Breaking News – Cyber Threats (last 6h)
Generated: 2025-12-30 07:00 PST
- CISA orders feds to patch MongoBleed flaw exploited in attacks
BleepingComputer • 2025-12-30 06:40 • www.bleepingcomputer.com
CISA ordered U.S. federal agencies to patch an actively exploited MongoDB vulnerability (MongoBleed) that can be exploited to steal credentials, API keys, and other sensitive data. […]
https://www.bleepingcomputer.com/news/security/cisa-orders-federal-agencies-to-patch-mongobleed-flaw-actively-exploited-in-attacks/ - Using AI-Generated Images to Get Refunds
Schneier on Security • 2025-12-30 04:02 • www.schneier.comScammers are generating images of broken merchandise in order to apply for refunds.
https://www.schneier.com/blog/archives/2025/12/using-ai-generated-images-to-get-refunds.html
- Silver Fox Targets Indian Users With Tax-Themed Emails Delivering ValleyRAT Malware
The Hacker News • 2025-12-30 02:46 • thehackernews.com
The threat actor known as Silver Fox has turned its focus to India, using income tax-themed lures in phishing campaigns to distribute a modular remote access trojan called ValleyRAT (aka Winos 4.0).
“This sophisticated attack leverages a complex kill chain involving DLL hijacking and the modular Valley RAT to ensure persistence,” CloudSEK researchers Prajwal Awasthi and Koushik Pal said in an
https://thehackernews.com/2025/12/silver-fox-targets-indian-users-with.html - How to Integrate AI into Modern SOC Workflows
The Hacker News • 2025-12-30 01:30 • thehackernews.com
Artificial intelligence (AI) is making its way into security operations quickly, but many practitioners are still struggling to turn early experimentation into consistent operational value. This is because SOCs are adopting AI without an intentional approach to operational integration. Some teams treat it as a shortcut for broken processes. Others attempt to apply machine learning to problems
https://thehackernews.com/2025/12/how-to-integrate-ai-into-modern-soc.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
