Venezuela's state-owned oil and gas company was hit by ransomware The attack shut down operating and control systems for docks, production, and refineries in the country's northern region

PdV says cyber attacks contained | Latest Market News

Venezuelan state oil firm PdV said cyber attacks on company systems that started on 13 December have been contained.

https://www.reuters.com/world/americas/venezuelas-pdvsa-says-operations-unaffected-by-cyber-attack-blames-us-2025-12-15/

Censys looked at DDoSia, an open-participation DDoS botnet managed by the NoName057 group. The botnet was taken down earlier this year and has now made a comeback. Censys says the botnet is typically managed through new command and control servers that only live for a few hours, or a few days, at max.

Censys

Investigating the Infrastructure Behind DDoSia's Attacks

DDoSia is a participatory DDoS botnet targeting Ukraine and European entities, with a resilient, multi-layered infrastructure that adapts daily to ...

-Russia uses African freelancers for anti-US and anti-French disinfo -US prepares to let contractors run cyber operations -Germany blames Russia for air traffic control agency hack -Apple patches two WebKit zero-days -Hama Film exposes everyone's photos -700Credit suffers data breach -Home Depot had a leak for a year -A game's USBs spread malware -Breach at the French Interior Ministry -South Korea to introduce breach fines Newsletter:

Risky.Biz

African freelancers behind anti-US and anti-French disinfo campaigns

In other news: US prepares to let contractors run cyber operations; Germany blames Russia for air traffic control agency hack; Apple patches two We...

Podcast:

Risky Bulletin: African freelancers behind anti-US and anti-French disinfo campaigns - Risky Business Media

Russia is hiring African freelancers for disinformation campaigns, the US is preparing to let contractors run offensive cyber operations, [Read More]

The Pope involves himself in Italy's spy scandal and asks intel officials not to respect people's privacy and not leak data and smear people with hacked data https://www.reuters.com/world/pope-tells-italian-spies-not-smear-politicians-or-journalists-2025-12-12/

The GNOME project has banned developers from including AI-generated code in its shell extensions

AI and GNOME Shell Extensions – GNOME Shell Extensions

Why we have added a new rule to the EGO review guidelines. So the packages with unnecessary code that indicate they are AI-generated will be rejected.

Meta finds that the state government of the autonomous region of Gagauzia, in Moldova, has directly sponsored Kremlin propaganda in the country

Meta’s threat disruptions | Transparency Center

This list provides a deep dive into our work to detect and counter security threats on our platform, broken down by year. We will continue to updat...

Google is now tracking at least five Chinese cyber-espionage groups that are exploiting the React2Shell vulnerability for initial access. The groups are UNC6600, UNC6586, UNC6588, UNC6603, and UNC6603. This is up from two at the beginning. https://cloud.google.com/blog/topics/threat-intelligence/threat-actors-exploit-react2shell-cve-2025-55182/

A report on Weyhro C2, a new offensive toolkit advertised on underground forums. The toolkit appears to be the work of the individual behind the (now-failed) Weyhro ransomware from March this year. https://lumma-labs.com/weyhro-c2-because-ransomware-wasnt-paying-the-bills-anymore-b136fd7ef100