Cybersecurity News Bytes

CISA and NSA Warn of China-Backed BRICKSTORM Malware Campaign This joint advisory from CISA, NSA, and Canadian officials highlights a sophisticated malware operation attributed to Chinese state-sponsored actors, targeting VMware…

Cisco Warns of Active Exploitation of CVSS 10.0 Zero‑Day in Email Security Appliances Cisco has disclosed active exploitation of a critical zero‑day vulnerability, tracked as CVE‑2025‑20393, in its AsyncOS-based email…

CISA and NSA Warn of China-Backed BRICKSTORM Malware Campaign This joint advisory from CISA, NSA, and Canadian officials highlights a sophisticated malware operation attributed to Chinese state-sponsored actors, targeting VMware…

MITRE Extends D3FEND Ontology to Operational Technology Cybersecurity MITRE has extended its D3FEND knowledge graph to cover operational technology environments, introducing a structured defensive ontology that maps OT-specific techniques, assets,…

Emergency Chrome Update Addresses Actively Exploited Browser Vulnerability Google has released an emergency security update for Chrome to address a high‑severity vulnerability that is already being exploited in the wild,…

Apple Patches Two WebKit Zero-Days Exploited in Sophisticated Attacks Apple has released urgent security updates for macOS, iOS, iPadOS, and Safari to address two zero-day vulnerabilities in the WebKit rendering…

React2Shell Vulnerability Exploitation Campaign Compromises 59,000 Servers Worldwide This summary covers the rapid escalation of the React2Shell vulnerability (CVE-2025-55182) exploitation, where attackers compromised over 59,000 internet-facing servers in under 48…

NANOREMOTE Malware Leverages Google Drive API for Stealthy Windows Control This summary covers the emergence of NANOREMOTE malware, which innovatively uses Google Drive's API for command-and-control operations on compromised Windows…

Microsoft’s December 2025 Patch Tuesday Closes High‑Risk 0‑Days Across Windows, PowerShell, and Developer Tooling Microsoft’s final security release of 2025 delivers critical fixes for dozens of vulnerabilities across Windows, Office,…

Europol's VaaS Crackdown Results in 193 Arrests Europol's Operational Taskforce GRIMM has achieved a major milestone by arresting 193 individuals and disrupting criminal networks involved in violence-as-a-service operations launched in…