Cybersecurity News | Daily Recap [08 Dec 2025]

hendryadrian.com

hendryadrian.com

Threat Actors & APTs

• Researchers link three hacking groups exploiting two vulnerabilities to campaigns with ties to China, highlighting widespread exploitation paths – China Hacks
• UTA0355 stole Microsoft 365 OAuth tokens via fake security-conference lures and WhatsApp support social engineering – UTA0355
• Google and Apple warn of sophisticated state-linked surveillance threats targeting users worldwide – State Surveillance

Malware & Cybercrime

• New Android families FvncBot, SeedSnatcher and an upgraded ClayRat add stronger data-theft features targeting banking, crypto and personal data – Android Malware
• Russian police dismantled a bank-account hacking gang that used NFCGate-based malware to harvest and exploit contactless payment data – NFCGate Gang

Breaches & Ransomware

• Barts Health confirms a data breach caused by Cl0p ransomware exploiting an Oracle vulnerability – Cl0p Breach
• Tri-Century Eye Care suffered a data breach impacting approximately 200,000 individuals – Tri-Century Breach

AI & Defense

• AI-driven defense advances as Agentic BAS turns threat headlines into defense strategies while Resemble AI raises $13M to build AI threat-detection capabilities – Agentic BAS, Resemble AI
• UK intelligence warns that AI prompt-injection attacks may never fully disappear, posing long-term risks to AI systems – Prompt Injection
• Retailers are urged to harden systems and monitoring ahead of peak season to mitigate increased cyber risk during the busiest time of year – Retailer Prep

Policy & Industry

• Portugal updated its cybercrime law to exempt security researchers acting in good faith from criminal liability under strict conditions, aligning with similar moves in Germany and the US – Portugal Law
• Keith McCammon, CISO and co-founder at Red Canary, discusses trends in detection, response and security operations in a new CISO interview – CISO Talk

Cybersecurity News | Daily Recap – hendryadrian.com