Risk
-
UK data watchdog fines LastPass £1.2m after 2022 breach exposed data of up to 1.6m users
The UK Information Commissioner’s Office fined LastPass £1.2 million over a two-part 2022 breach that exposed personal data for up to 1.6 million UK users, finding failures in technical and organisational security including permissive account-linking policies and missed AWS alerts.
-
Google patches Chrome flaw in ANGLE library that is being actively exploited
Google released Chrome security updates on Dec. 11 that fix three vulnerabilities, including a high-severity flaw in the ANGLE graphics library tracked as Chromium issue 466192044 and reported to be exploited in the wild; users should update to the latest 143.0.7499 builds.
-
Unpatched Gogs vulnerability being actively exploited; hundreds of instances compromised
Wiz researchers say a high-severity unpatched flaw in Gogs (CVE-2025-8110) is being actively exploited, with more than 700 compromised instances; the issue allows file overwrites via symbolic links and can lead to remote code execution. Researchers recommend disabling open registration, limiting internet exposure and scanning for random repositories while a fix is developed.
-
Hard-coded cryptographic keys in Gladinet CentreStack and Triofox exploited to access web.config, Huntress says
Huntress warned that hard-coded cryptographic keys in Gladinet CentreStack and Triofox allow attackers to decrypt or forge access tickets and retrieve web.config files, enabling ViewState deserialization attempts; nine organisations have been affected and vendors have released updates.
-
Fortinet, Ivanti and SAP issue urgent patches for critical authentication and code execution flaws
Fortinet, Ivanti and SAP released urgent security updates for multiple critical flaws, including authentication bypass and remote code execution bugs; administrators are urged to apply patches and temporary mitigations promptly.
-
Ransomware gangs use ‘Shanya’ packer-as-a-service to hide EDR-killing payloads
Security researchers say multiple ransomware groups are using the Shanya packer-as-a-service to deliver in-memory, EDR-disabling payloads that side-load DLLs and deploy kernel drivers to stop security software; Sophos published technical analysis and indicators of compromise.
-
FinCEN: Ransomware Payments Fell in 2024 After 2023 Peak, Report Shows
FinCEN reported 4,194 ransomware incidents from 2022–2024 with more than $2.1 billion in payments; activity peaked in 2023 and fell in 2024 after law enforcement disruptions of major gangs.
-
Poland detains three Ukrainian nationals over alleged use of advanced hacking equipment
Polish police arrested three Ukrainian nationals, aged 39–43, accusing them of attempting to damage IT systems and obtaining data important to national defence; officers seized hacking equipment including a Flipper device, multiple SIM cards and other electronics, and have detained the men for three months pending trial.
-
Google adds User Alignment Critic to Chrome to protect Gemini agentic browsing
Google is introducing a separate, isolated LLM called User Alignment Critic in Chrome to vet actions taken by Gemini-powered agentic browsing. The architecture also uses origin restrictions, user prompts for sensitive steps, prompt-injection detection and automated red-teaming; Google is offering bounties up to $20,000 and has not given a public rollout date.
-
Critical Sneeit WordPress plugin RCE actively exploited, security firm reports
A critical remote code execution flaw (CVE-2025-6389) in the Sneeit Framework WordPress plugin is being exploited in the wild; Wordfence said attackers have created admin accounts and uploaded web shells. The issue affects versions up to 8.3 and was fixed in 8.4. Separately, VulnCheck observed an ICTBroadcast exploit delivering a DDoS botnet called “frost.”
