dark
Hand-Picked Top-Read Stories
Trending Tags
1 minute read

ThreatsDay Bulletin: WhatsApp Hijacks, MCP Leaks, AI Recon, React2Shell Exploit and 15 More Stories

info@thehackernews.com (The Hacker News)
December 18, 2025
This week’s ThreatsDay Bulletin tracks how attackers keep reshaping old tools and finding new angles in familiar systems. Small changes in tactics are stacking up fast, and each one hints at where the next big breach could come from. From shifting infrastructures to clever social hooks, the week’s activity shows just how fluid the threat landscape has become. Here’s the full rundown of what
Total
0
Shares
0
0
0

This week’s ThreatsDay Bulletin tracks how attackers keep reshaping old tools and finding new angles in familiar systems. Small changes in tactics are stacking up fast, and each one hints at where the next big breach could come from.

From shifting infrastructures to clever social hooks, the week’s activity shows just how fluid the threat landscape has become.

Here’s the full rundown of what moved in the cyber world this week.

The patterns behind these stories keep repeating — faster code, smarter lures, and fewer pauses between discovery and abuse. Each case adds another piece to the wider map of how attacks adapt when attention fades.

Next week will bring a fresh set of shifts, but for now, these are the signals worth noting. Stay sharp, connect the dots, and watch what changes next.

That’s all for this edition of the ThreatsDay Bulletin — the pulse of what’s moving beneath the surface every Thursday.

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

 The Hacker News 

Total
0
Shares
Share 0
Tweet 0
Share 0
Share 0
Share 0
Previous Post

North Korea-Linked Hackers Steal $2.02 Billion in 2025, Leading Global Crypto Theft

December 18, 2025
Next Post

France arrests 22-year-old over Interior Ministry hack

December 18, 2025
Related Posts
2 min

Fortinet Warns of New FortiWeb CVE-2025-58034 Vulnerability Exploited in the Wild

Fortinet has warned of a new security flaw in FortiWeb that it said has been exploited in the wild. The medium-severity vulnerability, tracked as CVE-2025-58034, carries a CVSS score of 6.7 out of a maximum of 10.0. "An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in FortiWeb may allow an authenticated attacker to execute
info@thehackernews.com (The Hacker News)
November 18, 2025
Read More
2 min

CISA Warns of Active Exploitation of Gogs Vulnerability Enabling Code Execution

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of a high-severity security flaw impacting Gogs by adding it to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability, tracked as CVE-2025-8110 (CVSS score: 8.7), relates to a case of path traversal in the repository file editor that could result in code execution. "Gogs Path
info@thehackernews.com (The Hacker News)
January 13, 2026
Read More
3 min

Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088

Google on Tuesday revealed that multiple threat actors, including nation-state adversaries and financially motivated groups, are exploiting a now-patched critical security flaw in RARLAB WinRAR to establish initial access and deploy a diverse array of payloads. "Discovered and patched in July 2025, government-backed threat actors linked to Russia and China as well as financially motivated
info@thehackernews.com (The Hacker News)
January 28, 2026
Read More