🚨 Hackers are attacking CentreStack and Triofox right now using a built-in key that never changes.

It lets them break in, read the web.config file, and run code on the server.

At least 9 companies have already been hit.

🔗 Read: https://thehackernews.com/2025/12/hard-coded-gladinet-keys-let-attackers.html

🕵️ Google just patched a Chrome zero-day that’s already being exploited.

The flaw’s details are hidden for now—so attackers can’t copy it before everyone updates.

Update your Chrome and hit “Relaunch” to stay safe.

🔗 Read ↓ https://thehackernews.com/2025/12/chrome-targeted-by-active-in-wild.html

🚨 700+ Gogs servers hacked — no patch yet.

New flaw (CVE-2025-8110) lets attackers overwrite files and run code through symbolic links, bypassing last year’s fix.

Wiz found Supershell malware — often used by Chinese groups — on many hacked servers.

🔗 Read: https://thehackernews.com/2025/12/unpatched-gogs-zero-day-exploited.html

⚠️ Hackers are still hitting Middle East governments.

A group called WIRTE (Ashen Lepus) is expanding to Oman and Morocco with new malware named AshTag.

It hides in fake political PDFs — open one, and it steals your files.

🔗 Read ↓ https://thehackernews.com/2025/12/wirte-leverages-ashenloader-sideloading.html

🤖 Bots now outnumber people in some companies.

They work fast — but each one has access to sensitive data. Without the right controls, one weak bot can open the door to hackers.

Learn how to keep your RPA bots safe and your systems secure.

🔗 Read: https://thehackernews.com/2025/12/the-impact-of-robotic-process.html

Want a Master’s in Cybersecurity Risk Management? Apply by the priority deadline with no application fee.

Learn more: https://thn.news/georgetown-cyber-master

💻 ⚠️ Hackers are hiding inside Google Drive.

Researchers found a Windows backdoor called NANOREMOTE that uses the Google Drive API to steal files and run commands.

It even pretends to be Bitdefender software so it looks safe.

Experts say it’s linked to a Chinese hacking group targeting government and defense networks.

🔗 Read: https://thehackernews.com/2025/12/nanoremote-malware-uses-google-drive.html

💥 Cyber Week, unfiltered!

🔹 Malware disguised as movies.
🔹 Rootkits bypassing Windows.
🔹 AI tools turning risky.
🔹 Docker leaks spilling secrets.
🔹 Governments dialing up surveillance.

This week’s ThreatsDay Bulletin maps it all — from global crackdowns to code-level chaos.

🔗 Read → https://thehackernews.com/2025/12/threatsday-bulletin-spyware-alerts.html

Inside BTMOB: An Analytical Breakdown of a Leaked Android RAT Ecosystem
https://www.d3lab.net/inside-btmob-an-analytical-breakdown-of-a-leaked-android-rat-ecosystem/

Nothing 新品独家爆料两则

Nothing Phone (4a) / (4a) Pro
Qualcomm Snapdragon 7(s) series
Only Pro supports eSIM
Price (12G + 256G): ~$475 / ~$540
Color: Blue / Pink / White / Black

Nothing Headphone (a)
Rebranded Nothing Headphone (1) with plastic body
Color: Pink / Yellow / White / Black

#leak@MlgmXyysd_bibilailai