Breaking News – Cyber Threats (last 6h)
Generated: 2025-12-12 16:00 PST
- Apple fixes two zero-day flaws exploited in 'sophisticated' attacks
BleepingComputer • 2025-12-12 15:23 • www.bleepingcomputer.com
Apple has released emergency updates to patch two zero-day vulnerabilities that were exploited in an “extremely sophisticated attack” targeting specific individuals. […]
https://www.bleepingcomputer.com/news/security/apple-fixes-two-zero-day-flaws-exploited-in-sophisticated-attacks/ - Friday Squid Blogging: Giant Squid Eating a Diamondback Squid
Schneier on Security • 2025-12-12 14:00 • www.schneier.comI have no context for this video—it’s from Reddit—but one of the commenters adds some context:
Hey everyone, squid biologist here! Wanted to add some stuff you might find interesting.
With so many people carrying around cameras, we’re getting more videos of giant squid at the surface than in previous decades. We’re also starting to notice a pattern, that around this time of year (peaking in January) we see a bunch…
https://www.schneier.com/blog/archives/2025/12/friday-squid-blogging-giant-squid-eating-a-diamondback-squid.html - Processing 630 Million More Pwned Passwords, Courtesy of the FBI
Troy Hunt • 2025-12-12 13:29 • www.troyhunt.comThe sheer scope of cybercrime can be hard to fathom, even when you live and breathe it every day. It's not just the volume of data, but also the extent to which it replicates across criminal actors seeking to abuse it for their own gain, and to our
https://www.troyhunt.com/processing-630-million-more-pwned-passwords-courtesy-of-the-fbi/
- Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads
The Hacker News • 2025-12-12 10:50 • thehackernews.com
Cybersecurity researchers are calling attention to a new campaign that’s leveraging GitHub-hosted Python repositories to distribute a previously undocumented JavaScript-based Remote Access Trojan (RAT) dubbed PyStoreRAT.
“These repositories, often themed as development utilities or OSINT tools, contain only a few lines of code responsible for silently downloading a remote HTA file and executing
https://thehackernews.com/2025/12/fake-osint-and-gpt-utility-github-repos.html - Coupang data breach traced to ex-employee who retained system access
BleepingComputer • 2025-12-12 10:28 • www.bleepingcomputer.com
A data breach at Coupang that exposed the information of 33.7 million customers has been tied to a former employee who retained access to internal systems after leaving the company. […]
https://www.bleepingcomputer.com/news/security/coupang-data-breach-traced-to-ex-employee-who-retained-system-access/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
