![Cybersecurity News | Daily Recap [15 Dec 2025]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [15 Dec 2025]")
Daily Recap, A relaunch of CyberVolkβs RaaS VolkLocker targets Windows and Linux but carries a hard-coded master key and cryptographic flaws in AES256 that can enable free decryption, with operators distributing the toolkit via Telegram. Other highlights include SHADOW-VOID-042 impersonating Trend Micro in a spear-phishing campaign tied to Void Rabisu, PayPal subscription-billing abuse, Hamas-affiliated Ashen Lepus revealing the AshTag malware suite, and the Asahi Group ransomware incident prompting a shift to a zero-trust security model. #VolkLocker #SHADOWVOID042 #TrendMicro #VoidRabisu #PayPal #AshTag #AshenLepus #AsahiGroup #ZeroTrust #Telegram
Ransomware & RaaS
- A relaunch of CyberVolkβs RaaS VolkLocker targets Windows and Linux but contains a hard-coded master key and cryptographic flaws (affecting AES256) that can enable free decryption while operators use Telegram for distribution β VolkLocker Flaw, VolkLocker Crypto
Phishing & Brand Abuse
- A threat actor SHADOW-VOID-042 impersonated Trend Micro in a targeted spear-phishing campaign aimed at critical infrastructure and linked to the Void Rabisu group β Trend Micro Phish
- Scammers are abusing PayPal subscription billing to send legitimate-looking fake purchase emails that bypass checks and trick victims into calling scam numbers or installing malware β PayPal Abuse
Nation-state APTs
- Hamas-affiliated APT Ashen Lepus unveiled the AshTag malware suite, expanding sophisticated cyber-espionage and evasion techniques across Arabic-speaking targets β AshTag Suite
Corporate Impact & Strategy
- A ransomware incident forced Asahi Group to delay earnings by over 50 days and spurred plans for a dedicated cybersecurity unit and a shift to a zero-trust security model β Asahi Attack
Roundups
- Daily threat research and recap covering recent incidents and analysis β Daily Recap