Weekly Cybersecurity Briefing (1 December – 7 December 2025)
A week marked by severe vulnerabilities, large-scale breaches and intensified nation-state activity.
React-based server vulnerabilities saw active remote code execution, with exploitation of React2Shell and related RSC flaws affecting major frameworks and prompting emergency mitigations across cloud environments.
Chinese-linked intrusion campaigns escalated, deploying BRICKSTORM, new Golang implants and expanded persistence tooling across VMware, ESXi and Microsoft 365 ecosystems.
Criminal operations suffered major disruption, as authorities dismantled Cryptomixer, while Aisuru-powered DDoS attacks reached record hyper-volumetric levels.
Large-scale data breaches impacted global users, including Coupang’s exposure of 33.7 million accounts and widespread compromise through malicious browser extensions and tampered developer packages.
Supply-chain and software ecosystem flaws expanded, with Shai-Hulud 2.0 infecting hundreds of npm packages, malicious Rust crates and IDEsaster vulnerabilities affecting AI-powered development environments.
Privacy and surveillance concerns intensified, driven by Intellexa spyware leaks, unsecured AI image datasets and legal developments in Europe.
Source: CyberSecBrief