Breaking News – Cyber Threats (last 6h)
Generated: 2025-12-02 12:00 PST
- ChatGPT is down worldwide, conversations dissapeared for users
BleepingComputer • 2025-12-02 11:52 • www.bleepingcomputer.com
OpenAI’s AI-powered ChatGPT is down worldwide, and the reason is unclear. […]
https://www.bleepingcomputer.com/news/artificial-intelligence/chatgpt-is-down-worldwide-conversations-dissapeared-for-users/ - Shai-Hulud 2.0 NPM malware attack exposed up to 400,000 dev secrets
BleepingComputer • 2025-12-02 11:06 • www.bleepingcomputer.com
The second Shai-Hulud attack last week exposed around 400,000 raw secrets after infecting hundreds of packages in the NPM (Node Package Manager) registry and publishing stolen data in 30,000 GitHub repositories. […]
https://www.bleepingcomputer.com/news/security/shai-hulud-20-npm-malware-attack-exposed-up-to-400-000-dev-secrets/ - India Orders Messaging Apps to Work Only With Active SIM Cards to Prevent Fraud and Misuse
The Hacker News • 2025-12-02 09:46 • thehackernews.com
India’s Department of Telecommunications (DoT) has issued directions to app-based communication service providers to ensure that the platforms cannot be used without an active SIM card linked to the user’s mobile number.
To that end, messaging apps like WhatsApp, Telegram, Snapchat, Arattai, Sharechat, Josh, JioChat, and Signal that use an Indian mobile number for uniquely identifying their
https://thehackernews.com/2025/12/india-orders-messaging-apps-to-work.html - Microsoft Defender portal outage disrupts threat hunting alerts
BleepingComputer • 2025-12-02 08:10 • www.bleepingcomputer.com
Microsoft is working to mitigate an ongoing incident that has been blocking access to some Defender XDR portal capabilities for the past 10 hours. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-portal-outage-blocks-access-to-security-alerts/ - Cybercrime Goes SaaS: Renting Tools, Access, and Infrastructure
BleepingComputer • 2025-12-02 07:10 • www.bleepingcomputer.com
Cybercrime has fully shifted to a subscription model, with phishing kits, Telegram OTP bots, infostealer logs, and even RATs now rented like SaaS tools. Varonis explains how this “crime-as-a-service” economy lowers the barrier to entry and gives low-skill attackers on-demand access to advanced capabilities. […]
https://www.bleepingcomputer.com/news/security/cybercrime-goes-saas-renting-tools-access-and-infrastructure/ - Researchers Capture Lazarus APT's Remote-Worker Scheme Live on Camera
The Hacker News • 2025-12-02 07:02 • thehackernews.com
A joint investigation led by Mauro Eldritch, founder of BCA LTD, conducted together with threat-intel initiative NorthScan and ANY.RUN, a solution for interactive malware analysis and threat intelligence, has uncovered one of North Korea’s most persistent infiltration schemes: a network of remote IT workers tied to Lazarus Group’s Famous Chollima division.
For the first time, researchers managed
https://thehackernews.com/2025/12/researchers-capture-lazarus-apts-remote.html - GlassWorm Returns with 24 Malicious Extensions Impersonating Popular Developer Tools
The Hacker News • 2025-12-02 07:01 • thehackernews.com
The supply chain campaign known as GlassWorm has once again reared its head, infiltrating both Microsoft Visual Studio Marketplace and Open VSX with 24 extensions impersonating popular developer tools and frameworks like Flutter, React, Tailwind, Vim, and Vue.
GlassWorm was first documented in October 2025, detailing its use of the Solana blockchain for command-and-control (C2) and harvest npm,
https://thehackernews.com/2025/12/glassworm-returns-with-24-malicious.html - North Korea lures engineers to rent identities in fake IT worker scheme
BleepingComputer • 2025-12-02 06:57 • www.bleepingcomputer.com
In an unprecedented intelligence operation, security researchers exposed how North Korean IT recruiters target and lure developers into renting their identities for illicit fundraising. […]
https://www.bleepingcomputer.com/news/security/north-korea-lures-engineers-to-rent-identities-in-fake-it-worker-scheme/ - Google fixes two Android zero days exploited in attacks, 107 flaws
BleepingComputer • 2025-12-02 06:36 • www.bleepingcomputer.com
Google has released the December 2025 Android security bulletin, addressing 107 vulnerabilities, including two flaws actively exploited in targeted attacks. […]
https://www.bleepingcomputer.com/news/security/google-fixes-two-android-zero-days-exploited-in-attacks-107-flaws/ - Malicious npm Package Uses Hidden Prompt and Script to Evade AI Security Tools
The Hacker News • 2025-12-02 06:17 • thehackernews.com
Cybersecurity researchers have disclosed details of an npm package that attempts to influence artificial intelligence (AI)-driven security scanners.
The package in question is eslint-plugin-unicorn-ts-2, which masquerades as a TypeScript extension of the popular ESLint plugin. It was uploaded to the registry by a user named “hamburgerisland” in February 2024. The package has been downloaded
https://thehackernews.com/2025/12/malicious-npm-package-uses-hidden.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
