Breaking News – Cyber Threats (last 6h)
Generated: 2025-12-09 07:00 PST
- Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading
The Hacker News • 2025-12-09 05:37 • thehackernews.com
The threat actor known as Storm-0249 is likely shifting from its role as an initial access broker to adopt a combination of more advanced tactics like domain spoofing, DLL side-loading, and fileless PowerShell execution to facilitate ransomware attacks.
“These methods allow them to bypass defenses, infiltrate networks, maintain persistence, and operate undetected, raising serious concerns for
https://thehackernews.com/2025/12/storm-0249-escalates-ransomware-attacks.html - AI vs. Human Drivers
Schneier on Security • 2025-12-09 04:07 • www.schneier.comTwo competing arguments are making the rounds. The first is by a neurosurgeon in the New York Times. In an op-ed that honestly sounds like it was paid for by Waymo, the author calls driverless cars a “public health breakthrough”:
In medical research, there’s a practice of ending a study early when the results are too striking to ignore. We stop when there is unexpected harm. We also stop for overwhelming benefit, when a treatment is working so well that it would be unethical to continue giving anyone a placebo. …
https://www.schneier.com/blog/archives/2025/12/ai-vs-human-drivers.html - Microsoft investigates Copilot outage affecting users in Europe
BleepingComputer • 2025-12-09 03:48 • www.bleepingcomputer.com
Microsoft is working to mitigate an ongoing incident that has been blocking users in Europe from accessing the company’s AI-powered Copilot digital assistant. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-investigates-copilot-outage-affecting-users-in-europe/ - How to Streamline Zero Trust Using the Shared Signals Framework
The Hacker News • 2025-12-09 03:30 • thehackernews.com
Zero Trust helps organizations shrink their attack surface and respond to threats faster, but many still struggle to implement it because their security tools don’t share signals reliably. 88% of organizations admit they’ve suffered significant challenges in trying to implement such approaches, according to Accenture. When products can’t communicate, real-time access decisions break down.
The
https://thehackernews.com/2025/12/how-to-streamline-zero-trust-using.html - Goodbye, dark Telegram: Blocks are pushing the underground out
Securelist • 2025-12-09 03:25 • securelist.com
Kaspersky researchers analyze changes in the lifespan of a shadow Telegram channel, blocks, and migration to other platforms.
https://securelist.com/goodbye-dark-telegram/118286/ - Google Adds Layered Defenses to Chrome to Block Indirect Prompt Injection Threats
The Hacker News • 2025-12-09 03:14 • thehackernews.com
Google on Monday announced a set of new security features in Chrome, following the company’s addition of agentic artificial intelligence (AI) capabilities to the web browser.
To that end, the tech giant said it has implemented layered defenses to make it harder for bad actors to exploit indirect prompt injections that arise as a result of exposure to untrusted web content and inflict harm.
Chief
https://thehackernews.com/2025/12/google-adds-layered-defenses-to-chrome.html - STAC6565 Targets Canada in 80% of Attacks as Gold Blade Deploys QWCrypt Ransomware
The Hacker News • 2025-12-09 01:35 • thehackernews.com
Canadian organizations have emerged as the focus of a targeted cyber campaign orchestrated by a threat activity cluster known as STAC6565.
Cybersecurity company Sophos said it investigated almost 40 intrusions linked to the threat actor between February 2024 and August 2025. The campaign is assessed with high confidence to share overlaps with a hacking group known as Gold Blade, which is also
https://thehackernews.com/2025/12/stac6565-targets-canada-in-80-of.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
