React2Shell flaw (CVE-2025-55182) exploited for remote code execution
Figure 2: Examples of suspicious post-exploitation commands executed on LinuxThe pattern of these commands is consistent. Remote shell scripts or...
AndyC
Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.
I am not a robot: ClickFix used to deploy StealC and Qilin
ClickFix is an increasingly common tactic used by threat actors to install malicious software on victims’ devices. It has gone...
INE Security Expands Across Middle East and Asia to Accelerate Cybersecurity Upskilling
Cary, North Carolina, USA, December 18th, 2025, CyberNewsWire Growth in Egypt, UAE, and Kingdom of Saudi Arabia Fueled by...
Client ID Metadata Documents (CIMD): The Future of MCP Authentication
After spending a year watching developers struggle with Dynamic Client Registration (DCR) for MCP servers, the Model Context Protocol...
DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists
DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists Pierluigi Paganini December 18, 2025 Resecurity reports...
TruffleNet and Cloud Abuse at Scale: An Identity Architecture Failure
The recent TruffleNet campaign, first documented by Fortinet, highlights a familiar and uncomfortable truth for security leaders: some of...
WhatsApp accounts targeted in ‘GhostPairing’ attack
Another draw is that the app is built on end-to-end encryption (E2EE) privacy in which the private keys used to...
China-Aligned Threat Group Uses Windows Group Policy to Deploy Espionage Malware
Dec 18, 2025Ravie LakshmananMalware / Cloud Security A previously undocumented China-aligned threat cluster dubbed LongNosedGoblin has been attributed to a...
HPE OneView Flaw Rated CVSS 10.0 Allows Unauthenticated Remote Code Execution
Dec 18, 2025Ravie LakshmananVulnerability / Enterprise Security Hewlett Packard Enterprise (HPE) has resolved a maximum-severity security flaw in OneView Software...
ThreatsDay Bulletin: WhatsApp Hijacks, MCP Leaks, AI Recon, React2Shell Exploit and 15 More Stories
Dec 18, 2025Ravie LakshmananCybersecurity / Hacking News This week's ThreatsDay Bulletin tracks how attackers keep reshaping old tools and finding...
North Korea-Linked Hackers Steal $2.02 Billion in 2025, Leading Global Crypto Theft
Threat actors with ties to the Democratic People's Republic of Korea (DPRK or North Korea) have been instrumental in driving...
The Power of Large Language Models for Cybersecurity
Our dependence on digital infrastructure has grown exponentially amid unprecedented technological advancements. With this reliance comes an increasingly threatening...
Self-Harm Prevention Kit Guide for Schools: Identifying Risks and Protecting Students
A self-harm prevention kit is becoming an essential part of school safety planning as student mental health challenges continue...
How To Spot Health Insurance Scams This Open Enrollment Season
If you’re in the market for insurance right now, keep an eye out for scammers in the mix. They’re out...
U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini December 18, 2025 U.S....