The Gogs RCE vulnerability, CVE-2025-8110, is causing chaos as attackers exploit it to take over servers. This zero-day flaw sneaks in through symbolic links, bypassing previous fixes. Gogs users should batten down the hatches by disabling open registration and checking for any suspicious activity before their servers become hacker hotels.

Discover the latest cyber chaos with the Threatsday Bulletin: from sneaky malware in your movie downloads to tech titans scrambling over privacy. It’s a digital drama where everyday gadgets turn into silent invaders. Stay informed, because when it comes to cybersecurity, ignorance is not bliss—it’s a hacker’s paradise.

NANOREMOTE is the new backdoor on the block, using the Google Drive API like it’s sending holiday postcards. This Windows malware is packing data theft and payload staging features that are harder to detect than your phone at the bottom of your bag. Who knew cybercriminals had a flair for cloud storage?

Pierce County Library System (PCLS) alerts over 340,000 people of a data breach impacting their personal information. Patrons’ names and birthdates, and employees’ sensitive data were compromised. PCLS offers a year of free credit monitoring and identity protection. Mysteriously, no known ransomware group has claimed responsibility for this literary caper.

RPA bots are now the office’s silent overachievers, efficiently handling tasks and inadvertently causing security headaches. As these bots start to outnumber their human coworkers, it’s crucial to manage Non-Human Identities effectively. From credential mishaps to integration woes, discover how to keep your digital workforce from becoming a cybersecurity comedy of errors.

Phishing campaign impersonating digital document platforms duped over 6,000 organizations in two weeks, says Check Point Research. Mimicking SharePoint and DocuSign, these emails trick users with genuine-looking alerts. The phishing ploy used redirect cloaking through Mimecast and other platforms, making links appear trustworthy while leading to credential theft pages.

Phishing campaign impersonating digital document platforms duped over 6,000 organizations in two weeks, says Check Point Research. Mimicking SharePoint and DocuSign, these emails trick users with genuine-looking alerts. The phishing ploy used redirect cloaking through Mimecast and other platforms, making links appear trustworthy while leading to credential theft pages.

A security researcher linked two alleged members of China’s Salt Typhoon hacking group to the 2012 Cisco Networking Academy Cup. Despite the cup training many in cybersecurity skills, it seems the duo took “capture the flag” a bit too literally, as they are now reportedly playing an entirely different game.

React2Shell, the latest vulnerability sending cybersecurity experts into a tailspin, is like the cybercriminals’ Black Friday sale. Exploiting React2Shell, hackers are delivering everything from pesky cryptominers to full-fledged backdoors. React users, brace yourselves: it’s time to patch up faster than a leaky inflatable at a pool party.

Batten down the hatches, folks! Over 700 Gogs instances have been compromised through an unpatched zero-day vulnerability. This digital bug, CVE-2025-8110, lets attackers overwrite files outside the repository and execute remote code. So, if you’re running Gogs version 0.13.3 or older, it’s time to fix your Git sitch pronto!

Ashen Lepus is on a relentless espionage mission, targeting Middle Eastern governments with their AshTag malware, cleverly disguised as harmless PDFs. While other cyber groups took a breather, Ashen Lepus kept snooping, proving that even in cyber warfare, some just can’t resist a good diplomatic drama.

Docker Hub has become a treasure trove of live cloud keys with over 10,000 container images exposing secrets from 100+ companies. Developers’ rush to adopt AI is outpacing security hygiene, as API keys for AI services are the most common exposed secrets, creating a playground for attackers.

Coupang, South Korea’s online retail giant, faces a colossal data breach affecting 34 million customers. Amid police raids and government probes, CEO Park Dae-jun exits stage left, making way for interim CEO Harold Rogers. As Coupang scrambles to patch its cyber woes, the incident underscores data protection as a boardroom priority.

IBM announced fixes for over 100 vulnerabilities, mostly in third-party dependencies. Highlights include six critical issues in Storage Defender, a Tomcat server flaw in Guardium, and a SQL injection defect in Edge Data Collector. Visit IBM’s security bulletins page for details on these vulnerability fixes.

Google has released patches for three new Chrome zero-day vulnerabilities, including a high-severity one actively exploited in the wild. The most worrisome flaw is tracked internally as 466192044. While details remain scarce, Google is ensuring users are protected before revealing more. This marks the eighth Chrome zero-day exploited in 2025.

The FCA has launched “Firm Checker” to help consumers dodge online investment fraud. While it’s a nifty tool to verify firms’ legitimacy, experts warn it’s not a magic wand against fraudsters. The real issue? Registered firms being used as bait. So, remember, vigilance is key in the fight against financial crime.

A new security vulnerability, CVE-2025-8110, is being actively exploited in Gogs, with over 700 compromised instances reported. Attackers are using symbolic links for code execution, leaving behind obvious trails of their antics. Users should disable open-registration and scan for mysterious 8-character repository names to avoid falling victim to this digital circus.

Small businesses in the US are facing a “hidden cyber tax” as data breaches force them to hike prices, according to the Identity Theft Resource Center. With 81% of businesses hit by breaches, many blame AI-powered attacks. This calls for urgent public policy changes to protect these crucial economic contributors.

Prompt injection against Copilot AI agents is like convincing a vending machine to give you a free snack — surprisingly easy and a bit alarming. As employees spin up bots faster than coffee breaks, the simplicity of Microsoft Copilot might just be its Achilles’ heel, offering a buffet of vulnerabilities for the savvy trickster.

Microsoft patched a bug that caused unpleasant bright white flashes when opening File Explorer in dark mode on Windows 11. Thanks to the KB5070311 update, users no longer need sunglasses for their screens. This fix, along with other improvements, ensures a smoother experience for those navigating the digital darkness of File Explorer.