Another post on the challenges and perils for the Maritime industry resulting from GPS jamming and spoofing: https://theconversation.com/when-gps-lies-at-sea-how-electronic-warfare-is-threatening-ships-and-their-crews-278181

And my coverage of this topic in the TechAptitude Newsletter: https://techaptitude.substack.com/p/gps-jamming-the-risks-are-real
#GPS #GPSJamming #Satellites #Economy #DoD #TechAptitude #IranWar #GNSS #GPSSpoofing

📰 India Confirms GPS Spoofing Attacks Targeted Seven Major Airports

Indian government confirms GPS spoofing attacks targeted 7 major airports, disrupting aircraft navigation. No flights were diverted due to contingency measures, but the incidents highlight major risks to aviation security. ✈️📡 #GPSSpoofing #Aviatio...

🔗 https://cyber.netsecops.io/articles/indian-government-confirms-gps-spoofing-at-major-airports/?utm_source=mastodon&utm_medium=social&utm_campaign=twitter_auto

It's been a jam-packed 24 hours in the cyber world, with major breaches, critical zero-days under active exploitation, and significant law enforcement actions. Let's dive in:

Recent Cyber Attacks and Breaches ⚠️

Askul Ransomware Recovery ⏳
- Japanese e-tailer Askul is slowly recovering 45 days after a ransomware attack, resuming partial B2B online sales.
- The incident, attributed to RansomHouse, caused a major data breach of customer and supplier details, impacting logistics for other brands like Muji.
- Full recovery, including consumer services and financial reporting, is still pending, highlighting the long-term operational and financial fallout of such attacks.
🤖 Bleeping Computer | https://go.theregister.com/feed/www.theregister.com/2025/12/03/askul_partial_ransomware_recovery/
🗞️ The Record | https://therecord.media/askul-resumes-limited-ordering-following-ransomware-attack

University of Phoenix / Oracle EBS Breach 🎓
- The University of Phoenix disclosed a data breach affecting "numerous individuals" after attackers exploited a zero-day in Oracle E-Business Suite (EBS).
- This breach is part of a larger Clop ransomware gang extortion campaign, which has impacted multiple US universities (Harvard, UPenn, Dartmouth) and companies since August 2025.
- Stolen data includes names, contact info, dates of birth, Social Security numbers, and bank account details, underscoring the severe impact of supply chain vulnerabilities in third-party platforms.
🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/university-of-phoenix-discloses-data-breach-after-oracle-hack/
🗞️ The Record | https://therecord.media/university-of-phoenix-data-breach

Freedom Mobile Data Breach 📱
- Canada's fourth-largest wireless carrier, Freedom Mobile, disclosed a data breach impacting an undisclosed number of customers.
- Attackers gained access to the customer account management platform via a compromised subcontractor account, stealing personal and contact information.
- Exposed data includes names, addresses, dates of birth, phone numbers, and account numbers, with customers advised to watch for phishing attempts.
🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/freedom-mobile-discloses-data-breach-exposing-customer-data/

Leroy Merlin Data Breach 🏡
- French DIY retail giant Leroy Merlin is notifying French customers of a data breach affecting their personal information.
- Exposed data includes full name, phone number, email, postal address, date of birth, and loyalty program info, but no banking details or passwords.
- The company states the stolen data hasn't been misused yet and urges vigilance against phishing, indicating a potential lack of public leak by attackers.
🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/french-diy-retail-giant-leroy-merlin-discloses-a-data-breach/

Korea IP Camera Hacking Ring 📸
- Korean police arrested four individuals for hacking over 120,000 IP cameras and selling intimate footage to a foreign adult site.
- The suspects, including one who hacked 63,000 cameras, generated significant virtual assets from selling hundreds of illicit videos.
- Authorities are also pursuing website operators and viewers of the content, highlighting the severe legal consequences for all involved in such exploitation.
🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/korea-arrests-suspects-selling-intimate-videos-from-hacked-ip-cameras/

DOJ Takes Down Myanmar Scam Site 🚫
- The US Department of Justice (DOJ) has dismantled tickmilleas.com, a spoofed trading platform used by a Myanmar scam center.
- This action is part of the recently created Scam Center Strike Force's efforts against the Tai Chang compound, which has siphoned billions from Americans via "pig butchering" schemes.
- The FBI has identified multiple victims who lost cryptocurrency through the fake site and is collaborating with international law enforcement and tech companies to combat these operations.
🗞️ The Record | https://therecord.media/doj-takes-down-myanmar-scam-site-trickmill-spoof

Vulnerabilities Under Active Exploitation 🛡️

Critical React Server Components RCE ⚛️
- A critical deserialization vulnerability, CVE-2025-55182, has been discovered in React Server Components, allowing unauthenticated RCE in default configurations.
- The flaw affects a wide range of React frameworks and bundlers, including Next.js (CVE-2025-66478), with researchers expecting active exploitation imminently.
- Developers are urged to patch immediately, as exploitation is trivial and could lead to devastating impacts, including access to sensitive information and network pivots.
🤫 CyberScoop | https://cyberscoop.com/react-server-vulnerability-critical-severity-security-update/

Windows LNK Zero-Day Exploitation 🪟
- Microsoft has silently mitigated CVE-2025-9491, a Windows LNK vulnerability actively exploited as a zero-day since 2017 by multiple state-backed and cybercrime groups.
- The flaw allowed attackers to hide malicious commands in LNK file properties by padding with whitespaces, making them invisible to users and enabling malware deployment.
- While Microsoft initially downplayed the severity, the November 2025 updates now show the full command string; however, third-party patches offer more robust warnings against long LNK target strings.
🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/microsoft/microsoft-mitigates-windows-lnk-flaw-exploited-as-zero-day/
🌐 The Hacker News | https://thehackernews.com/2025/12/microsoft-silently-patches-windows-lnk.html

WordPress King Addons Flaw Under Attack 👑
- A critical privilege escalation vulnerability, CVE-2025-8489, in the King Addons for Elementor WordPress plugin is under active exploitation.
- Unauthenticated attackers can register with administrator privileges by specifying the 'administrator' role during user registration due to an insecure handle_register_ajax() function.
- Site administrators must update to version 51.1.35 or later, audit for suspicious admin accounts, and monitor for abnormal activity to prevent site takeover.
🌐 The Hacker News | https://thehackernews.com/2025/12/wordpress-king-addons-flaw-under-active.html

Picklescan Bugs Allow ML Model Evasion 🐍
- Three critical flaws (CVE-2025-10155, CVE-2025-10156, CVE-2025-10157) in the Picklescan utility allow malicious PyTorch models to evade detection and execute arbitrary code.
- These vulnerabilities enable attackers to bypass the scanner via file extension manipulation, CRC errors in ZIP archives, or by undermining unsafe globals checks.
- Patched in Picklescan version 0.0.31, these issues highlight the risks in ML supply chains and the need for adaptive, intelligence-driven security for AI models.
🌐 The Hacker News | https://thehackernews.com/2025/12/picklescan-bugs-allow-malicious-pytorch.html

New Threat Research 🔬

Aisuru Botnet Unleashes Record DDoS 💥
- The Aisuru botnet has set a new record with a 29.7 Tbps DDoS attack, part of over 1,300 attacks launched in Q3 2025.
- Comprising 1-4 million compromised routers and IoT devices, Aisuru is a botnet-for-hire service targeting telecommunications, gaming, hosting, and financial sectors.
- These hyper-volumetric attacks can disrupt entire ISPs, even if not directly targeted, and often last less than 10 minutes, demanding rapid response capabilities.
🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/aisuru-botnet-behind-new-record-breaking-297-tbps-ddos-attack/

Malicious Rust Crate Targets Web3 Devs 🦀
- A malicious Rust crate, "evm-units," was found delivering OS-specific malware to Windows, macOS, and Linux systems, masquerading as an EVM helper tool.
- The package, downloaded over 7,000 times, checks for Qihoo 360 antivirus before downloading and silently executing a next-stage payload from "download.videotalks[.]xyz."
- This supply chain attack, also impacting "uniswap-utils," specifically targets Web3 developers, indicating a China-focused threat actor profile.
🌐 The Hacker News | https://thehackernews.com/2025/12/malicious-rust-crate-delivers-os-specific-malware-to-web3-developer-systems/

Data Privacy and Regulatory Issues 🔒

India Drops Mandatory 'Cyber Safety' App 🇮🇳
- India's Communications Ministry has reversed its plan to mandate a government-backed "cyber safety" app on all new smartphones.
- The decision follows significant backlash and privacy concerns from digital rights groups and tech companies like Apple, who argued it could compromise security.
- While the government claimed the Sanchar Saathi app was for fraud prevention, its mandatory, undeletable nature raised fears of widespread surveillance.
🗞️ The Record | https://therecord.media/india-drops-mandate-sanchar-saathi-app-privacy-surveillance

Canadian Police Trial Facial Recognition Body Cams 🇨🇦
- The Edmonton Police Service in Canada is trialling body cameras equipped with facial recognition technology, a first for a Canadian department.
- The Axon cameras will compare faces to mugshots for outstanding warrants, but the system will only be enabled during investigations, not in the field, and matches will be human-verified.
- This pilot raises significant privacy concerns, particularly regarding accuracy and potential discrimination, with Alberta's privacy commissioner demanding a privacy impact assessment.
🗞️ The Record | https://therecord.media/canadian-police-department-trials-facial-recognition-body-cameras

Other Noteworthy Incidents 🌍

India Airports Face GPS Spoofing ✈️
- India's Civil Aviation Minister revealed GPS spoofing and jamming incidents at eight major airports, including Delhi, Kolkata, and Mumbai, since 2023.
- While no harm was caused, these incidents force pilots to rely on alternative navigation, with previous similar events in Europe blamed on Russia.
- Authorities are investigating the source of interference and implementing advanced cybersecurity solutions for IT networks and infrastructure in the aviation sector.
🕵🏼 The Register | https://go.theregister.com/feed/www.theregister.com/2025/12/03/india_gps_spoofing/

#CyberSecurity #ThreatIntelligence #Ransomware #ZeroDay #Vulnerability #DDoS #SupplyChainAttack #Malware #DataBreach #Privacy #FacialRecognition #InfoSec #IncidentResponse #Web3Security #AIsecurity #GPSspoofing