Breaking News – Cyber Threats (last 6h)
Generated: 2025-12-05 02:00 PST
- Cloudflare down, websites offline with 500 Internal Server Error
BleepingComputer • 2025-12-05 01:12 • www.bleepingcomputer.com
Cloudflare is down, as websites are crashing with a 500 Internal Server Error. Cloudflare is investigating the reports. […]
https://www.bleepingcomputer.com/news/technology/cloudflare-down-websites-offline-with-500-internal-server-error/ - CISA Reports PRC Hackers Using BRICKSTORM for Long-Term Access in U.S. Systems
The Hacker News • 2025-12-05 00:14 • thehackernews.com
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released details of a backdoor named BRICKSTORM that has been put to use by state-sponsored threat actors from the People’s Republic of China (PRC) to maintain long-term persistence on compromised systems.
“BRICKSTORM is a sophisticated backdoor for VMware vSphere and Windows environments,” the agency said. “
https://thehackernews.com/2025/12/cisa-reports-prc-hackers-using.html - New Anonymous Phone Service
Schneier on Security • 2025-12-05 00:08 • www.schneier.comA new anonymous phone service allows you to sign up with just a zip code.
https://www.schneier.com/blog/archives/2025/12/new-anonymous-phone-service.html
- Weekly Update 481
Troy Hunt • 2025-12-04 23:14 • www.troyhunt.comTwelve years (and one day) since launching Have I Been Pwned, it's now a service that Charlotte and I live and breathe every day. From the first thing every morning to the last thing each day, from holidays to birthdays, in sickness and in heal… wait a minute
- AutoIT3 Compiled Scripts Dropping Shellcodes, (Fri, Dec 5th)
SANS ISC Diary (full) • 2025-12-04 23:12 • isc.sans.eduAutoIT3[1] is a powerful language that helps to built nice applications for Windows environments, mainly to automate tasks. If it looks pretty old, the latest version was released last September and it remains popular amongst developers, for the good… or the bad! Malware written in AutoIt3 has existed since the late 2000s, when attackers realized that the language was easy to learn (close to basic) but can also compiled into standalone PE files! From a malware point of view, such executables make an e…
https://isc.sans.edu/diary/rss/32542 - JPCERT Confirms Active Command Injection Attacks on Array AG Gateways
The Hacker News • 2025-12-04 21:40 • thehackernews.com
A command injection vulnerability in Array Networks AG Series secure access gateways has been exploited in the wild since August 2025, according to an alert issued by JPCERT/CC this week.
The vulnerability, which does not have a CVE identifier, was addressed by the company on May 11, 2025. It’s rooted in Array’s DesktopDirect, a remote desktop access solution that allows users to securely access
https://thehackernews.com/2025/12/jpcert-confirms-active-command.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
