🚨 A fake Microsoft Teams installer is spreading malware in China.

Hackers called "Silver Fox" made it look like a Russian attack to hide their tracks.

It installs ValleyRAT, giving full remote access to victims.

🔗 Read: https://thehackernews.com/2025/12/silver-fox-uses-fake-microsoft-teams.html

⚠️ Hackers are exploiting a command injection bug in Array Networks AG Series gateways — active since August 2025.

It lets attackers run any command on systems using “DesktopDirect” remote access.

🔗 Details → https://thehackernews.com/2025/12/jpcert-confirms-active-command.html

🚨 CISA just warned about a new Chinese state-backed hack tool called BRICKSTORM — a backdoor found in VMware and Windows systems used by U.S. government and tech networks.

It can reinstall itself if removed, hide in normal traffic, and give hackers full remote control.

🔗Read → https://thehackernews.com/2025/12/cisa-reports-prc-hackers-using.html

🚨 A lawyer in Pakistan was hacked with Predator — the first known spyware attack on a civil society member.

It started with a link on WhatsApp, but new leaks show Predator can also spread through ads — no click needed.

It can read chats, record audio, take photos — and Intellexa may still access customer systems remotely.

🔗 Read → https://thehackernews.com/2025/12/intellexa-leaks-reveal-zero-days-and.html

⚠️ Within HOURS of disclosure, two China-linked hacking groups weaponized a critical React flaw (CVE-2025-55182).

They’re already scanning the web for unpatched apps.

Update to React 19.0.1+ now.

🔗 Read ↓ https://thehackernews.com/2025/12/chinese-hackers-have-started-exploiting.html

🚨 Critical Apache Tika flaw (CVE-2025-66516) just dropped — CVSS 10.0.

A single fake PDF can trigger an XXE attack, letting hackers read server files or run code.

🔗 Read ↓ https://thehackernews.com/2025/12/critical-xxe-bug-cve-2025-66516-cvss.html

Update to v3.2.2 now.

🧩 57% of SMBs say cybersecurity is a top priority — yet they still turn down MSPs.

➡ The issue isn’t interest. It’s confusion.
➡ They’re tired of jargon, fear, and hard selling.

“Getting to Yes” helps MSPs explain security in plain business terms — and win trust.

👉 See how it’s done → https://thehackernews.com/2025/12/getting-to-yes-anti-sales-guide-for-msps.html

🚨 WARNING: A new attack can trick Perplexity’s Comet browser into deleting your Google Drive.

Just one normal-looking email with hidden cleanup instructions can make the AI agent erase real files — no exploit, no warning.

🔗 Details here → https://thehackernews.com/2025/12/zero-click-agentic-browser-attack-can.html

CISA added the new 10.0-rated React RCE flaw (CVE-2025-55182) to its exploited list.

🕒 Exploited within hours by Chinese hackers.
💥 Affects Next.js, React Router, Vite, Waku & more.
💰 Some attacks dropped crypto-miners & stole AWS creds.

🔗 Read: https://thehackernews.com/2025/12/critical-react2shell-flaw-added-to-cisa.html

🛑 Over 30 security flaws found in AI-powered coding tools like Copilot, Cursor, and Zed — letting hackers steal data or run malicious code without you doing a thing.

Researchers are calling it “IDEsaster.”

🔗 Details here → https://thehackernews.com/2025/12/researchers-uncover-30-flaws-in-ai.html