Microsoft Patches Actively Exploited Zero-Day as Gogs Git Service Reels from Unpatched Flaw

Publication Date: December 11, 2025

Summary

In cybersecurity news for December 11, 2025, Microsoft issued its final Patch Tuesday of the year, addressing an actively exploited privilege escalation zero-day (CVE-2025-62221) in Windows. Concurrently, an unpatched zero-day (CVE-2025-8110) in the Gogs Git service is under active attack, compromising hundreds of instances. New malware threats emerged with 'DroidLock' targeting Android devices and the 'AshTag' suite used by the Ashen Lepus APT against Middle Eastern governments. Other significant developments include new vulnerabilities in React, sophisticated social engineering tactics detailed by HP, and an espionage campaign, 'Operation DupeHike,' targeting Russian corporations.

Today New Articles

NATO Sharpens Cyber Defenses in Massive "Cyber Coalition" War Game

NATO has successfully concluded its largest annual cyber defense exercise, "Cyber Coalition," in Tallinn, Estonia. The week-long event involved approximately 1,500 military and civilian personnel from 29 NATO members and seven partner nations. Participants col...

Critical Infrastructure at Risk Due to "Deficient" OT Cybersecurity Training

A new report from Australian cybersecurity firm Secolve has exposed significant deficiencies in operational technology (OT) cybersecurity training across critical infrastructure sectors. The survey of senior professionals in industries like energy, manufacturi...

Hackers Use Animated Lures and Fake Legal Warnings to Spread Malware

HP's latest Threat Insights Report reveals a significant evolution in social engineering tactics, with cybercriminals using highly convincing lures such as professional animations and fake legal warnings to trick users into downloading malware. The report high...

Hamas-Linked APT "Ashen Lepus" Targets Middle East with New "AshTag" Malware

The Hamas-affiliated advanced persistent threat (APT) group known as Ashen Lepus (or WIRTE) is conducting an ongoing espionage campaign targeting governmental and diplomatic entities in the Middle East. Researchers have identified a new, modular .NET malware s...

"Operation DupeHike" Espionage Campaign Targets Russian Corporate HR Depts

A highly targeted cyber-espionage campaign, dubbed "Operation DupeHike," has been identified targeting employees in Russian corporations. Attributed to the threat actor cluster UNG0902, the campaign uses convincing social engineering lures, such as decoy docum...

Unpatched Zero-Day in Gogs Git Service Actively Exploited to Gain SSH Access

A critical, unpatched zero-day vulnerability in Gogs, a popular self-hosted Git service, is being actively exploited in the wild. Tracked as CVE-2025-8110 with a CVSS score of 8.7, the flaw is a bypass of a previously patched RCE and allows an attacker to over...

Fake Leonardo DiCaprio Movie Torrent Used as Bait to Spread Agent Tesla Trojan

Cybercriminals are luring victims with a fake torrent for a new Leonardo DiCaprio movie to distribute the Agent Tesla information-stealing trojan. Security researchers at Bitdefender analyzed the campaign, revealing a complex, multi-stage attack chain that use...

Article Updates

React2Shell: Critical 10.0 CVSS RCE Flaw in React and Next.js Under Active Exploitation

Update:Following the critical React2Shell RCE, two additional vulnerabilities have been disclosed in React Server Components. These include a high-severity Denial of Service (CVE-2025-55184, CVE-2025-67779) allowing attackers to trigger infinite loops and consume ser...