Breaking News – Cyber Threats (last 6h)
Generated: 2025-12-03 12:00 PST
- Attempts to Bypass CDNs, (Wed, Dec 3rd)
SANS ISC Diary (full) • 2025-12-03 11:31 • isc.sans.eduCurrently, in order to provide basic DDoS protection and filter aggressive bots, some form of Content Delivery Network (CDN) is usually the simplest and most cost-effective way to protect a web application. In a typical setup, DNS is used to point clients to the CDN, and the CDN will then forward the request to the actual web server. There are a number of companies offering services like this, and cloud providers will usually have solutions like this as well.
- Critical RSC Bugs in React and Next.js Allow Unauthenticated Remote Code Execution
The Hacker News • 2025-12-03 10:19 • thehackernews.com
A maximum-severity security flaw has been disclosed in React Server Components (RSC) that, if successfully exploited, could result in remote code execution.
The vulnerability, tracked as CVE-2025-55182, carries a CVSS score of 10.0.
It allows “unauthenticated remote code execution by exploiting a flaw in how React decodes payloads sent to React Server Function endpoints,” the React Team said in
https://thehackernews.com/2025/12/critical-rsc-bugs-in-react-and-nextjs.html - Discover the AI Tools Fueling the Next Cybercrime Wave — Watch the Webinar
The Hacker News • 2025-12-03 09:56 • thehackernews.com
Remember when phishing emails were easy to spot? Bad grammar, weird formatting, and requests from a “Prince” in a distant country?
Those days are over.
Today, a 16-year-old with zero coding skills and a $200 allowance can launch a campaign that rivals state-sponsored hackers. They don’t need to be smart; they just need to subscribe to the right AI tool.
We are witnessing the industrialization of
https://thehackernews.com/2025/12/discover-ai-tools-fueling-next.html - Microsoft Silently Patches Windows LNK Flaw After Years of Active Exploitation
The Hacker News • 2025-12-03 09:46 • thehackernews.com
Microsoft has silently plugged a security flaw that has been exploited by several threat actors since 2017 as part of the company’s November 2025 Patch Tuesday updates, according to ACROS Security’s 0patch.
The vulnerability in question is CVE-2025-9491 (CVSS score: 7.8/7.0), which has been described as a Windows Shortcut (LNK) file UI misinterpretation vulnerability that could lead to remote
https://thehackernews.com/2025/12/microsoft-silently-patches-windows-lnk.html - Russia blocks Roblox over distribution of LGBT "propaganda"
BleepingComputer • 2025-12-03 09:33 • www.bleepingcomputer.com
Roskomnadzor, Russia’s telecommunications watchdog, has blocked access to the Roblox online gaming platform for failing to stop the distribution of what it described as LGBT propaganda and extremist materials. […]
https://www.bleepingcomputer.com/news/security/russia-blocks-roblox-over-distribution-of-lgbt-propaganda/ - WordPress King Addons Flaw Under Active Attack Lets Hackers Make Admin Accounts
The Hacker News • 2025-12-03 09:08 • thehackernews.com
A critical security flaw impacting a WordPress plugin known as King Addons for Elementor has come under active exploitation in the wild.
The vulnerability, CVE-2025-8489 (CVSS score: 9.8), is a case of privilege escalation that allows unauthenticated attackers to grant themselves administrative privileges by simply specifying the administrator user role during registration.
It affects versions
https://thehackernews.com/2025/12/wordpress-king-addons-flaw-under-active.html - Google expands Android scam protection feature to Chase, Cash App in U.S.
BleepingComputer • 2025-12-03 09:00 • www.bleepingcomputer.com
Google is expanding support for its Android’s in-call scam protection to multiple banks and financial applications in the United States. […]
https://www.bleepingcomputer.com/news/security/google-expands-android-scam-protection-feature-to-chase-cash-app-in-us/ - Microsoft "mitigates" Windows LNK flaw exploited as zero-day
BleepingComputer • 2025-12-03 08:45 • www.bleepingcomputer.com
Microsoft has silently “mitigated” a high-severity Windows LNK vulnerability exploited by multiple state-backed and cybercrime hacking groups in zero-day attacks. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-mitigates-windows-lnk-flaw-exploited-as-zero-day/ - FBI warns of surge in account takeover (ATO) fraud schemes – what you need to know
Graham Cluley • 2025-12-03 07:38 • www.fortra.com
The FBI has recently issued a public service announcement that warns that since January 2025 there have been more than 5,100 complaints of account takeover fraud, and total reported losses in excess of US $262 million.Read more in my article on the Fortra blog.
https://www.fortra.com/blog/fbi-warns-surge-account-takeover-ato-fraud-schemes-need-know - Brazil Hit by Banking Trojan Spread via WhatsApp Worm and RelayNFC NFC Relay Fraud
The Hacker News • 2025-12-03 07:32 • thehackernews.com
The threat actor known as Water Saci is actively evolving its tactics, switching to a sophisticated, highly layered infection chain that uses HTML Application (HTA) files and PDFs to propagate via WhatsApp a worm that deploys a banking trojan in attacks targeting users in Brazil.
The latest wave is characterized by the attackers shifting from PowerShell to a Python-based variant that spreads the
https://thehackernews.com/2025/12/brazil-hit-by-banking-trojan-spread-via.html - Deep dive into DragonForce ransomware and its Scattered Spider connection
BleepingComputer • 2025-12-03 07:05 • www.bleepingcomputer.com
DragonForce expanded its ransomware operation in 2025 by working with English-speaking hackers known for advanced social engineering and initial access. Acronis explains how the “Scattered Spider” collaboration enables coordinated, multistage intrusions across major environments. […]
https://www.bleepingcomputer.com/news/security/deep-dive-into-dragonforce-ransomware-and-its-scattered-spider-connection/ - Aisuru botnet behind new record-breaking 29.7 Tbps DDoS attack
BleepingComputer • 2025-12-03 06:01 • www.bleepingcomputer.com
In just three months, the massive Aisuru botnet launched more than 1,300 distributed denial-of-service attacks, one of them setting a new record with a peak at 29.7 terabits per second. […]
https://www.bleepingcomputer.com/news/security/aisuru-botnet-behind-new-record-breaking-297-tbps-ddos-attack/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
