Breaking News – Cyber Threats (last 6h)
Generated: 2025-12-16 07:00 PST
- Most Parked Domains Now Serving Malicious Content
KrebsOnSecurity • 2025-12-16 06:14 • krebsonsecurity.com
Direct navigation — the act of visiting a website by manually typing a domain name in a web browser — has never been riskier: A new study finds the vast majority of “parked” domains — mostly expired or dormant domain names, or common misspellings of popular websites — are now configured to redirect visitors to sites that foist scams and malware.
https://krebsonsecurity.com/2025/12/most-parked-domains-now-serving-malicious-content/ - Microsoft to block Exchange Online access for outdated mobile devices
BleepingComputer • 2025-12-16 04:53 • www.bleepingcomputer.com
Microsoft announced on Monday that it will soon block mobile devices running outdated email software from accessing Exchange Online services until they’re updated. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-to-block-exchange-online-access-for-outdated-mobile-devices/ - Amazon Exposes Years-Long GRU Cyber Campaign Targeting Energy and Cloud Infrastructure
The Hacker News • 2025-12-16 04:27 • thehackernews.com
Amazon’s threat intelligence team has disclosed details of a “years-long” Russian state-sponsored campaign that targeted Western critical infrastructure between 2021 and 2025.
Targets of the campaign included energy sector organizations across Western nations, critical infrastructure providers in North America and Europe, and entities with cloud-hosted network infrastructure. The activity has
https://thehackernews.com/2025/12/amazon-exposes-years-long-gru-cyber.html - Chinese Surveillance and AI
Schneier on Security • 2025-12-16 04:02 • www.schneier.comNew report: “The Party’s AI: How China’s New AI Systems are Reshaping Human Rights.” From a summary article:
China is already the world’s largest exporter of AI powered surveillance technology; new surveillance technologies and platforms developed in China are also …
https://www.schneier.com/blog/archives/2025/12/chinese-surveillance-and-ai.html - European authorities dismantle call center fraud ring in Ukraine
BleepingComputer • 2025-12-16 03:44 • www.bleepingcomputer.com
European law enforcement authorities dismantled a fraud network operating call centers in Ukraine that scammed victims across Europe out of more than 10 million euros. […]
https://www.bleepingcomputer.com/news/security/european-authorities-dismantle-call-center-fraud-ring-in-ukraine/ - Why Data Security and Privacy Need to Start in Code
The Hacker News • 2025-12-16 03:30 • thehackernews.com
AI-assisted coding and AI app generation platforms have created an unprecedented surge in software development. Companies are now facing rapid growth in both the number of applications and the pace of change within those applications. Security and privacy teams are under significant pressure as the surface area they must cover is expanding quickly while their staffing levels remain largely
https://thehackernews.com/2025/12/why-data-security-and-privacy-need-to.html - Fortinet FortiGate Under Active Attack Through SAML SSO Authentication Bypass
The Hacker News • 2025-12-16 02:58 • thehackernews.com
Threat actors have begun to exploit two newly disclosed security flaws in Fortinet FortiGate devices, less than a week after public disclosure.
Cybersecurity company Arctic Wolf said it observed active intrusions involving malicious single sign-on (SSO) logins on FortiGate appliances on December 12, 2025. The attacks exploit two critical authentication bypasses (CVE-2025-59718 and CVE-2025-59719
https://thehackernews.com/2025/12/fortinet-fortigate-under-active-attack.html - God Mode On: how we attacked a vehicle’s head unit modem
Securelist • 2025-12-16 02:00 • securelist.com
Kaspersky researchers describe how they gained access to a vehicle’s head unit by exploiting a single vulnerability in its modem.
https://securelist.com/attacking-car-modem/118463/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
