👉 What’s going on in the cyber world today?

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please Subscribe

Get Help

🚨 Cyber Alerts

1. Rust Crate Spreads Malware To Web3 Devs

Cybersecurity researchers discovered a malicious Rust package named “evm-units” on the crates.io repository, masquerading as an Ethereum Virtual Machine (EVM) helper tool. This package, along with a related dependency package “uniswap-utils,” was capable of targeting Windows, macOS, and Linux systems to silently execute a payload, primarily aimed at Web3 developers.

2. Npm Package Evades AI Security Tools

Cybersecurity researchers found a malicious Rust package named “evm-units” on crates.io, uploaded by “ablerust,” which stealthily executes a cross-platform payload on Windows, macOS, and Linux developer machines, often targeting the Web3 space, by masquerading as an Ethereum utility. The package, downloaded over 7,000 times, checked for the presence of the Qihoo 360 antivirus and adjusted its execution to ensure the hidden delivery and running of the next-stage malware, which was also pulled into another popular package, “uniswap-utils.”

3. Google Fixes 107 Android Flaws In Use

Google released its December 2025 Android security updates, patching a total of 107 vulnerabilities, including two high-severity flaws in the Framework component (CVE-2025-48633 and CVE-2025-48572) that are actively being exploited in limited, targeted attacks. The patch also addressed a critical remote denial-of-service vulnerability and spanned fixes across various components from multiple vendors.

For more alerts, click here!

Subscribe Now

💥 Cyber Incidents

4. Sorbonne Staff Data Found On Dark Web

Sensitive personal and financial data, potentially including banking details, salaries, and IDs, belonging to employees of Sorbonne Université, a leading French institution, has allegedly been stolen by hackers. A threat actor is now disseminating this information on the dark web, raising serious risks of identity theft and financial fraud for the university’s staff members.

5. ChatGPT Down Worldwide Users Affected

OpenAI’s popular AI-powered service, ChatGPT, is experiencing a global outage, preventing users from accessing chats and generating responses. While OpenAI has acknowledged the widespread issue of elevated errors and is working on a fix, the platform is already beginning to come back online, albeit with slow performance.

6. Indian Airports Hit By Cyber Attack

The central government confirmed that seven major Indian airports—including Delhi, Mumbai, and Bengaluru—were targeted by cyber attacks, primarily involving the spoofing of GPS navigation signals reported by approaching flights. Despite the serious nature of the incidents affecting vital transport infrastructure, the government maintained that no flight operations were disrupted or cancelled.

For more incidents click here!

Vote Here

📢 Cyber News

7. Illuminate Must Delete Student Data

The Federal Trade Commission (FTC) has proposed a settlement with education technology vendor Illuminate Education, requiring the company to delete unnecessary student data and bolster its security following a 2021 incident that exposed the information of 10 million students. This action closely follows a $5.1 million settlement reached with the states of California, Connecticut, and New York concerning the same data breach.

8. Australian Jailed For WiFi Attacks

Australian man Michael Clapsis was sentenced to 7 years and 4 months in prison for carrying out “evil twin” Wi-Fi attacks at airports and on domestic flights to steal sensitive data, including login credentials. Simultaneously, a separate investigation revealed that for years he had been stealing private, intimate images and videos from the personal online accounts of multiple women.

9. Lazarus APT Remote Worker Scheme Caught

A joint investigation by BCA LTD, NorthScan, and ANY.RUN revealed a persistent North Korean infiltration scheme where Lazarus Group’s Famous Chollima division uses remote IT workers to infiltrate Western companies. Researchers successfully captured the operators’ live activity for the first time by deploying controlled, long-running sandbox environments disguised as real developer laptops.

For more news click here

Check Events

📈Cyber Stocks

On Wednesday, 3rd December, cybersecurity stocks rebounded broadly as renewed investor interest in identity, endpoint and cloud security offset lingering macro- and tech-sector caution. Optimism around recurring-revenue models, AI-driven security demand and regulatory/compliance pressure helped lift names across the board. The broader market backdrop remained mixed, but defensive-security themes found fresh support amid persistent cyber-risk awareness.

• CyberArk Software Ltd. closed at 457.70 dollars and climbed, supported by renewed confidence in privileged-access and identity security demand, especially as enterprises increasingly prioritize identity-centric controls.

• Check Point Software Technologies Ltd. closed at 187.25 dollars and edged up modestly, buoyed by stable demand for perimeter and network-security tools as companies continue to harden networks and cloud perimeters.

• Rapid7, Inc. closed at 15.49 dollars and posted a small gain, reflecting steady interest in vulnerability-management and detection-response capabilities as organisations brace for compliance and audit cycles.

• SentinelOne, Inc. closed at 16.61 dollars and saw a stronger uptick, helped by increasing investor appetite for AI-driven endpoint detection & response — an area seen as critical in an evolving threat landscape.

• Qualys, Inc. closed at 145.81 dollars and rose notably, supported by growing demand for cloud-based vulnerability scanning, continuous monitoring, and compliance services, especially as hybrid-cloud adoption increases.

💡 Cyber Tip

📱 Google Fixes 107 Android Flaws Under Active Exploitation

Google’s December 2025 update patches 107 vulnerabilities across Android. Two Framework flaws CVE-2025-48633 and CVE-2025-48572 are already exploited in targeted attacks. Another critical flaw CVE-2025-48631 can trigger remote denial of service with no user action.

What You Should Do

• Install the latest Android security update immediately.

• Enable automatic updates on all devices.

• Avoid sideloading apps until fully patched.

• Check CISA’s KEV list to track actively exploited flaws.

Why This Matters
Active exploitation means attackers are already using these flaws. Updating your device is the fastest and most effective way to block these threats.

Visit Book Club

📚 Cyber Book

Cybersecurity Essentials by Charles J. Brooks , Christopher Grow , Philip A. Craig Jr., Donald Short

Get Book

That concludes today’s briefing . You can check the top headlines here!

Copyright © 2025 CyberMaterial. All Rights Reserved.

Follow CyberMaterial on:

Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium.