December Patch Tuesday arrives bearing 71 gifts
Seventeen Critical-severity CVEs ready to deck your halls; also, new blog guidance for Windows Server admins
Similar Posts
Chinese Hackers Accessed US Treasury Workstations in ‘Major’ Cybersecurity Incident
Chinese hackers remotely accessed US Treasury Department workstations after compromising a cloud-based service operated by BeyondTrust. The post Chinese Hackers Accessed US Treasury Workstations in ‘Major’ Cybersecurity Incident appeared first on SecurityWeek.
⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More
Bys sIf this had been a security drill, someone would’ve said it went too far. But it wasn’t a drill—it was real. The access? Everything looked normal. The tools? Easy to find. The detection? Came too late. This is how attacks happen now—quiet, convincing, and fast. Defenders aren’t just chasing hackers anymore—they’re struggling to trust what…
BadIIS Malware Spreads via SEO Poisoning — Redirects Traffic, Plants Web Shells
Bys sCybersecurity researchers are calling attention to a search engine optimization (SEO) poisoning campaign likely undertaken by a Chinese-speaking threat actor using a malware called BadIIS in attacks targeting East and Southeast Asia, particularly with a focus on Vietnam. The activity, dubbed Operation Rewrite, is being tracked by Palo Alto Networks Unit 42 under the moniker…
Blockchain Offers Security Benefits – But Don’t Neglect Your Passwords
Bys sBlockchain is best known for its use in cryptocurrencies like Bitcoin, but it also holds significant applications for online authentication. As businesses in varying sectors increasingly embrace blockchain-based security tools, could the technology one day replace passwords? How blockchain works Blockchain is a secure way to maintain, encrypt, and exchange digital records of transactions.
Sticky Werewolf Uses Undocumented Implant to Deploy Lumma Stealer in Russia and Belarus
Bys sThe threat actor known as Sticky Werewolf has been linked to targeted attacks primarily in Russia and Belarus with the aim of delivering the Lumma Stealer malware by means of a previously undocumented implant. Cybersecurity company Kaspersky is tracking the activity under the name Angry Likho, which it said bears a “strong resemblance” to Awaken…
Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API
Bys sCybersecurity researchers have flagged fresh activity from a China-aligned threat actor known as Webworm in 2025, deploying custom backdoors that employ Discord and Microsoft Graph API for command-and-control (C2 or C&C) communications. Webworm, first publicly documented by Broadcom-owned Symantec in September 2022, is assessed to be active since at least 2022, targeting government agencies