Security Bulletin
10 Dec 2025
Biztonsági szemle
Storm-0249 Abuses EDR Processes in Stealthy Attacks
The initial access broker has been weaponizing endpoint detection and response (EDR) platforms and Windows utilities in recent high-precision attacks.
10 Dec 2025
Biztonsági szemle
ClickFix Style Attack Uses Grok, ChatGPT for Malware Delivery
A new twist on the social engineering tactic is making waves, combining SEO poisoning and legitimate AI domains to install malware on victims' computers.
10 Dec 2025
Biztonsági szemle
Possible exploit variant for CVE-2024-9042 (Kubernetes OS Command Injection), (Wed, Dec 10th)
Last year, Kubernetes fixed a command injection vulnerability in the Kubernetes NodeLogQuery feature (%%cve:2024-9042%%) [1]. To exploit the vulnerability, several conditions had to be met:
10 Dec 2025
Biztonsági szemle
Feds: Pro-Russia Hactivists Target US Critical Infrastructure
So far the attacks, which compromise virtual network computing (VNC) connections in OT systems, have not been particularly destructive, but this could change as they evolve.
10 Dec 2025
Biztonsági szemle
ISC Stormcast For Wednesday, December 10th, 2025 https://isc.sans.edu/podcastdetail/9732, (Wed, Dec 10th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
10 Dec 2025
Biztonsági szemle
Japanese Firms Suffer Long Tail of Ransomware Damage
Ransomware actors have targeted manufacturers, retailers, and the Japanese government, with many organizations requiring months to recover.
9 Dec 2025
Biztonsági szemle
Microsoft Fixes Exploited Zero Day in Light Patch Tuesday
Proof-of-concept exploit code is publicly available for two other flaws in this month's Patch Tuesday. In total, the company issued patches for more than 1,150 flaws this year.
9 Dec 2025
Biztonsági szemle
Focus Group and Mitchells & Butlers: Raising the Bar for Digital Transformation in Hospitality
Cisco, Focus Group, and Mitchells & Butlers collaborated on a £17M digital transformation across 1,700 UK venues, deploying Wi-Fi 7, SD-WAN, and security solutions to modernize hospitality infrastructure and enhance guest experiences.
9 Dec 2025
Biztonsági szemle
Microsoft Patch Tuesday December 2025, (Tue, Dec 9th)
This release addresses 57 vulnerabilities. 3 of these vulnerabilities are rated critical. One vulnerability was already exploited, and two were publicly disclosed before the patch was released.
9 Dec 2025
Biztonsági szemle
Packer-as-a-Service Shanya Hides Ransomware, Kills EDR
Shanya is the latest in an emerging field of packing malware, selling obfuscation functionality in order to help ransomware actors reach their target.
9 Dec 2025
Biztonsági szemle
Innovation Happens in the Open: Cisco Joins the Agentic AI Foundation (AAIF)
Cisco is proud to join the AAIF as a Gold member, aligning with industry leaders to support the development of open standards and contribute to the success of the broader AI community.
9 Dec 2025
Biztonsági szemle
Securing AI Agents with Cisco’s Open-Source A2A Scanner
The Rise of Agent Networks: A New Security Frontier Emerging Agent-to-Agent (A2A) frameworks have emerged to support organizations as they move from isolated AI applications to interconnected … Read more on Cisco Blogs