Another week, another reminder that cybercriminals are getting creative while defenders scramble to keep up! From malware disguising itself as helpful browser extensions to hackers learning poetry (yes, really) to break AI systems, this week had it all.

We’re talking massive DDoS attacks breaking records, nation-states playing the long game with backdoors, and even an Aussie getting jail time for fake airport Wi-Fi. Plus, the eternal struggle continues: zero trust is still more “aspirational framework” than “accomplished mission” for most organizations.

Whether you’re patching React vulnerabilities, investigating ransomware claims, or just trying to understand why cybercrime has become a subscription service, this week’s wrap-up has the details you need.

Scroll through for the full breakdown of attacks, breaches, and security developments that shaped the week. Stay vigilant out there! 🔐

#ThreatIntel #SecurityBreaches #CyberThreats #FWU #fridaywrapup #CyberSecurity #InfoSec #Malware #DateBreach #Ransomware

Malware & Vulnerabilities

This week revealed a disturbing landscape of evolving malware threats and critical software flaws demanding immediate attention.

• 🦠 ShadyPanda malicious campaign amassed 4.3 million Chrome and Edge browser extension installations, transforming seemingly legitimate tools into malware over seven years. (Published on 1-Dec-2025, BleepingComputer). Read More

• 💰 Albiriox banking trojan surfaces as new Android malware-as-a-service offering from Russian cybercriminals, available for $720 monthly subscription targeting 400+ global banking apps. (Published on 1-Dec-2025, SecurityWeek). Read More

• 🤖 Malicious npm package manipulates AI security detection systems with misleading prompts, exploiting automated analysis tools in sophisticated supply chain attack. (Published on 1-Dec-2025, Infosecurity). Read More

• 🔍 Chrome and Edge extensions caught profiling users, reading cookie data to create unique identifiers, and executing malicious payloads with full browser API access. (Published on 2-Dec-2025, SecurityWeek). Read More

• 📱 Google patches 107 Android vulnerabilities including two Framework bugs actively exploited in the wild, addressing flaws across multiple system components and chipset manufacturers. (Published on 2-Dec-2025, The Hacker News). Read More

• ⚛️ Critical React vulnerability threatens major applications as developers scramble to patch flaw found in 39% of cloud environments using this widely-deployed framework. (Published on 3-Dec-2025, CyberScoop). Read More

• 🪟 Microsoft silently patches Windows LNK file vulnerability actively exploited since 2017, addressing UI misinterpretation flaw that enabled threat actors’ campaigns for years. (Published on 3-Dec-2025, The Hacker News). Read More

• 🇨🇳 Chinese hackers actively exploit React2Shell vulnerability as AWS observes multiple China-linked threat groups targeting the critical flaw in coordinated campaigns. (Published on 4-Dec-2025, SecurityWeek). Read More

Major Cyberattacks & Incidents

Significant breaches this week exposed vulnerabilities across emergency services, manufacturing, financial sectors, and government infrastructure.

• 🚨 CodeRED emergency alert platform shut down following cyberattack, with Inc ransomware gang claiming responsibility and threatening sensitive subscriber data exposure. (Published on 1-Dec-2025, Dark Reading). Read More

• 🏢 Everest ransomware group claims ASUS breach, alleging theft of over 1TB data including camera source code with 21-hour response deadline via Qtox. (Published on 2-Dec-2025, Hackread). Read More

• 🏦 Marquis Software Solutions data breach impacts over 74 U.S. banks and credit unions, exposing customers’ financial information through compromised software provider infrastructure. (Published on 3-Dec-2025, BleepingComputer). Read More

• 📱 Freedom Mobile confirms data breach as hackers stole customers’ personal information from account management platform, compromising subscriber details and credentials. (Published on 4-Dec-2025, SecurityWeek). Read More

• 💻 Two Virginia contractors arrested for allegedly wiping 96 government databases and stealing sensitive information after termination from federal positions. (Published on 4-Dec-2025, BleepingComputer). Read More

Espionage & Data Extraction

Nation-state actors and commercial spyware operators continued targeting sensitive data through sophisticated intelligence operations.

• 🇰🇵 North Korean recruiters exposed in unprecedented operation luring software engineers to rent their identities for illicit IT worker schemes funding regime activities. (Published on 2-Dec-2025, BleepingComputer). Read More

• 🛒 Arizona Attorney General sues Chinese retailer Temu and parent company PDD Holdings over allegations of stealing customers’ data through e-commerce platform. (Published on 3-Dec-2025, SecurityWeek). Read More

• 🔐 CISA reveals BRICKSTORM backdoor used by PRC state-sponsored threat actors for maintaining long-term persistence in compromised VMware vSphere and Windows systems. (Published on 5-Dec-2025, The Hacker News). Read More

• 👁️ Predator spyware maker Intellexa continues operations despite sanctions, with new data leaks exposing flagship spyware infrastructure, attack vectors, and additional victims. (Published on 5-Dec-2025, Infosecurity). Read More

Cybersecurity Tools & Techniques

From criminal prosecution to underground marketplace evolution, this week highlighted both enforcement successes and emerging threat landscapes.

• ✈️ Australian man sentenced to 7 years 4 months in prison for deploying evil twin Wi-Fi networks at airports and mid-flight to steal travelers’ data. (Published on 1-Dec-2025, Hackread). Read More

• 🛠️ Cybercrime fully shifts to subscription model with phishing kits, Telegram OTP bots, infostealer logs, and RATs now rented like SaaS tools for low-skill attackers. (Published on 2-Dec-2025, BleepingComputer). Read More

DDoS, Outages & Infrastructure

Massive DDoS attacks and critical infrastructure failures demonstrated the fragility of internet services under targeted assault.

• 🌊 Cloudflare detects and mitigates record-breaking 29.7 Tbps DDoS attack originating from AISURU botnet-for-hire with up to 4 million infected hosts. (Published on 3-Dec-2025, The Hacker News). Read More

• ⚠️ Cloudflare outage causes widespread website crashes with 500 Internal Server Error messages affecting numerous sites relying on the infrastructure provider’s services. (Published on 5-Dec-2025, BleepingComputer). Read More

AI & Policy

Emerging research reveals AI vulnerabilities while industry grapples with implementing foundational security frameworks.

• 🎭 Researchers demonstrate AI jailbreaking through poetry, increasing attack success rates from 8% to 43% when prompts use poetic rather than prose formatting. (Published on 2-Dec-2025, Dark Reading). Read More

• 🚛 California revises rules potentially ending self-driving truck ban, allowing autonomous vehicle testing on public highways while closing driverless vehicle ticketing loopholes. (Published on 4-Dec-2025, TechCrunch). Read More

• 🛡️ After 15 years, zero trust implementation remains elusive as organizations struggle with fragmented tooling, legacy infrastructure, and emerging AI agent security challenges. (Published on 4-Dec-2025, CSO Online). Read More

Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!