International Cyber Digest
@intcyberdigest.bsky.social
Your weekly go-to cybersecurity newsletter, curated and commented on by our senior analysts, in your mailbox soon...
https://x.com/IntCyberDigest
https://infosec.exchange/@InternationalCyberDigest
https://x.com/IntCyberDigest
https://infosec.exchange/@InternationalCyberDigest
📚 Early Exception Handling - Advanced Windows exploitation
Triggering exceptions before Vectored Exception Handlers are called.
kr0tt.github.io/posts/early-...
github.com/kr0tt/EarlyE...
Triggering exceptions before Vectored Exception Handlers are called.
kr0tt.github.io/posts/early-...
github.com/kr0tt/EarlyE...
December 9, 2025 at 4:19 AM
📚 Early Exception Handling - Advanced Windows exploitation
Triggering exceptions before Vectored Exception Handlers are called.
kr0tt.github.io/posts/early-...
github.com/kr0tt/EarlyE...
Triggering exceptions before Vectored Exception Handlers are called.
kr0tt.github.io/posts/early-...
github.com/kr0tt/EarlyE...
‼️ Three Ukrainian men travelling across Europe were apprehended in Poland for possessing hacking tools possibly intended to target critical national IT systems
They claimed to be IT specialists.
They claimed to be IT specialists.
December 9, 2025 at 2:38 AM
‼️ Three Ukrainian men travelling across Europe were apprehended in Poland for possessing hacking tools possibly intended to target critical national IT systems
They claimed to be IT specialists.
They claimed to be IT specialists.
❗️NATO distributed pins featuring the American and NATO flags that were “Made in China” during its flagship Cyber Defence exercise in Estonia.
An exercise where NATO tests its ability to protect networks and critical infrastructure against threats like.. you guessed it.. China.
An exercise where NATO tests its ability to protect networks and critical infrastructure against threats like.. you guessed it.. China.
December 7, 2025 at 11:58 PM
❗️NATO distributed pins featuring the American and NATO flags that were “Made in China” during its flagship Cyber Defence exercise in Estonia.
An exercise where NATO tests its ability to protect networks and critical infrastructure against threats like.. you guessed it.. China.
An exercise where NATO tests its ability to protect networks and critical infrastructure against threats like.. you guessed it.. China.
📚 Paint it Blue - Attacking Bluetooth Stack
Bluetooth is a prime target for attackers due to its widespread presence in devices like TVs, car chargers, and connected fridges, especially on mobile devices where it runs as a privileged process with potential access to microphones, address books,
Bluetooth is a prime target for attackers due to its widespread presence in devices like TVs, car chargers, and connected fridges, especially on mobile devices where it runs as a privileged process with potential access to microphones, address books,
December 7, 2025 at 6:45 PM
📚 Paint it Blue - Attacking Bluetooth Stack
Bluetooth is a prime target for attackers due to its widespread presence in devices like TVs, car chargers, and connected fridges, especially on mobile devices where it runs as a privileged process with potential access to microphones, address books,
Bluetooth is a prime target for attackers due to its widespread presence in devices like TVs, car chargers, and connected fridges, especially on mobile devices where it runs as a privileged process with potential access to microphones, address books,
📚 Syntax Confusion & Ambiguous Parsing Exploits
A guide on exploiting parser confusion in real-world applications.
Read:
www.yeswehack.com/learn-bug-bo...
A guide on exploiting parser confusion in real-world applications.
Read:
www.yeswehack.com/learn-bug-bo...
December 7, 2025 at 5:13 PM
📚 Syntax Confusion & Ambiguous Parsing Exploits
A guide on exploiting parser confusion in real-world applications.
Read:
www.yeswehack.com/learn-bug-bo...
A guide on exploiting parser confusion in real-world applications.
Read:
www.yeswehack.com/learn-bug-bo...
Reposted by International Cyber Digest
Linus Torvalds accidentally slams Elon Musk 🔥
December 4, 2025 at 4:29 PM
Linus Torvalds accidentally slams Elon Musk 🔥
Cry, baby, cry.
December 7, 2025 at 5:10 PM
Cry, baby, cry.
📚 Windows RDP - Remote to Rogue
Comprehensive analysis of (lesser known) RDP exploitation vectors by Google Threat Intelligence.
cloud.google.com/blog/topics/...
Comprehensive analysis of (lesser known) RDP exploitation vectors by Google Threat Intelligence.
cloud.google.com/blog/topics/...
December 7, 2025 at 12:14 AM
📚 Windows RDP - Remote to Rogue
Comprehensive analysis of (lesser known) RDP exploitation vectors by Google Threat Intelligence.
cloud.google.com/blog/topics/...
Comprehensive analysis of (lesser known) RDP exploitation vectors by Google Threat Intelligence.
cloud.google.com/blog/topics/...
❗️The Company That Sells Toilet Cameras Has Access to Images of Their User's Poop
The $600 Kohler Dekoda camera, which requires a subscription to function, was advertised as having “end-to-end” encryption.
Investigations show the other end is the company itself.
The $600 Kohler Dekoda camera, which requires a subscription to function, was advertised as having “end-to-end” encryption.
Investigations show the other end is the company itself.
December 6, 2025 at 9:26 PM
❗️The Company That Sells Toilet Cameras Has Access to Images of Their User's Poop
The $600 Kohler Dekoda camera, which requires a subscription to function, was advertised as having “end-to-end” encryption.
Investigations show the other end is the company itself.
The $600 Kohler Dekoda camera, which requires a subscription to function, was advertised as having “end-to-end” encryption.
Investigations show the other end is the company itself.
❗ 🇵🇱 The Polish Minister of Foreign Affairs had a message for Elon today
December 6, 2025 at 9:01 PM
❗ 🇵🇱 The Polish Minister of Foreign Affairs had a message for Elon today
🔥 A Mastercard employee aired the dirty laundry: it's a mess.
After doxxing himself, he immediately deleted the post.
But we still have it. You can read all the juicy “dumb shit” Mastercard does.
After doxxing himself, he immediately deleted the post.
But we still have it. You can read all the juicy “dumb shit” Mastercard does.
December 6, 2025 at 3:31 AM
🔥 A Mastercard employee aired the dirty laundry: it's a mess.
After doxxing himself, he immediately deleted the post.
But we still have it. You can read all the juicy “dumb shit” Mastercard does.
After doxxing himself, he immediately deleted the post.
But we still have it. You can read all the juicy “dumb shit” Mastercard does.
❗️🇪🇺Elon Musk's social media platform X was fined $140m by the EU over its deceptive blue ticks
The EU said that by allowing people to pay for a blue verified checkmark, the platform deceives users because it is not meaningfully verifying who is behind the account.
The EU said that by allowing people to pay for a blue verified checkmark, the platform deceives users because it is not meaningfully verifying who is behind the account.
December 6, 2025 at 2:37 AM
❗️🇪🇺Elon Musk's social media platform X was fined $140m by the EU over its deceptive blue ticks
The EU said that by allowing people to pay for a blue verified checkmark, the platform deceives users because it is not meaningfully verifying who is behind the account.
The EU said that by allowing people to pay for a blue verified checkmark, the platform deceives users because it is not meaningfully verifying who is behind the account.
‼️🇮🇱 Smartphones worldwide were silently infected with Israeli malware via malicious ads
Simply viewing their ads was enough to get infected.
Surveillance company Intellexa gained full access to cameras, microphones, chat apps, emails, GPS locations, photos, files, and browsing activity.
Simply viewing their ads was enough to get infected.
Surveillance company Intellexa gained full access to cameras, microphones, chat apps, emails, GPS locations, photos, files, and browsing activity.
December 5, 2025 at 5:05 PM
‼️🇮🇱 Smartphones worldwide were silently infected with Israeli malware via malicious ads
Simply viewing their ads was enough to get infected.
Surveillance company Intellexa gained full access to cameras, microphones, chat apps, emails, GPS locations, photos, files, and browsing activity.
Simply viewing their ads was enough to get infected.
Surveillance company Intellexa gained full access to cameras, microphones, chat apps, emails, GPS locations, photos, files, and browsing activity.
❗️Grok saved a man's life after a ruptured appendix
The man wrote the following on Reddit:
I’m 49.
2025 has been the best year of my life… until two nights ago.
The man wrote the following on Reddit:
I’m 49.
2025 has been the best year of my life… until two nights ago.
December 5, 2025 at 2:22 PM
❗️Grok saved a man's life after a ruptured appendix
The man wrote the following on Reddit:
I’m 49.
2025 has been the best year of my life… until two nights ago.
The man wrote the following on Reddit:
I’m 49.
2025 has been the best year of my life… until two nights ago.
‼️🚨POC released for CVE-2025-55182 (React2Shell) that works on Next.js 16.0.6
gist.github.com/maple3142/48...
gist.github.com/maple3142/48...
December 5, 2025 at 9:13 AM
‼️🚨POC released for CVE-2025-55182 (React2Shell) that works on Next.js 16.0.6
gist.github.com/maple3142/48...
gist.github.com/maple3142/48...
‼️🚨Cloudflare down = Downdetector down
In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Dec 05, 2025 - 09:00 UTC
Scheduled - We will be performing scheduled maintenance in DTW (Detroit) datacenter on 2025-12-05 between 09:00 and 13:00 UTC.
In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Dec 05, 2025 - 09:00 UTC
Scheduled - We will be performing scheduled maintenance in DTW (Detroit) datacenter on 2025-12-05 between 09:00 and 13:00 UTC.
December 5, 2025 at 9:07 AM
‼️🚨Cloudflare down = Downdetector down
In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Dec 05, 2025 - 09:00 UTC
Scheduled - We will be performing scheduled maintenance in DTW (Detroit) datacenter on 2025-12-05 between 09:00 and 13:00 UTC.
In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Dec 05, 2025 - 09:00 UTC
Scheduled - We will be performing scheduled maintenance in DTW (Detroit) datacenter on 2025-12-05 between 09:00 and 13:00 UTC.
❗American Express France Fined 1.75 Million USD for Placing Cookies Without Consent
The French regulator CNIL stated that cookies were placed upon loading the page, and even when a user opted out, they still placed tracking cookies.
The French regulator CNIL stated that cookies were placed upon loading the page, and even when a user opted out, they still placed tracking cookies.
December 5, 2025 at 4:18 AM
❗American Express France Fined 1.75 Million USD for Placing Cookies Without Consent
The French regulator CNIL stated that cookies were placed upon loading the page, and even when a user opted out, they still placed tracking cookies.
The French regulator CNIL stated that cookies were placed upon loading the page, and even when a user opted out, they still placed tracking cookies.
‼️🇰🇵 Meet North Korean recruiter 'Aaron,' who infiltrates Western companies by using AI and posing as a remote IT worker using stolen or rented identities.
He was lured into a sandbox by researchers, who observed the wild APT in a controlled setting to see what he would do.
He was lured into a sandbox by researchers, who observed the wild APT in a controlled setting to see what he would do.
December 4, 2025 at 8:51 PM
‼️🇰🇵 Meet North Korean recruiter 'Aaron,' who infiltrates Western companies by using AI and posing as a remote IT worker using stolen or rented identities.
He was lured into a sandbox by researchers, who observed the wild APT in a controlled setting to see what he would do.
He was lured into a sandbox by researchers, who observed the wild APT in a controlled setting to see what he would do.
Linus Torvalds accidentally slams Elon Musk 🔥
December 4, 2025 at 4:29 PM
Linus Torvalds accidentally slams Elon Musk 🔥
❗ Micron to Exit Crucial Consumer Business, Ending Retail SSD and DRAM Sales
Micron announced today that it will exit its Crucial consumer business, ending retail sales of Crucial-branded SSDs and memory modules at major retailers and online stores.
Micron announced today that it will exit its Crucial consumer business, ending retail sales of Crucial-branded SSDs and memory modules at major retailers and online stores.
December 4, 2025 at 8:25 AM
❗ Micron to Exit Crucial Consumer Business, Ending Retail SSD and DRAM Sales
Micron announced today that it will exit its Crucial consumer business, ending retail sales of Crucial-branded SSDs and memory modules at major retailers and online stores.
Micron announced today that it will exit its Crucial consumer business, ending retail sales of Crucial-branded SSDs and memory modules at major retailers and online stores.
Price hikes, companies that don’t want to sell to consumers anymore… and now this. It ain’t easy being a PC gamer these days.
December 4, 2025 at 5:00 AM
Price hikes, companies that don’t want to sell to consumers anymore… and now this. It ain’t easy being a PC gamer these days.
‼️Poetry Can Trick AI Models into Revealing Nuclear Weapons Secrets, Study Claims
Researchers found that this method, called “adversarial poetry,” was a jailbreaking technique for all major AI model families, including those from OpenAI, Google, Meta, and China’s DeepSeek.
Researchers found that this method, called “adversarial poetry,” was a jailbreaking technique for all major AI model families, including those from OpenAI, Google, Meta, and China’s DeepSeek.
December 4, 2025 at 3:45 AM
‼️Poetry Can Trick AI Models into Revealing Nuclear Weapons Secrets, Study Claims
Researchers found that this method, called “adversarial poetry,” was a jailbreaking technique for all major AI model families, including those from OpenAI, Google, Meta, and China’s DeepSeek.
Researchers found that this method, called “adversarial poetry,” was a jailbreaking technique for all major AI model families, including those from OpenAI, Google, Meta, and China’s DeepSeek.
🚨‼️Critical Security Vulnerability in React Server Components
There is an unauthenticated remote code execution vulnerability in React Server Components.
This vulnerability was disclosed as CVE-2025-55182 and is rated CVSS 10.0.
react.dev/blog/2025/12...
There is an unauthenticated remote code execution vulnerability in React Server Components.
This vulnerability was disclosed as CVE-2025-55182 and is rated CVSS 10.0.
react.dev/blog/2025/12...
Critical Security Vulnerability in React Server Components – React
The library for web and native user interfaces
react.dev
December 3, 2025 at 9:22 PM
🚨‼️Critical Security Vulnerability in React Server Components
There is an unauthenticated remote code execution vulnerability in React Server Components.
This vulnerability was disclosed as CVE-2025-55182 and is rated CVSS 10.0.
react.dev/blog/2025/12...
There is an unauthenticated remote code execution vulnerability in React Server Components.
This vulnerability was disclosed as CVE-2025-55182 and is rated CVSS 10.0.
react.dev/blog/2025/12...
🛠️ RaspAP wireless router software
RaspAP is feature-rich wireless router software that just works on many popular Debian-based devices, including the Raspberry Pi.
github.com/RaspAP/raspa...
RaspAP is feature-rich wireless router software that just works on many popular Debian-based devices, including the Raspberry Pi.
github.com/RaspAP/raspa...
December 3, 2025 at 3:30 AM
🛠️ RaspAP wireless router software
RaspAP is feature-rich wireless router software that just works on many popular Debian-based devices, including the Raspberry Pi.
github.com/RaspAP/raspa...
RaspAP is feature-rich wireless router software that just works on many popular Debian-based devices, including the Raspberry Pi.
github.com/RaspAP/raspa...