![Cybersecurity News | Daily Recap [27 Dec 2025]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [27 Dec 2025]")
Daily Recap, In crypto and scams, Trust Wallet’s browser extension was compromised to inject malicious code, prompting a $7 million theft, while fake GrubHub emails urged recipients to send cryptocurrency for a tenfold return. In nation-state and security updates, the China-linked Panda group deployed DNS poisoning to install the MgBot backdoor, La Poste faced a claimed attack by pro-Russian actors, Net-SNMP’s CVE-2025-68615 requires urgent patching, ParrotOS 7 debuts with KDE Plasma 6, and authorities in Georgia arrested a former spy chief over scam centers. #TrustWallet #GrubHub #Panda #MgBot #LaPoste #NetSNMP #CVE-2025-68615 #ParrotOS7 #Georgia
Crypto & Scams
- Browser extension compromise in Trust Wallet injected malicious code that resulted in a $7 million crypto theft from users’ wallets – Trust Wallet, Trust Wallet
- Phishing emails impersonating GrubHub promise a tenfold return to trick recipients into sending cryptocurrency – Fake GrubHub
Nation‑state Activity
- China-linked “Panda” group ran DNS poisoning campaigns to deliver the MgBot backdoor to targeted victims – MgBot Campaign
- Pro-Russian hackers claimed responsibility for an attack on France’s postal operator La Poste, which the operator is investigating – La Poste
Vulnerabilities
- Critical CVE-2025-68615 in Net-SNMP (snmptrapd) allows remote buffer overflow and service crashes, requiring urgent patching – Net-SNMP Flaw
Releases
- ParrotOS 7 debuts with KDE Plasma 6 and a major system overhaul focused on performance and desktop updates – ParrotOS 7
Law & Enforcement
- Authorities in the Republic of Georgia arrested a former spy chief accused of protecting scam call centers operating in the country – Georgia Arrests