CYBERSECURITY
Software Security & Vulnerabilities
MongoBleed (CVE-2025-14847) - Critical MongoDB Memory Leak Under Active Exploitation - A critical MongoDB vulnerability (CVE-2025-14847) dubbed "MongoBleed" is under active exploitation worldwide, allowing unauthenticated data leaks from 87,000+ vulnerable servers. A public proof-of-concept exploit was released on December 26, 2025. Source: The Hacker News
React2Shell (CVE-2025-55182) - Critical React Vulnerability with CVSS 10.0 - React2Shell, a critical vulnerability in React Server Components with a maximum CVSS score of 10, was disclosed this month. The flaw echoes Log4Shell and was exploited within hours of disclosure by nation-state actors and other threat groups. Source: Dark Reading
Shai-Hulud Self-Replicating Malware Infects Open Source Packages - A self-replicating malware known as Shai-Hulud emerged in September as an infostealer that infects open source software components and automatically publishes poisoned versions, affecting thousands of companies simultaneously. Source: Dark Reading
Network Security & Threat Intelligence
Salt Typhoon Continues Large-Scale Attacks Against US Telecom and Critical Infrastructure - Salt Typhoon, a Chinese state-sponsored APT, has continued its onslaught against US infrastructure in 2025, targeting telecom giants, the National Guard, and other critical systems for espionage and pre-positioning attacks. Source: Dark Reading
Hackers Launch 2.5 Million+ Malicious Requests Targeting Adobe ColdFusion - A massive coordinated exploitation campaign has targeted vulnerable Adobe ColdFusion servers with over 2.5 million malicious requests in a single campaign, demonstrating large-scale attack automation. Source: GB Hackers
Threat Intelligence & Incident Response
Five Key Flaws Exploited in 2025's Software Supply Chain Incidents - Infosecurity has compiled analysis of the five most significant vulnerability exploitation campaigns of 2025 that led to major software supply chain incidents, providing incident response insights. Source: Infosecurity Magazine
14-Day Cyber Threat Forecast - CVE-2025-59287 Microsoft WSUS RCE as Critical Threat - Active exploitation of CVE-2025-59287 (Microsoft WSUS RCE) represents the most immediate and severe threat to US-based organizations with a CVSS score of 9.8. Source: Cyber Warrior Substack
Data Security & Privacy
Salesforce Customer Breach via Salesloft GitHub Account Compromise - Threat actors breached Salesloft's GitHub account and leveraged that access to steal OAuth tokens associated with Salesforce integration, leading to downstream attacks against hundreds of Salesforce instances and major SaaS vendors. Source: Dark Reading
Cloud Security
Docker Makes Hardened Images Free in Container Security Shift - Docker made hardened container images freely available as part of a major shift in container security practices. The container security industry is valued at roughly $3 billion in 2025 and is projected to exceed $20 billion. Source: InfoQ
Cybersecurity Governance
CISA Sees Major Layoffs and Budget Cuts in 2025 - The US Cybersecurity and Infrastructure Security Agency faced significant budgetary cuts and layoffs throughout 2025, reducing support for state and local government cybersecurity initiatives at a critical time. Source: Dark Reading
2026 AI Security Predictions - The Any-Identity Crisis and Autonomous Adversaries - Security experts forecast that 2026 will see the rise of autonomous adversaries, any-identity exploitation crises, and breach-by-exhaust attacks as AI-powered security threats escalate. Source: HPC Wire
No comments:
Post a Comment