San Mateo, CA, December 15, 2025 — Stories, events, and developments that impacted the cybersecurity landscape last week, including emerging threats, policy changes, and industry responses.
Cyber insurer expands coverage to include AI deepfakes
Synthetic media is becoming a powerful weapon for scammers and spies, prompting cybersecurity insurer Coalition to expand its coverage to include AI-generated deepfakes that cause reputational harm or enable fraud. Coalition already covered deepfake-enabled wire transfer scams, but the updated policy now applies to any AI-manipulated audio, video, or images used to impersonate executives or misrepresent a company’s products. Incident response lead Shelley Ma said deepfakes remain rare, with 98 percent of claims still stemming from basic attacks such as phishing or unpatched systems. When deepfakes do appear, they usually involve targeted voice or text impersonations of CEOs to authorize payments or steal credentials, adding a new layer of realism that can bypass trained employees. Experts warn that small businesses may face widespread AI-enabled fraud within two years as tools become more affordable. Read more.
DroidLock ransomware locks down Android devices
DroidLock is emerging as one of the most dangerous Android threats this year, using ransomware-style coercion and full device takeover to target users across Spanish-speaking regions. Zimperium researchers discovered that the malware spreads through phishing sites, pushing a dropper app that impersonates trusted services. Once installed, the dropper delivers a second-stage payload that immediately seeks device administrator and accessibility permissions, which victims often grant without realizing these settings give attackers near-total control. DroidLock maintains persistent communication with its command-and-control server via HTTP and WebSocket, enabling continuous data theft and real-time remote manipulation of compromised phones. Its credential-stealing system uses two overlay techniques: an embedded pattern interface that appears when users unlock their devices or open banking apps, and server-delivered HTML overlays that perfectly mimic legitimate login screens. Because DroidLock can issue factory-reset commands, it doesn’t need traditional encryption to cause irreversible damage, making early detection and avoidance essential for both personal and corporate Android users. Read more.
Study finds teens age out of cybercrime by 20
Young threat actors tend to follow the same behavioral arc as other adolescent offenders, according to new data from the Dutch government, which found that most teenage cybercriminals abandon illegal hacking by the age of 20. The report, which examines the social cost of adolescent crime, shows that cyber offending emerges early, often through “hacking games,” and occurs at rates similar to weapons and drug offenses. Researchers noted that peak cyber offending typically lands between ages 17 and 20, consistent across decades and across crime types. A 2013 study found that 76 percent of young cyber offenders hit their peak at age 20 before drifting away, while only about four percent continue well into adulthood. Criminologist Alice Hutchings observed that those who persist are driven by curiosity and skill development rather than financial motives. The Dutch government acknowledged limitations in longitudinal cybercrime research, noting that available studies quickly become outdated as the threat landscape evolves. Read more.
Attackers exploit Gogs zero-day to hijack hundreds of servers
Gogs’ unpatched zero-day has escalated into a destructive outbreak, with attackers exploiting a path-traversal flaw to take over Internet-facing servers. Researchers at Wiz confirmed that CVE-2025-8110 allows threat actors to bypass protections added for an earlier RCE bug by abusing symbolic links in the PutContents API to overwrite files outside a repository. By targeting Git configuration files such as sshCommand, attackers can hijack execution and run arbitrary commands. Wiz found more than 1,400 Gogs servers exposed online, with over 700 already showing signs of compromise, a pattern reinforced by clusters of suspicious repositories with random eight-character names created during a July campaign. The infections were linked to Supershell malware communicating with an external command-and-control server, suggesting a coordinated, automated operation. Wiz reported the flaw in July, though maintainers acknowledged it only in late October, and attackers launched a second wave soon after. Read more.
Petco breach exposes far more data than disclosed
Petco has confirmed a data breach that exposed sensitive customer information, and new state filings show the incident was far more serious than initially disclosed. In a notice to the Texas attorney general, the company revealed that affected data includes names, Social Security numbers, driver’s license numbers, financial account details, credit and debit card numbers, and dates of birth. Similar filings in California, Massachusetts, and Montana indicate at least several victims in those states, and California’s disclosure threshold of five hundred residents suggests the actual total is significantly higher. Petco has not answered questions about how many customers were impacted, whether logs show criminal access to the exposed files, or which application was responsible. A sample notification letter published by California’s attorney general stated that Petco traced the breach to a misconfigured setting that made specific files accessible online, and that the company removed the files, corrected the setting, and added unspecified security measures. Read more.
Gartner urges enterprises to halt AI browser adoption
A new Gartner report warns that enterprises should block AI browsers for now, arguing that default settings favor usability over security and expose organizations to prompt injection, faulty agent reasoning, credential theft, and data loss. The analysts said AI agents can be tricked into visiting phishing sites, completing mandatory cybersecurity training for employees, or even making costly mistakes such as booking incorrect corporate travel. They cautioned that errors will remain inherent to agentic systems and noted that low-tolerance organizations may need long-term restrictions. The warning echoes recent research, including SquareX’s findings on malicious workflows and prompt injection, and Cato Networks’ HashJack technique, which weaponizes legitimate URLs to mislead AI browsers and exfiltrate data. Read more.
Chrome rolls out new defenses against prompt injection
Google introduced a new security architecture for Chrome that pairs its agentic AI features with layered defenses to block indirect prompt injections from untrusted web content. The core addition is a User Alignment Critic, a second model that evaluates each proposed action after planning and vetoes anything that does not clearly serve the user’s stated goal. Because the critic sees only action metadata and no page content, it cannot be manipulated by malicious prompts and can block attempts to hijack tasks or exfiltrate data. Google also deployed Agent Origin Sets, a gating system that restricts the agent to reading or interacting only with site origins directly relevant to the task or explicitly shared by the user. That gate, like the critic, is isolated from web content and prevents cross-origin data access that could allow an AI-powered browser to leak information from logged-in sites. Additional protections include mandatory user approvals for sensitive actions, work logs for transparency, a prompt injection classifier that blocks tainted content in real time, and tighter ties to Safe Browsing and on-device scam detection. Read more.
Universities hit by months-long MFA bypass campaign
A new Infoblox report reveals a months-long phishing campaign that struck at least 18 U.S. universities from April to November 2025, using the Evilginx adversary-in-the-middle kit to bypass MFA and steal full session cookies. Attackers sent personalized TinyURL links that impersonated campus SSO portals, enabling Evilginx to intercept logins and capture credentials and post-authentication cookies, granting full account access. Infoblox traced nearly 70 domains used across the operation and identified the hardest-hit schools, including the University of California campuses at Santa Cruz and Santa Barbara, the University of San Diego, Virginia Commonwealth University, and the University of Michigan. Renée Burton, Vice President of Infoblox Threat Intel, warned that “universities remain a common target for malicious actors.” Read more.
React2Shell flaw puts millions of services at risk
Threat groups linked to Chinese state interests began exploiting the React2Shell vulnerability (CVE-2025-55182) just days after disclosure, taking advantage of a bug so severe it carries a maximum CVSS score of 10. AWS confirmed that Earth Lamia and Jackpot Panda are among the actors attempting to exploit, with both groups known for targeting financial services, logistics, retail, government, and regional targets across Latin America, the Middle East, and Asia. Researchers warned that more than two million internet-facing services may be exposed, including systems that use React Server Components and frameworks such as Next.js and React Router. Weaponized PoCs are spreading quickly, though AWS noted many contain inaccuracies or fail entirely, creating log noise that can obscure real attacks and give developers false confidence when testing. Read more.
Agentic AI introduces flaws into supply chains
Aikido researchers uncovered a critical vulnerability in major agentic coding tools that allows malicious prompts to hide within routine development content and be interpreted as direct instructions by the underlying LLMs. The flaw affects Google Gemini, Claude Code, OpenAI’s Codex, and GitHub’s AI Inference when they’re integrated into automated workflows such as GitHub Actions, allowing commit messages or pull requests to become executable commands. Aikido’s Rein Daelman said this is the first verified case showing prompt injection can “directly compromise GitHub Actions workflows,” proving the threat is practical rather than theoretical. Because many models hold elevated repository privileges, injected instructions can trigger shell commands, edit issues or leak tokens, creating an immediate supply chain risk. Read more.
More cybersecurity news
- Last week’s news
- More cybersecurity news
- All articles sponsored by NetworkTigers
About NetworkTigers
NetworkTigers is the leader in the secondary market for Grade A, seller-refurbished networking equipment. Founded in January 1996 as Andover Consulting Group, which built and re-architected data centers for Fortune 500 firms, NetworkTigers provides consulting and network equipment to global governmental agencies, Fortune 2000, and healthcare companies. www.networktigers.com.
