Cyber News - Secure Cyber Labs | Cybersecurity Resources by DrewNet Cybersecurity

Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild

December 13, 2025

Apple on Friday released security updates for iOS, iPadOS, macOS, tvOS, watchOS, visionOS, and its Safari web browser to address two security flaws that it said have been exploited in the wild, one of which is the same flaw that was patched by Google in Chrome earlier this week. The vulnerabilities are listed below -…

The CISO-COO Partnership: Protecting Operational Excellence

December 12, 2025

Cyber News

Digital transformation has made cybersecurity preparation part of operational resilience for most organizations. This calls for a new relationship between CISO and COO. Read More

React2Shell Exploits Flood the Internet as Attacks Continue

December 12, 2025

Cyber News

As exploitation activity against CVE-2025-55182 ramps up, researchers are finding some proof-of-concept exploits contain bypasses for web application firewall (WAF) rules. Read More

Vibe Coding: Innovation Demands Vigilance

December 12, 2025

Cyber News

Unmanaged coding is indeed an alluring idea, but can introduce a host of significant cybersecurity dangers, Constantine warns. Read More

Microsoft Will Bundle Security Copilot With M365 Enterprise Licenses

December 12, 2025

Cyber News

The move aims to expand the use of Security Copilot and comes with the launch of 12 new agents from Microsoft at the company’s Ignite conference last week. Read More

Attackers Exploited Gogs Zero-Day Flaw for Months

December 11, 2025

Cyber News

Wiz disclosed a still-unpatched vulnerability in self-hosted Git service Gogs, which is a bypass for a previous RCE bug disclosed last year. Read More

AI in OT Sparks Cascade of Complex Challenges

December 11, 2025

Cyber News

Using artificial intelligence in operational technology environments could be a bumpy ride full of trust issues and security challenges. Read More

ThreatsDay Bulletin: Spyware Alerts, Mirai Strikes, Docker Leaks, ValleyRAT Rootkit — and 20 More Stories

December 11, 2025

Cyber News

This week’s cyber stories show how fast the online world can turn risky. Hackers are sneaking malware into movie downloads, browser add-ons, and even software updates people trust. Tech giants and governments are racing to plug new holes while arguing over privacy and control. And researchers keep uncovering just how much of our digital life…

NANOREMOTE Malware Uses Google Drive API for Hidden Control on Windows Systems

December 11, 2025

Cyber News

Cybersecurity researchers have disclosed details of a new fully-featured Windows backdoor called NANOREMOTE that uses the Google Drive API for command-and-control (C2) purposes. According to a report from Elastic Security Labs, the malware shares code similarities with another implant codenamed FINALDRAFT (aka Squidoor) that employs Microsoft Graph API for C2. FINALDRAFT is attributed to a…

Storm-0249 Abuses EDR Processes in Stealthy Attacks

December 10, 2025

Cyber News

The initial access broker has been weaponizing endpoint detection and response (EDR) platforms and Windows utilities in recent high-precision attacks. Read More

Category: Cyber News