![Cybersecurity News | Daily Recap [18 Dec 2025]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [18 Dec 2025]")
Daily Recap, Forum Troll APT hijacks scholars’ systems using fake plagiarism reports to deliver malware and gain access to academic networks, while a Russian APT conducts high‑pressure phishing campaigns targeting Transnistria and NATO personnel to harvest credentials and access. The report also highlights critical vulnerabilities and exploits—ASUS Live Update, AsyncOS, and React2Shell—as well as a ZeroDay Cloud event, breached platforms like PornHub and SoundCloud, and privacy concerns involving TikTok and Grindr, with FBI and France taking enforcement actions.
#ForumTrollAPT #AcademicAmbush #BlurredDeception #Transnistria #NATO #InkDragon #ASUSLiveUpdate #AsyncOS #React2Shell #ZeroDayCloud #PornHub #SoundCloud #TikTok #Grindr #FBI #France
#ForumTrollAPT #AcademicAmbush #BlurredDeception #Transnistria #NATO #InkDragon #ASUSLiveUpdate #AsyncOS #React2Shell #ZeroDayCloud #PornHub #SoundCloud #TikTok #Grindr #FBI #France
APT Campaigns
- Forum Troll APT hijacks scholars’ systems using fake plagiarism reports to deliver malware and gain access to academic networks – Academic Ambush
- A Russian APT runs high-pressure phishing campaigns targeting Transnistria and NATO personnel to harvest credentials and access – Blurred Deception
- Ink Dragon operators convert compromised government servers worldwide into relay nodes for C2 infrastructure to mask exfiltration and command paths – Ink Dragon
Vulnerabilities & Exploits
- CISA flags a critical flaw in ASUS Live Update with evidence of active exploitation, urging immediate patching – ASUS Flaw
- Cisco warns of active attacks exploiting an unpatched 0-day in AsyncOS email security appliances, advising urgent mitigations – Cisco AsyncOS
- SonicWall both patched an actively exploited CVE-2025-40602 and issued warnings about a separate SMA1000 zero-day being exploited in attacks – SonicWall Fixes, SonicWall Zero-day
- The React2Shell flaw is being exploited in active ransomware campaigns, making immediate remediations critical for exposed systems – React2Shell
- A ZeroDay Cloud hacking event awarded $320,000 for 11 zero-days, highlighting the active market and competition for high-impact flaws – ZeroDay Cloud
Data Breaches & Privacy
- Millions of accounts were impacted after data breaches at PornHub and SoundCloud, exposing user data and credentials – PornHub Breaches
- A rights group alleges TikTok tracked users’ Grindr activity in violation of European law, prompting privacy and regulatory scrutiny – TikTok Tracking
Law Enforcement & Takedowns
- The FBI dismantled an alleged money-laundering service used by ransomware groups, disrupting criminal cash-out operations – FBI Takedown
- France arrested a suspect tied to a cyberattack on the Interior Ministry as part of an ongoing criminal investigation into the incident – France Arrest
Cloud & Cryptomining
- An ongoing cryptomining campaign abuses hacked AWS accounts to mine cryptocurrency, underscoring the need for hardened cloud credential controls and monitoring – AWS Cryptomining
Security Practices & Advice
- Enterprises are warned that current MFA deployments can be costly and inefficient, but optimization strategies can reduce expenses while maintaining security posture – MFA Costs