI agents that can communicate by reading each other’s minds.Also in this episode, a Chinese robot called Miro U proves six arms are better than two; Mark discovers a well known prompting technique doesn’t work unless you want to make your AI dumber; Network Rail delays 32 trains because of an AI photo of a wonky bridge; and our hosts ponder the explosion of progress on the ARC-AGI-2 reasoning benchmark.
All this and much more is discussed…
https://grahamcluley.com/the-ai-fix-81/ - Cyberattack disrupts Venezuelan oil giant PDVSA's operations
BleepingComputer • 2025-12-16 07:19 • www.bleepingcomputer.com
Petróleos de Venezuela (PDVSA), Venezuela’s state-owned oil company, was hit by a cyberattack over the weekend that disrupted its export operations. […]
https://www.bleepingcomputer.com/news/security/cyberattack-disrupts-venezuelan-oil-giant-pdvsas-operations/ - The Hidden Risk in Virtualization: Why Hypervisors are a Ransomware Magnet
BleepingComputer • 2025-12-16 07:01 • www.bleepingcomputer.com
Ransomware groups are targeting hypervisors to maximize impact, allowing a single breach to encrypt dozens of virtual machines at once. Drawing on real-world incident data, Huntress explains how attackers exploit visibility gaps at the hypervisor layer and outlines steps orgs can take to harden virtualization infrastructure. […]
https://www.bleepingcomputer.com/news/security/the-hidden-risk-in-virtualization-why-hypervisors-are-a-ransomware-magnet/ - Most Parked Domains Now Serving Malicious Content
KrebsOnSecurity • 2025-12-16 06:14 • krebsonsecurity.com
Direct navigation — the act of visiting a website by manually typing a domain name in a web browser — has never been riskier: A new study finds the vast majority of “parked” domains — mostly expired or dormant domain names, or common misspellings of popular websites — are now configured to redirect visitors to sites that foist scams and malware.
https://krebsonsecurity.com/2025/12/most-parked-domains-now-serving-malicious-content/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
